Re: IBM DB2 XML functions file creation vulnerabilities

From: Arthur Keller <voting_at_kellers_dot_org>
Date: Mon May 02 2005 - 11:14:37 CDT

At 10:14 AM -0500 5/2/05, Marty Schrader wrote:
>Scott Brown said:
>> The IT industry took a hard look at XML years ago, asked the hard
>> questions, addressed the inherent problems that come with any
>> emerging technology and moved forward with it. We should benefit
>> from that effort.
>I'd like to add that we are missing the boat completely by arguing about XML
>"security." XML is not about databases, security, or applications. XML is a
>*transport* mechanism for data; it is about getting data from one place to
>another with little risk that the data is corrupted by the transport process
>itself. Network security, data representation, application handshaking, and
>everything else is *not* relative to the issue of XML as a data
>transport. Let's
>try to keep focused on what we're doing here, folks.

Actually, we're using XML as a data encoding language, not as a
transport mechanism.

Best regards,

Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Tue May 31 23:17:02 2005

This archive was generated by hypermail 2.1.8 : Tue May 31 2005 - 23:17:52 CDT