W3C home > Mailing lists > Public > uri@w3.org > January 1995

Re: Predraft of a new URL scheme: mailmsg

From: Dirk Herr-Hoyman <hoymand@gate.net>
Date: Wed, 4 Jan 1995 15:56:43 -0500
Message-Id: <ab311ed30e021004a530@[]>
To: uri@bunyip.com
At 6:41 PM 1/4/95, Larry Masinter wrote:
>While there are lots of ways for malicious individuals to spoof email,
>this opens up a new threat, which is a way that a malicious individual
>could cause someone ELSE to spoof email through their system.
>This is a *new* security consideration; it's been noted for the
>'gopher:' URL and needs to be noted for the mailto/mailmsg one.

At the risk of beating this horse to death, let me say one more time that I
very much agree that there is a security threat and it should be
documented.  However, I would hope that even though there is such a hole,
that it not preclude a possible mailserver URL that I proposed some months
ago or even the less general mailmsg proposal.

The lack of a URL to perform e-mail retrieval does seem to me more
problematic than this security hole.

Dirk Herr-Hoyman <hoymand@gate.net> |          I tried to contain myself
CyberBeach Publishing               |                                but
   * Internet publishing services   |                          I got out
Lake Worth, Florida, USA            |
Web: http://www.gate.net/cyberbeach.html
Phone:     +1.407.540.8309
Received on Wednesday, 4 January 1995 15:55:53 UTC

This archive was generated by hypermail 2.4.0 : Sunday, 10 October 2021 22:17:29 UTC