- From: Zoltan Kis via GitHub <sysbot+gh@w3.org>
- Date: Thu, 12 Sep 2019 14:59:09 +0000
- To: public-web-nfc@w3.org
Right, when we write the domain it's a convenience feature to apps, but not a security feature. Once implementations write a tag, there is no guarantee some other NFC app will not read the tag and overwrite the data with whatever they please. We could write fully qualified domains, yes. NDEF allows abbreviations in URI records that are described in the NDEF URI spec, but that should be internal optimization to NFC - our spec could impose the constraint that Web NFC apps should write and get fully qualified URLs (but implementations could abbreviate them according to the NDEF spec). This would simplify the Web NFC spec since all the tricks become encapsulated by implementations and our algo's would not need to refer to tables defined in the NDEF spec. -- GitHub Notification of comment by zolkis Please view or discuss this issue at https://github.com/w3c/web-nfc/issues/331#issuecomment-530866224 using your GitHub account
Received on Thursday, 12 September 2019 14:59:10 UTC