- From: James M Snell <jasnell@gmail.com>
- Date: Tue, 15 Jul 2014 10:24:54 -0700
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Eric Rescorla <ekr@rtfm.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Cutting a trail is not the same as paving it over. Let's not get ahead of ourselves. The fact is: in today's applications, there is very little (if any) real separation between the path and the query, and application developers put stuff all over the place. If you want developers to start separating those, you need to educate before you can standardize. Regarding the privacy claims specifically, there's are a ton of things someone can learn given nothing but the method and routing information. Let's not fool ourselves into thinking that even the most rudimentary activity information is somehow "safe" from disclosure. On Tue, Jul 15, 2014 at 10:08 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > In message <CABcZeBPo9NScd4bLfxJEyMWvQYn6Si0jfbsh-g3-fhcmoMW4GA@mail.gmail.com> > , Eric Rescorla writes: > >>This seems like a forward-looking statement. I'm addressing it's current >>truth value, and as I said, I believe that's not currently accurate. > > Standardization is a forward-looking activity. > > If we want to implement something like what I outlined in the future, > we should start to pave the road for it now. > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. >
Received on Tuesday, 15 July 2014 17:25:41 UTC