W3C home > Mailing lists > Public > www-tag@w3.org > November 2006

Re: "The use of Metadata in URIs" and UK law

From: Henry Story <henry.story@bblfish.net>
Date: Wed, 8 Nov 2006 18:30:15 +0100
Message-Id: <F2470365-F6B1-4154-8B3A-9D73F1B98D2C@bblfish.net>
Cc: www-tag@w3.org
To: Ed Davies <edavies@nildram.co.uk>

On 8 Nov 2006, at 14:20, Ed Davies wrote:

> Section 2.2 of The use of Metadata in URIs
>    http://www.w3.org/2001/tag/doc/metaDataInURI-31-20061107.html
> incites the manipulation of URLs to obtain access to resources
> which has not been specifically authorized.  In the UK such
> access would be a contravention of the Computer Misuse Act
> 1990.  I know it's idiotic, but there's case law to support
> it.  Google for Daniel Cuthbert for a relevant case.

To me, unauthorised resources should be protected by Access control  
mechanism, not by the shape of the url.

I suppose case law can be shown to be wrong too.

> Questions:
> 1. Should this TAG finding note this point?
> 2. Can a TAG finding define or change the meaning of a URL,
>     an HTTP access or other protocol element in such a way
>     as to change the interpretation of the law in a country?
> 3. Should a TAG finding define...?
> This is all rather silly but if the TAG can word this document
> in a way that makes it clear that not only is it true that:
>> Still, the ability to explore the Web informally and  
>> experimentally is very valuable, and Web users act on such guesses  
>> about URIs all the time.
> but also that it is an implicit part of running a web server
> to accept that such experimentation is legitimate then they'd
> be doing all of us a favour.
> Regards,
> Ed Davies.
Received on Wednesday, 8 November 2006 17:30:36 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:56:14 UTC