Re: URI deconstructed

Karen R. Sollins (sollins@lcs.mit.edu)
Thu, 20 Jul 1995 06:23:37 -0400


Date: Thu, 20 Jul 1995 06:23:37 -0400
Message-Id: <199507201023.GAA09387@lysithea.lcs.mit.edu>
From: "Karen R. Sollins" <sollins@lcs.mit.edu>
To: masinter@parc.xerox.com
Cc: uri@bunyip.com
In-Reply-To: <95Jul20.004320pdt.2762@golden.parc.xerox.com> (message from Larry Masinter on Thu, 20 Jul 1995 00:43:18 PDT)
Subject: Re: URI deconstructed

I will say this again in the meeting this afternoon, but for those of
you not in Stockholm, I have a concern about coordination among a
multiplicity of groups.  For example, I see a gaping hole in this -
authenticity, integrity, and access control.  I do not beleve that all
the problems have been solved, so it is merely a matter of applying
existing technology, but even if that were true, or the problem were
reduced to a state where that were true, it is in no one's agenda to
do that.

I bring this up not only because the suite of security problems need
addressing, but also because they may be an example of major issues
not addressed.  I am concerned specifically about those aspects of an
architecture which should not be add-ons after the fact, but should be
part of the initial design.

I don't have a particular ax to grind, but rather want to make sure
that we don't do something that ends of useless or rejected by the
community because it has gaping holes, by focussing ourselves on a
narrow disjoined set of tasks.

			Karen