On Thu, Oct 1, 2009 at 7:40 PM, Tad Glines <[email protected]> wrote:
> > On Thu, Oct 1, 2009 at 11:11 AM, Tad Glines <[email protected]> wrote: > > Another question: including the "contributor" element in the blib > > would seem to allow simple forgery (which allows for phishing). Any > > wave client should instead display as contributor the id of all > > participants for which there is a delta modifying that blip. > > In the spec it states: "Individual contributors are responsible for > adding themselves to this list. This allows for "trivial" contributors > such as annotators to voluntarily omit themselves. Absolute > contributor information may be recovered from the operation history if > required." > > Despite the extra processing required, I still think a secure client > should present history validated contributor information. An annotator > should not be able to hide from a user who wishes to know about ALL > contributors. Especially in a case where an annotation alters the > meaning of a blip through style changes (e.g. changing the font size > and color of text to cause content to not be user visible). > Right, but that's a client decision on how to display a conversation, and doesn't really impact the federation protocol, since you can reconstruct the information based on the ops you receive. -joe > > -Tad > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en -~----------~----~----~----~------~----~------~--~---
