Re: Computer Misuse Act breaks WebArch (ws Re: Section 5.4.2 of RFC 3986 not actually 'legal' syntax_) from Norman Walsh on 2005-10-17 (www-tag@w3.org from October 2005)

From: Norman Walsh <Norman.Walsh@Sun.COM>
Date: Mon, 17 Oct 2005 11:48:55 -0400
To: www-tag@w3.org
Message-id: <87wtkcf8k8.fsf@nwalsh.com>

/ Dan Connolly <connolly@w3.org> was heard to say:
| On Thu, 2005-10-13 at 11:40 +0100, Henry S. Thompson wrote:
[...]
|> The issue for the TAG is surely that exploratory modifications of URIs
|> are in a sense _invited_ by their very nature, and thus should never be
|> describable as unauthorized -- by publishing
|> http://www.example.com/a/b/c, I implicitly publish all
|> path-transformed versions of that URL, don't I?
|
| No, I don't think so.

I do. And I'll go a step further, I think running an HTTP server
explicitly grants the public permission to attempt to GET any and
every URI that could possibly exist.

| But look at your server logs, and you'll find tons of bots trying
| to exploit well-known server bugs. That's clearly anti-social
| behaviour, and I'm somewhat sympathetic to efforts to outlaw it.

I'm not[*]. As Tyler Close suggests later in this thread, it appears
that, in the UK at least, following links on this page

  http://lists.w3.org/Archives/Public/www-tag/2005Oct/0020.html

exposes you to risk of criminal prosecution.

It is no longer safe (in a very literal sense) to surf the web in
the UK.

|> Danny, Rigo, is there a point here the W3C or the TAG should try to
|> address?

We commented on deep linking, I think we should surely comment on
this.

                                        Be seeing you,
                                          norm

[*] I might be, if legislation was formulated in such a way that it
was only going to net the antisocial creeps, but there's nothing
antisocial about attempting a GET on a URI and getting a 404.
-- 
Norman.Walsh@Sun.COM / XML Standards Architect / Sun Microsystems, Inc.
NOTICE: This email message is for the sole use of the intended
recipient(s) and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution is prohibited.
If you are not the intended recipient, please contact the sender by
reply email and destroy all copies of the original message.

Received on Monday, 17 October 2005 15:49:10 UTC