W3C home > Mailing lists > Public > public-lod@w3.org > July 2009

Re: URI Instability as a Goal

From: David Wood <david@zepheira.com>
Date: Thu, 16 Jul 2009 11:12:42 -0400
Cc: Reilly Hayes <rfh@metaweb.com>, public-lod <public-lod@w3.org>
Message-Id: <1E136FF7-6454-4748-A201-A635A626467E@zepheira.com>
To: Eric Hellman <openurl@gmail.com>
I must agree.  Security by obscurity is not the best approach, even  
though it appears to give some short-term benefits.  See Schneier's  
analysis [1], for discussion.  Changing URLs by algorithm is just  
another form of obscurity, which yields fragility and fails badly in  
the case where the algorithm can be uncovered.

TimBL, et al, didn't say that URIs are cool because they don't change,  
they said that URIs that don't change are cool for some very good  
reasons.

Regards,
Dave

[1]  Bruce Schneier, Secrets & Lies; Digital Security in a Networked  
World, Wiley Computer Publishing, 2000, pp. 344.


On Jul 16, 2009, at 9:26 AM, Eric Hellman wrote:

> The suggestion in this so-called security brief is not even secure.
>
> On Jul 15, 2009, at 2:24 PM, Reilly Hayes wrote:
>
>>
>> http://msdn.microsoft.com/en-us/magazine/dd458793.aspx
>
> Eric Hellman
> President, Gluejar, Inc.
> 41 Watchung Plaza, #132
> Montclair, NJ 07042
> USA
>
> eric@hellman.net
> http://go-to-hellman.blogspot.com/
>
>
>


Received on Thursday, 16 July 2009 15:13:19 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:29:44 UTC