[EMAIL PROTECTED] wrote: >> Do you agree that *if* your project is the only one, or part of a small >> group that not support/use link fingerprinting, that your users might >> see this as a weak point? Wouldn't that, eventually, make people >> believe that you don't care, or that your work is not so safe after all? >> Might be a risk to install? > > Why haven't they been picked up by a non-partisan standards organization > (e.g., IEEE, ISO, W3C, OASIS, etc)? Has Gerv proposed an RFC or similar > document? All I know about is http://www.gerv.net/security/link-fingerprints/
Oh, but it's that a standards body? G.E.R.V. - the General Enterprise Resource Validation at gerv.net, sometimes represented by the General Enterprise Resource Validation, Application and Security Entity (GERVASE)? Soory, couldn't hold myself ;-) Robert Kaiser _______________________________________________ Project_owners mailing list [email protected] http://mozdev.org/mailman/listinfo/project_owners
