Re: [fw-wiz] Dark Reading: Firewalls Ready for Evolutionary Shift

On Mon, Dec 10, 2007 at 12:37:25PM -0500, Dave Piscitello wrote:

what you need to be able to do is to enforce valid HTTP,

This would indeed be a positive step but:

What is "valid HTTP"?
Who defines it (not being naive here but it does not seem that W3C is
the answer when tens of millions of browsers will do HTTP according to
what the vendor releases, which becomes de facto "valid").

Yes, it is mostly w3c, i'd even say some "safe subset" of what w3c
permits us to do. Though we need a lot of heurisitcs to figure out
how to fix broken implementations in transit.

firewall-wizards mailing list