[Standards-JIG] JEP-0071: image security considerations

Nolan Eakins sneakin at semanticgap.com
Mon Jun 5 07:21:12 UTC 2006

Hash: SHA1

Peter Saint-Andre wrote:
> Because of security concerns related to images, an implementation MAY
> choose not to show images but instead show only the 'alt' text, and MUST
> enable a human user to disable the showing of images.
> ***
> Thoughts?

Should JEPs be limited to only describing the protocol and not a
client's UI? I'm not going to check, but I would imagine that the HTML
specs don't specify that the user should be able to disable images even
though typical browsers allow that.

My opinion is that JEPs that describe protocols should only describe
protocols. I'll leave it for another discussion as to whether or not we
want to standardize UIs.

- - Nolan

- --
SemanticGap: To act as one (TM) -- http://www.semanticgap.com/
Instant awareness & messaging * Online presence design
Cross platform and agile development
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: sneakin.vcf
Type: text/x-vcard
Size: 207 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/standards/attachments/20060605/2675df54/attachment.vcf>

More information about the Standards mailing list