- From: Fisher Mark <FisherM@is3.indy.tce.com>
- Date: Mon, 10 Jul 95 11:41:00 PDT
- To: "'URI'" <uri@bunyip.com>
Because the mere knowledge that a string is a valid URN can useful in some
contexts, it is advisable to have mechanisms that prevent the discovery of
this fact. Any generally useful resolution service must be able to not only
refuse to resolve a URN (or URL), it must be able to avoid giving the
impression that what was handed to it was a valid URN or URL to begin with.
This gives maximum flexibility to the URN/URL "owner", as they can use very
specific names
(<urn:engulf_and_devour/1995/long_range_plan/enslave_western_world>) without
fearing that anyone with a browser can verify that such a URN/URL exists.
Unfortunately, some people still think:
Login: urn-wizard
Pass: timbl-is-god
Password incorrect
is an acceptable method for reporting authentication errors...
The very pattern of resolution requests could yield useful information to a
hostile entity. As "Even databases that lie can be compromised" stated
(possibly my favorite journal article title of all time :)), if you let any
information out, it is likely it can be used to discover information you
don't want to let out. Traffic analysis can even be mostly avoided (at
considerable expense of network bandwidth) by keeping a continuous encrypted
TCP/IP connection open with continuous, mostly random transmissions of data.
All security and privacy considerations for other electronic transmissions
apply to UR[NL] resolution requests.
======================================================================
Mark Fisher Thomson Consumer Electronics
fisherm@indy.tce.com Indianapolis, IN
Received on Monday, 10 July 1995 12:45:13 UTC