Bill de h�ra wrote:
> What will prevent people overwriting the atom:[EMAIL PROTECTED]'self'] links
> as well as the id?
Now you see why Graham Park's proposal is a "compromise." It
improves things but doesn't provide a definitive solution to all cases. It
means a great deal more processing for us, but at least allows us to defend
against this form of attack.
Certainly, people could rewrite the links and certainly they will if
we modify the existing constraint to require it. However, I expect that at
PubSub, we'll insist on verifying the existence the entry in the reputed
source before we publish any entry with an atom:[EMAIL PROTECTED]'self'] link
that we haven't generated ourselves. (We will insert atom:source into
*every* entry we publish to ensure that attribution is properly provided.)
Alternatively, we'll insist on the entry being signed with a key which is
known to be associated with the claimed source feed. (We're still working on
the mechanisms by which keys would be associated with blogs.) I haven't yet
decided what to do in the case where we can't confirm that the entry
actually comes from the claimed source or someone who is authorized to
publish in the claimed source. We may publish the suspect entry with a new
id or we may simply discard the suspect entry. What do you suggest?
Any ideas you may have for handling these cases would be
appreciated.
bob wyman
