W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: Treating paths and queries differently, was: Fwd: New Version Notification for draft-nottingham-http-proxy-problem-01.txt

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Tue, 15 Jul 2014 15:55:24 +0000
To: Julian Reschke <julian.reschke@gmx.de>
cc: Eric Rescorla <ekr@rtfm.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <32216.1405439724@critter.freebsd.dk>
In message <53C5341B.8090405@gmx.de>, Julian Reschke writes:
>On 2014-07-15 15:42, Eric Rescorla wrote:

>> Mark can of course do as he likes with his document, but I would
>> not support adding this text to a WG document as I do not believe
>> that it is accurate.
>>
>> It is quite common to have sensitive information in the path part of
>> URLs (for instance, Amazon item numbers appear here), and in
>> many cases, this is the only sensitive information required to
>> reconstruct the user's browsing history. I don't consider this to
>> be "very little actual privacy" loss.
>>
>> -Ekr
>
>Agreed. We shouldn't rely on a perceived difference that neither is 
>backed up by the specs, nor is there in practice.

You're welcome to your uncompromising attitudes with respect to
privacy, but people with more nuance in their lives will recognize
that this may be the shilling we have to pay the king, if we want
to hold on to the pound.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Tuesday, 15 July 2014 15:55:47 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:09 UTC