Skip to content

Security considerations section #579

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
aphillips opened this issue Jan 4, 2024 · 1 comment
Closed

Security considerations section #579

aphillips opened this issue Jan 4, 2024 · 1 comment
Assignees
@aphillips
Labels
LDML45 LDML45 Release (Tech Preview) specification Issue affects the specification

Comments

@aphillips
Copy link
Member

In a comment on #576, @duerst noted:

I think this is all okay, except when it comes to security considerations. Somewhere in the spec, the fact that a message can contain arbitrary control characters should be clearly called out as a security issue.

This issue is to track this and other items to consider for a security considerations section of the spec, should we decide we need to create one. Add suggestions below.
@aphillips aphillips added Agenda+ Requested for upcoming teleconference specification Issue affects the specification LDML45 LDML45 Release (Tech Preview) labels Jan 4, 2024
@aphillips aphillips mentioned this issue Jan 4, 2024
Merged
@aphillips aphillips added the Action-Item Action item assigned by the WG label Jan 8, 2024
@aphillips aphillips self-assigned this Jan 8, 2024
aphillips added a commit that referenced this issue Jan 10, 2024
@aphillips
Add security considerations section
0f7e6e2 
Addresses #579 

Adds a document for appendices and populates with with Security Considerations.
I considered adding this to the front matter, but observe that most documents place these types of materials at the end.

Please suggest other considerations as needed.
@aphillips aphillips mentioned this issue Jan 10, 2024
Merged
aphillips added a commit that referenced this issue Jan 15, 2024
@aphillips
Add security considerations section (#588)
2a2c2be 
* Add security considerations section

Addresses #579 

Adds a document for appendices and populates with with Security Considerations.
I considered adding this to the front matter, but observe that most documents place these types of materials at the end.

Please suggest other considerations as needed.

* Address @duerst's comments

* Update spec/appendices.md

* Address comments

This includes an attempt at @eemeli's comment from earlier.
@aphillips aphillips removed Agenda+ Requested for upcoming teleconference Action-Item Action item assigned by the WG labels Jan 23, 2024
@aphillips
Copy link
Member Author

Fixed in #588. Use new issues to request additional security considerations.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aphillips aphillips

Labels
LDML45 LDML45 Release (Tech Preview) specification Issue affects the specification
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@aphillips