initial security considerations section. #2

loganaden · 2025-06-05T05:49:05Z

No description provided.

martinthomson · 2025-06-05T06:25:37Z

draft-it-aipref-attachment.md

+To protect against attacks against their system, implementors of aipref parsing
+and matching logic should take the following considerations into account: memory
+management, invalid characters and parsing untrusted content.



This is helpful, but I think that you can refer to the security considerations of RFC 9651 for most of this. We might also want to specifically allow for a smaller limit than RFC 9651 requires for various things. If we think that the grammar is likely to be small, having a dictionary with 1024 key/value pairs might be excessive, just as tokens of 512 bytes are higher than the ONE we admit (for values). 256 parameters might be easy if they are going to be ignored, but that's still an awful lot.

initial security considerations section.

e41cbef

loganaden requested a review from martinthomson as a code owner June 5, 2025 05:49

martinthomson reviewed Jun 5, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

initial security considerations section. #2

initial security considerations section. #2

Uh oh!

loganaden commented Jun 5, 2025

Uh oh!

martinthomson Jun 5, 2025

Uh oh!

Uh oh!

initial security considerations section. #2

Are you sure you want to change the base?

initial security considerations section. #2

Uh oh!

Conversation

loganaden commented Jun 5, 2025

Uh oh!

martinthomson Jun 5, 2025

Choose a reason for hiding this comment

Uh oh!

Uh oh!