[Standards-JIG] JEP-0071: image security considerations
stpeter at jabber.org
Mon Jun 5 15:08:12 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Nolan Eakins wrote:
> Peter Saint-Andre wrote:
>>> Because of security concerns related to images, an implementation MAY
>>> choose not to show images but instead show only the 'alt' text, and MUST
>>> enable a human user to disable the showing of images.
> Should JEPs be limited to only describing the protocol and not a
> client's UI? I'm not going to check, but I would imagine that the HTML
> specs don't specify that the user should be able to disable images even
> though typical browsers allow that.
> My opinion is that JEPs that describe protocols should only describe
> protocols. I'll leave it for another discussion as to whether or not we
> want to standardize UIs.
The fact that the W3C's HTML/XHTML specifications contain weak security
consideration sections is no reason for the JSF's specifications to be
written in that way.
Jabber Software Foundation
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards