Carl Meyer wrote: > An XML parser that follows the XML standard is never safe to expose to > untrusted input. Does the XML standard really mandate that a conforming parser must blindly download any DTD URL given to it from the real live internet? Somehow I doubt that. -- Greg