W3C home > Mailing lists > Public > www-tag@w3.org > June 2014

Re: Seeking Feedback on Capability URLs Draft

From: John Kemp <john@jkemp.net>
Date: Sun, 01 Jun 2014 08:36:00 -0400
Message-ID: <538B1E30.2020802@jkemp.net>
To: Anne van Kesteren <annevk@annevk.nl>
CC: Daniel Appelquist <Daniel.Appelquist@telefonica.com>, www-tag <www-tag@w3.org>
On 06/01/2014 05:56 AM, Anne van Kesteren wrote:
> On Fri, May 23, 2014 at 4:58 PM, John Kemp <john@jkemp.net> wrote:
>> I've previously thought about commenting on this document, but stopped
>> myself, mostly because I think the document strikes the wrong tone for me;
>> why does the foremost architectural body on the Web seem so against the use
>> of capability URLS, when (albeit in my opinion) they seem so much better
>> aligned with Web architecture than ACL/password approaches?
> Well, unless you're careful,

I might say the same thing about passwords. Make sure they are longer 
than 8 characters, contain mixed alphanumerics and special characters. 
Don't use the same password on multiple sites. Etc. etc. etc.

Unless you're careful.

And why do I even need an account for all of these sites?

I probably don't.

> they leak like crazy. E.g. if you include
> jQuery from Google's CDN, Google will know all your secrets. It's
> certainly a great idea, but the web needs new features in order to
> make it work (or sites need to use a lot of hacks, to the detriment of
> some of the other features of the web).

Sounds quite similar to passwords, or cookies...

- johnk

Received on Sunday, 1 June 2014 12:36:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:57:02 UTC