“The XML Web dreams of a world where machines can read
information readily from the web. That information might be
static or dynamically generated, and is referenced by a URI. This
lets programs grab information using standardized protocols…”
“Sadly, there are some real problems with this dream
that threaten too the larger dream of the semantic Web.”
“The first relatively simple problem with the XML Web is the
unpredictability introduced by XML’s tools for referencing external
resources, making it difficult to predict when and even if those
resources will arrive.”
“… into more dangerous waters, Megginson noted how much the
XML community trusts each other: “I take code from James Clark and
Tim Bray and run it-sometimes even with ‘root’ privileges. That’s
bone-head stupid! Because we’re all friends, we feel pretty good
for now.” The audience response made it fairly clear that David
wasn’t the only doing this.
“While this kind of trust is appropriate to business
transactions in prearranged and typically secure relationships,
there’s a problem as soon as those transactions are generalized and
begin to rely on shared resources.”
“In the earliest phase of attacks, Megginson described ways to
use cascading style sheets to vandalize sites which depend on
them.”