Robert Sayre wrote:
-1. Covers HTML in too much detail, though it's still inadequate coverage. This is isn't our problem. I blame the W3C :)
I'm +1 on the pace, particularly now that the prescriptive text has been removed.
It seems to me that we have an obligation to either (1) disallow HTML, or (2) mitigate allowing HTML by providing a security section such as this one.
If (2) can be solved by reference, then that clearly would be preferred. But to date, no such reference has been found.
- Sam Ruby
