- From: Tim Berners-Lee <timbl@w3.org>
- Date: Wed, 7 Jul 2010 17:01:01 -0400
- To: nathan@webr3.org
- Cc: "www-tag@w3.org" <www-tag@w3.org>
I don't know quite what you are designing but in general it is a bad idea to use the user info part at all, especially with HTTP. That is giving auth information away to those who see the URL. It s making an architectural commitment to a particular for of identity which you might later wan to dump for something else (like email based or pub key based etc). Tim On 2010-07 -06, at 13:19, Nathan wrote: > Hi, > > A quick (perhaps stupid) question - when comparing URIs for equivalence, should the userinfo part be included in the comparison? > > The specific context / use-case I'm looking at is including a 'fingerprint' of a public key in a webid, where over time all composite parts of the URI would stay identical but the userinfo would change. > > This would require userinfo to be stripped from URIs when comparing for equivalence; thus the three following names would all be considered equivalent: > > <http://domain.tld/nathan#me> > <http://abcde@domain.tld/nathan#me> > <http://vwxyz@domain.tld/nathan#me> > > Thanks for any clarification, > > Nathan > >
Received on Wednesday, 7 July 2010 21:01:03 UTC