W3C home > Mailing lists > Public > uri@w3.org > January 1995

Re: Predraft of a new URL scheme: mailmsg

From: Dirk Herr-Hoyman <hoymand@gate.net>
Date: Wed, 4 Jan 1995 09:14:01 -0500
Message-Id: <ab30be4604021004ae48@[]>
To: uri@bunyip.com
Cc: uri@bunyip.com
At 12:57 PM 1/4/95, Marc VanHeyningen wrote:
>> Since URLs are hardly something which the casual user might have
>>       - an overriding interest in
>>       - an appreciation of the consequences of
>>       - comprehensive knowledge of
>> I would politely suggest that this is a bad idea.  For a more in depth
>> explanation of the inadvisability of this URL scheme please see:
>> <mailmsg:president@whitehouse.gov//Death Threat/I'm gonna git you sucka>
What we are trying to address here (and I'm the person who earily proposed
a similar mailserver URL), is the ability to access resources that are ONLY
available via e-mail retrieval.  If we are to have a URL for this, then the
example given above will certainly be possible.

I don't really want to create more ways to spoof e-mail, but I also would
like to see the functionality of URL extended to e-mail retrieval.  It
looks to me that these 2 requirements are fundamentally in conflict here.

>This is, of course, a serious concern.  As Larry pointed out, similar
>concerns also exist for the gopher: URL, since it can be used to spoof
>mail messages in less obvious ways.

And there are lot's of other ways to spoof e-mail, including many POP user
agents that let you set your own return address.  E-mail, as it is
currently incarnated on the Internet, is inherently insecure.

I would like to see an e-mail retrieval URL, whill still being sensitive to
the security concerns.  But, since e-mail is already inherently insecure,
my feeling is that the increased functionlity of such a URL is more
important then preventing yet another hole.

Dirk Herr-Hoyman <hoymand@gate.net> |          I tried to contain myself
CyberBeach Publishing               |                                but
   * Internet publishing services   |                          I got out
Lake Worth, Florida, USA            |
Web: http://www.gate.net/cyberbeach.html
Phone:     +1.407.540.8309
Received on Wednesday, 4 January 1995 09:13:10 UTC

This archive was generated by hypermail 2.4.0 : Sunday, 10 October 2021 22:17:29 UTC