W3C home > Mailing lists > Public > uri@w3.org > January 2008

Re: Comments on draft-duerst-mailto-bis-04.txt, please

From: Martin Duerst <duerst@it.aoyama.ac.jp>
Date: Mon, 07 Jan 2008 20:19:22 +0900
Message-Id: <6.0.0.20.2.20080107201054.099b7b30@localhost>
To: Al Gilman <Alfred.S.Gilman@ieee.org>, John Cowan <cowan@ccil.org>
Cc: uri@w3.org, Larry Masinter <LMM@acm.org>, jwz@jwz.org

Hello Al,

Many thanks for your comments; I thought about writing an
answer to John along similar lines, but I couldn't have done
a better job than you.

The suggestion about adding a warning about visibility of
bcc information is a good one, I have done that in my
internal copy.

Here is a copy of the new paragraph, comments appreciated:

>>>>
Mailto URIs on public Web pages expose mail addresses for harvesting. This applies to all mail addresses included in the mailto URI, including the addresses in a "bcc" hvalue. Those addresses will not be sent to the recipients in the 'to' field and in the "to" and "cc" hvalues, but will still be publicly visible in the URI.
>>>>

Regards,   Martin.

At 02:39 08/01/07, Al Gilman wrote:
>At 2:36 AM -0500 6 01 2008, John Cowan wrote:
>>Martin Duerst scripsit:
>>
>>>  In particular, the current spec for mailto:, RFC 2368, contains
>>>  some advice against using a bcc field in a mailto: URI, but this
>>>  doesn't seem to be followed, and we were unable to find any reason,
>>>  so we removed it. Comments on this (both positive and negative,
>>>  if possible with reasons) would be appreciated.
>>
>>The whole point of bcc: is to keep certain recipients secret,
>>but if they are exposed in the mailto: URL, they are hardly
>>a secret any more, eh?
>
>Not really. the *main* point of a Bcc: is to get the Bcc:
>addressee(s) a copy of the information. Concealing this fact is
>secondary.
>
>It is true that the mailgram once sent does not inform the Cc:
>recipients that the Bcc: recipients have also received copies. This
>may be to curtail clutter from thoughtless use of reply-all or it may
>actually be important to conceal this information.
>
>In any case, the URL discloses the Bcc: recipients to the person
>*sending* the mail and the Bcc: recipient identities were never
>intended to be secret from the originator of the RFC-2821/22 mail
>transaction.
>
>The recipients of the Mailgram don't get a copy of the URI that
>was used to initialize the Mail-sending session.  Yes, it's on the
>Web and can most likely be discovered by a well-crafted search.
>
>There are plenty of uses for Bcc: where the identity of the
>concealed recipients is not that big a secret.
>
>It could be worth a note in "Security Considerations" that leaving
>a mailto: URI on the public Web discloses the Bcc: recipients'
>email addresses for spammer harvesting; that there is not much
>secrecy to the address once let lose in a URI in a hypertext
>document.
>
>But the URI binds those addresses to a message template, not
>a message.  The message itself does not offer a trace-back to
>the URI.  There's no Referrer in a mailgram.
>
>Al
>
>>
>>--
>>John Cowan   cowan@ccil.org    http://ccil.org/~cowan
>>The known is finite, the unknown infinite; intellectually we stand
>>on an islet in the midst of an illimitable ocean of inexplicability.
>>Our business in every generation is to reclaim a little more land,
>>to add something to the extent and the solidity of our possessions.
>>         --Thomas Henry Huxley
>


#-#-#  Martin J. Du"rst, Assoc. Professor, Aoyama Gakuin University
#-#-#  http://www.sw.it.aoyama.ac.jp       mailto:duerst@it.aoyama.ac.jp     
Received on Monday, 7 January 2008 11:20:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 13 January 2011 12:15:40 GMT