Re: [w3ctag/design-reviews] updated URI syntax for IPv6 link-local zone identifiers (Issue #774)

Hi, we discussed the issue again during our last teleconference.
The issue of malicious discovery is still there as it won't start with a brute-force attack, but more on probable zone names (especially if it involves interface names).
Also the use of `%` as a delimiter is still seen as problematic as it is the escape delimiter and can lead to exploit of existing parsers that are not careful about when to apply unescaping.
The lack of implementation support in browsers is another source of concern, it would be good also to get agreement within IETF, especially with the group in charge of maintenance of rfc3986.
Thanks


-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/774#issuecomment-1326433378
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/774/1326433378@github.com>

Received on Thursday, 24 November 2022 13:10:47 UTC