- From: Chris Newman <Chris.Newman@innosoft.com>
- Date: Wed, 02 Apr 1997 17:14:01 -0800 (PST)
- To: Larry Masinter <masinter@parc.xerox.com>
- Cc: IETF URI list <uri@bunyip.com>, ietf-url@imc.org
On Wed, 2 Apr 1997, Larry Masinter wrote: > > > ftp://ftp.ietf.org/internet-drafts/draft-fielding-url-syntax-04.txt > > Section 2.1.3 largely duplicates section 2.5. > > Section 2.2.2 has a "of of" > > I think the process in section 3 is unworkable. > > I think you were looking at a different document, since there is no section > 2.1.3, 2.2.2, and section 3 is not about process. (All of the process stuff > was removed). Those comments were referring to the process document. > > I think the ":<password>" should be removed from the default Internet > > component. Otherwise you encourage plaintext passwords (people will use > > them anyway if really necessary). > > This isn't the "default" Internet component, it is the "generic" Internet > component. And the security considerations section says: > > It is clearly unwise to use a URL that contains a password which is > intended to be secret. > > Need it say more? No. It needs to say less. Don't even bother suggesting a syntax for cleartext passwords -- it's not useful in the "generic" case.
Received on Wednesday, 2 April 1997 20:13:54 UTC