Re: OVCML Tek: A Good Solution to XML Tek Insecurity

From: Scott Brown <r_dot_scott_dot_brown_at_gmail_dot_com>
Date: Mon May 02 2005 - 08:29:47 CDT

I strongly encourage OVC not to take this track.

When discussing the security considerations of any internet-enabled software
system (unlike the OVC system which, I assume, will be offline with direct
access locked down), it's vitally important to understand the components in
question. One must consider the hardware, the OS, the transmission protocol
(whether straight TCP/IP, HTTP, UDP, etc) and -- at the highest level -- the
data format (which is all XML is). All of these layers have potential
security issues, but the data format is far from the most important.

Spending time debating the security of XML is like worrying about the
"security issues" inherent in the paint on your house -- when you should be
installing an alarm system.

-- Scott

On 5/2/05, JamBoi <jamboi@yahoo.com> wrote:
>
> OVCML Tek! We use the concepts of XML to create our own "propietary"
> Markup Language, parser and API tek that is closely patterned after but
> purposely disimilar enough to XML to not be compatible with it. We use
> it from end to end in our system with each of our projects.
>

_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Tue May 31 23:17:06 2005

This archive was generated by hypermail 2.1.8 : Tue May 31 2005 - 23:17:52 CDT