- From: Slein, Judith A <JSlein@crt.xerox.com>
- Date: Wed, 16 Dec 1998 11:44:59 -0500
- To: "'WebDAV'" <w3c-dist-auth@w3.org>
The following requirement is currently part of the Advanced Collections Requirements draft: 3.1.19 When creating a direct reference, it is possible to request that the location of its target be hidden. There was pretty strong sentiment in Orlando for dropping this requirement. The grounds for rejecting it were: 1. This is "security through obscurity", which is generally a bad strategy for insuring security. 2. It's better just to describe the perceived risks in the security section of the draft. 3. This is really an access control issue, and should be addressed as part of access control. I'd like to confirm on the mailing list whether we want to drop this requirement. --Judy Judith A. Slein CR&T/ADSTC jslein@crt.xerox.com 8*222-5169
Received on Wednesday, 16 December 1998 11:40:13 UTC