On Wed, Feb 11, 2009 at 6:04 PM, Breno de Medeiros <br...@google.com> wrote:
> So the proposal is for a security considerations section that describes
> attending threats and strongly hint that applications will be vulnerable if
> they do not adopt techniques to validate the results. It would  suggest the
> use of content-type headers and explain what types of threats it protects
> against, provided that it includes caveats that this technique may not be
> sufficient for some applications and as well as not necessary for others
> that use higher-assurance approaches to directly validate the results
> discovered through host-meta.

Sounds good to me.  I'm not that familiar with IETF process.  Should I
draft this section and email it to someone?

> I still do not think this is necessary because the threat model attending
> this is much broader than crossdomain.xml and applications that rely on this
> will have to understand their own security needs or be necessarily
> vulnerable. On the other hand, I will not argue against it either.

For my part, I'd rather we go further and require strict Content-Type
processing.  :)

Adam

Reply via email to