Normative statement in Security Considerations #183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

csarven opened this issue Apr 2, 2025 · 0 comments

Labels

Member

csarven commented Apr 2, 2025

Similar issue to issue #181

The Security Considerations section is labeled as non-normative, but it includes content that uses normative terms, such as "SHOULD".

Applications rendering strings retrieved from untrusted RDF documents, or using unescaped characters, SHOULD use warnings and other appropriate means to limit the possibility that malignant strings might be used to mislead the reader.

RDF uses IRIs as term identifiers. Applications interpreting data expressed in RDF SHOULD address the security issues of Internationalized Resource Identifiers (IRIs) [RFC3987] Section 8, as well as Uniform Resource Identifier (URI): Generic Syntax [RFC3986] Section 7.

It'd be preferable to use another term instead of "SHOULD". See also #182

csarven mentioned this issue

Normative statement in Interoperability between RDF Classic and RDF Full #184

Open

pfps added the spec:editorial label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment