[Israel.pm] my talk for Tuesday's meeting

Yona Shlomo yona at cs.technion.ac.il
Wed Jan 31 22:39:02 PST 2007


I'll end up talking about the following topic:

 	XML processor targeted attacks

When implementing an XML processor (e.g., XSLT engine, XPath
engine, XML parser, XML Schema validator, etc.) you might
want to take XML processor targeted attacks into account,
and thus build security measures in your design and
In the talk I'll present attacks, their potential damage and
how to prevent or deal with them.
Hopefully, this will also invoke discussions with
suggestions to variations of the attacks, alternative ways
of preventing them and other security related and
implementation related issues.

I doubt if I have time to examine enough Perl-XML tools to
add a "security review" of them with respect to the topic,
so I'd appreciate the audience contributing personal
experiences with Perl modules for XML processing (and
actually any other XML processing tool).

I'd like to solicit questions on the issue, so I can relate
to them during the talk.

Duration: 60 minutes.

All those interested in the D programming language are
encouraged to either talk about it in future israel.pm

See you on Tuesday.

Shlomo Yona
yona at cs.technion.ac.il

More information about the Perl mailing list