On Fri, 27 Jan 2006, Gervase Markham wrote: > > I'd like to present to the group for comment my "Content Restrictions" > proposal. http://www.gerv.net/security/content-restrictions/
My first impression is that it is far too complex and over-engineered. The problem with security is that people don't understand the issues. We don't want to give authors too fine-grained control, because most authors will get it wrong, but be lulled into a false sense of security because they are "using Content Restrictions". Still, I'm glad someone is looking at this stuff. It's important. You may be interested (once the archives are back up, or using the other archive site) in looking at the recent discussion on sandboxing in HTML5. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'