At 11:48 AM -0400 4/27/05, Bob Wyman wrote:
I know that nobody seems to like this issue� However, I have explained on numerous occasions that the existing prohibition against duplicate ids in a feed simply cannot be supported by PubSub or any other feed aggregator. The problem is, once again, that prohibiting duplicate ids provides an easy to use attack vector for those wishing to effectively "erase" entries written by another author. (i.e. by publishing an entry with an id identical to one published earlier, one can force the earlier entry to be flushed from Atom feeds.)
Question (not a disagreement): Why wouldn't the later entry be dropped instead of the first one being flushed?
At 5:05 PM +0100 4/27/05, Bill de h�ra wrote:
What will prevent people overwriting the atom:[EMAIL PROTECTED]'self'] links as well as the id?
Seems like a good question. If someone is trying every avenue to erase an old entry, why wouldn't they try this as well?
--Paul Hoffman, Director --Internet Mail Consortium
