- From: Martin Duerst <duerst@it.aoyama.ac.jp>
- Date: Mon, 07 Jan 2008 20:19:22 +0900
- To: Al Gilman <Alfred.S.Gilman@ieee.org>, John Cowan <cowan@ccil.org>
- Cc: uri@w3.org, Larry Masinter <LMM@acm.org>, jwz@jwz.org
Hello Al, Many thanks for your comments; I thought about writing an answer to John along similar lines, but I couldn't have done a better job than you. The suggestion about adding a warning about visibility of bcc information is a good one, I have done that in my internal copy. Here is a copy of the new paragraph, comments appreciated: >>>> Mailto URIs on public Web pages expose mail addresses for harvesting. This applies to all mail addresses included in the mailto URI, including the addresses in a "bcc" hvalue. Those addresses will not be sent to the recipients in the 'to' field and in the "to" and "cc" hvalues, but will still be publicly visible in the URI. >>>> Regards, Martin. At 02:39 08/01/07, Al Gilman wrote: >At 2:36 AM -0500 6 01 2008, John Cowan wrote: >>Martin Duerst scripsit: >> >>> In particular, the current spec for mailto:, RFC 2368, contains >>> some advice against using a bcc field in a mailto: URI, but this >>> doesn't seem to be followed, and we were unable to find any reason, >>> so we removed it. Comments on this (both positive and negative, >>> if possible with reasons) would be appreciated. >> >>The whole point of bcc: is to keep certain recipients secret, >>but if they are exposed in the mailto: URL, they are hardly >>a secret any more, eh? > >Not really. the *main* point of a Bcc: is to get the Bcc: >addressee(s) a copy of the information. Concealing this fact is >secondary. > >It is true that the mailgram once sent does not inform the Cc: >recipients that the Bcc: recipients have also received copies. This >may be to curtail clutter from thoughtless use of reply-all or it may >actually be important to conceal this information. > >In any case, the URL discloses the Bcc: recipients to the person >*sending* the mail and the Bcc: recipient identities were never >intended to be secret from the originator of the RFC-2821/22 mail >transaction. > >The recipients of the Mailgram don't get a copy of the URI that >was used to initialize the Mail-sending session. Yes, it's on the >Web and can most likely be discovered by a well-crafted search. > >There are plenty of uses for Bcc: where the identity of the >concealed recipients is not that big a secret. > >It could be worth a note in "Security Considerations" that leaving >a mailto: URI on the public Web discloses the Bcc: recipients' >email addresses for spammer harvesting; that there is not much >secrecy to the address once let lose in a URI in a hypertext >document. > >But the URI binds those addresses to a message template, not >a message. The message itself does not offer a trace-back to >the URI. There's no Referrer in a mailgram. > >Al > >> >>-- >>John Cowan cowan@ccil.org http://ccil.org/~cowan >>The known is finite, the unknown infinite; intellectually we stand >>on an islet in the midst of an illimitable ocean of inexplicability. >>Our business in every generation is to reclaim a little more land, >>to add something to the extent and the solidity of our possessions. >> --Thomas Henry Huxley > #-#-# Martin J. Du"rst, Assoc. Professor, Aoyama Gakuin University #-#-# http://www.sw.it.aoyama.ac.jp mailto:duerst@it.aoyama.ac.jp
Received on Monday, 7 January 2008 11:20:41 UTC