remove normative language from Security Considerations #231
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2002,7 +2002,7 @@ <h2>Security Considerations</h2> | |
| <p>The RDF Abstract Syntax is not used directly for conveying information, | ||
| although concrete serialization forms are specifically intended to do so.</p> | ||
|
|
||
| <p>Applications can evaluate given data to infer more assertions or to dereference <a>IRIs</a>, | ||
| invoking the security considerations of the scheme for that IRI. | ||
| Note in particular, the privacy issues in [[RFC3023]] section 10 for HTTP IRIs. | ||
| Data obtained from an inaccurate or malicious data source may lead to inaccurate or misleading conclusions, | ||
|
|
@@ -2016,26 +2016,26 @@ <h2>Security Considerations</h2> | |
| security considerations will vary by domain of use. | ||
| Security tools and protocols applicable to text | ||
| (for example, PGP encryption, checksum validation, password-protected compression) | ||
| can also be used on RDF documents. | ||
| Security/privacy protocols ought to be imposed which reflect the sensitivity of the embedded information.</p> | ||
|
|
||
| <p>RDF can express data which is presented to the user, such as RDF Schema labels. | ||
| Applications rendering <a>strings</a> retrieved from untrusted RDF documents, | ||
| or using unescaped characters, | ||
| are encouraged to use warnings and other appropriate means to limit the possibility | ||
| that malignant strings might be used to mislead the reader. | ||
| The security considerations in the media type registration for XML ([[RFC3023]] section 10) | ||
| provide additional guidance around the expression of arbitrary data and markup.</p> | ||
|
|
||
| <p>RDF uses <a>IRIs</a> as term identifiers. | ||
| Applications interpreting data expressed in RDF ought to address the security issues of | ||
| [[[RFC3987]]] [[RFC3987]] Section 8, as well as | ||
| [[[RFC3986]]] [[RFC3986]] Section 7.</p> | ||
|
|
||
| <p>Multiple <a>IRIs</a> can have the same appearance. | ||
|
There was a problem hiding this comment. These last four changes are not needed and, in my opnion, are less readable than the unchanged text. There was a problem hiding this comment. (this part of the PR isn't in the "preview" or "diff") There was a problem hiding this comment. @afs — I see these four lines (2035-2038) in both Preview and Diff. Perhaps try searching for @pfps — It's easier to know what "last four changes" you're talking about if you drag-select the plus-sign from the first line of concern down to the last line of concern. This also allows for easy suggestion of changes to the source, where I would currently have to start a new thread to insert such suggestion about all 4 of these lines. |
||
| Characters in different scripts can look similar (for instance, | ||
| a Cyrillic "о" can appear similar to a Latin "o"). | ||
| A character followed by combining characters can have the same visual representation | ||
|
Comment on lines
+2035
to
+2038
There was a problem hiding this comment. I support the changes from |
||
| as another character (for example, LATIN SMALL LETTER "E" followed by COMBINING ACUTE | ||
| ACCENT has the same visual representation as LATIN SMALL LETTER "E" WITH ACUTE). | ||
| Any person or application that is writing or interpreting data in RDF | ||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.