- From: Larry Masinter <masinter@parc.xerox.com>
- Date: Mon, 10 Jul 1995 13:47:42 PDT
- To: pierre@indirect.com
- Cc: uri@bunyip.com
> Any URN registry service must be able to answer the question of whether a > URN exists in order to decide whether it can be assigned to a new object. It's clear that a URN registry service can be asked 'give me a new URN' without revealing answers to the question of 'is X a valid URN'. On the other hand, merely being able to ask 'is X a valid URN' might not reveal information if URNs contain sufficient random information to make guessing one difficult, or if URNs contain no external information like titles or dates, other than a sequence number. > If you're playing with confidential information, what is it doing on an > essentially public network, where security is basically nonexistent? This is not an assumption that any internet working group should make.
Received on Monday, 10 July 1995 16:48:30 UTC