ietf-822
[Top] [All Lists]

Re: Content-Disposition changes

1995-01-18 20:11:05
I have made a revision to the current C-D draft.  Before submitting the
full revision, I want to run the salient bits by everyone.  If these
changes are largely acceptable, I will submit a new draft.

This all sounds good to me.

(A few people have suggested that many more examples of security hazards be
included, for UNIX and for other operating systems.  I am reluctant to do
this.  I think it's hopeless to try to come up with an exhaustive catalog
of hazards for all operating systems. The more the examples in the RFC look
like such a catalog, the more people will be tempted to treat it as such.
I prefer to be clear that the RFC contains a few examples only, and is no
substitute for careful thought and design on their part.)

I concur. Several general examples along with a note saying it isn't
intended to be an exhaustive list is just the ticket.

                                Ned


<Prev in Thread] Current Thread [Next in Thread>