|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Jeremiah Grossman (jeremiah
whitehatsec.com)Date: Tue Oct 23 2001 - 11:02:57 CDT
At first glance it does look suspicious to me as well... now we just
gotta find out some specifics... and see where it leads and see
what there standards group prepared for.
rudi carell wrote:
> .. the whole system looks pretty dangerous
> they store too many sensitive informations within their XML-policy files! at
> least additional path-info ist disclosed ...
>
> rC
>
> >What happens to the XML P3P policy file - Does it need to validate the
> >DTD at w3c or similar ? I have seen some amuzing applications that will
> >just stop when they can't validate a DTD.
>
> securityfreefly.com
> http://www.freefly.com/security/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]