Makes sense. It's just a bit of a pity that we have to choose an non-intuitive name to get the defaults the right way round.
Martin 2009/6/16 [email protected] <[email protected]>: > > On Jun 16, 2:48 pm, Martin Budden <[email protected]> wrote: >> a (perhaps) stupid question > > I thought we all agreed a long time ago that there are no stupid > questions? > >> Why do you call the policy constraint "accept"? You call the >> constraint "accept", and validate if it is not set. >> >> Why not call the policy constraint "validate", and only validate when it is >> set? > > Basically because: > > * We are theoretically able to enumerate those users for who we think > content should be _accept_ without validation. Martin and Chris get > their content through without change, everyone else (the infinite list > of everyone else) gets their content validated. Or ANY user which is > authenticated gets their content through without validation, the > infinite unknowable everyone else does not. > > * Where we can enumerate both those users that don't need validation, > and those that do, it is presumed safer to whitelist rather than > blacklist, as with blacklisting, the risk from making a mistake in the > list is higher: damage is done to content. If I fail to include Martin > in the whitelist, the only thing that happens is that Martin can't do > what he wants to do, but the integrity of the system is maintained. > > That make sense? > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TiddlyWikiDev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/TiddlyWikiDev?hl=en -~----------~----~----~----~------~----~------~--~---
