- From: Dan Connolly <connolly@w3.org>
- Date: Mon, 08 Feb 2010 09:32:55 -0600
- To: ashok.malhotra@oracle.com
- Cc: Larry Masinter <masinter@adobe.com>, Jonathan Rees <jar@creativecommons.org>, Tyler Close <tyler.close@gmail.com>, "www-tag@w3.org" <www-tag@w3.org>, "Mark S. Miller" <erights@google.com>
On Sun, 2010-02-07 at 14:50 -0800, ashok malhotra wrote: > Hi Larry: > This is useful. > Non-public URIs provide a weak level of security that is held to be > adequate for some usecases. > I wonder if there is disagreement with the above statement. I disagree. The unguessable URI pattern can be made about as secure as you like; in particular, as secure or more secure than passwords+cookies. -- Dan Connolly, W3C http://www.w3.org/People/Connolly/ gpg D3C2 887B 0F92 6005 C541 0875 0F91 96DE 6E52 C29E
Received on Monday, 8 February 2010 15:32:57 UTC