- From: Charles McCathieNevile <chaals@opera.com>
- Date: Thu, 26 Oct 2006 11:02:33 +1000
- To: "Carlos Iglesias" <carlos.iglesias@fundacionctic.org>, "Shadi Abou-Zahra" <shadi@w3.org>
- Cc: public-wai-ert@w3.org
On Thu, 26 Oct 2006 02:46:38 +1000, Carlos Iglesias <carlos.iglesias@fundacionctic.org> wrote: > Right now I think that there are no specially sensitive information in > the EARL core language, I'm not sure if we can consider pathnames > (adoption currently under discussion) as "sensitive enough" to be > encrypted. > > However there is some information in the "HTTP Vocabulary in RDF" that > is clearly sensitive. My first thoughts are for the "authorization" > property which contains the userid and password, specially in "Basic > Authentication" that relies just on a base64 encoded string. > > I think that exactly the same applies to "proxy-authorization" and I'm > not sure if there are other sensitive properties in the language. I think that in general we should note that some information is sensitive, and people may not provide it (this is particularly the case for the body of documents held in an intranet. I might well provide an overall survey of XHTML validity for our intranet, but I am not going to provide you with the developer' notes on particular implementation issues...) We can point to the appraoch used by foaf for mbox_sha1 to enable interoperability on sensitive data, as a possibility, but I don't think we need to work on standardising it at this stage. cheers Chaals -- Charles McCathieNevile, Opera Software: Standards Group hablo español - je parle français - jeg lærer norsk chaals@opera.com Try Opera 9 now! http://opera.com
Received on Thursday, 26 October 2006 01:03:09 UTC