Re: [apps-discuss] I-D Action: draft-ietf-appsawg-acct-uri-05.txt
"Markus Lanthaler" <markus.lanthaler@gmx.net> Tue, 02 July 2013 08:31 UTC
Return-Path: <markus.lanthaler@gmx.net>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5E9211E842E for <apps-discuss@ietfa.amsl.com>; Tue, 2 Jul 2013 01:31:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.15
X-Spam-Level:
X-Spam-Status: No, score=-1.15 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MSGID_MULTIPLE_AT=1.449]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QFVVpKnL5wKz for <apps-discuss@ietfa.amsl.com>; Tue, 2 Jul 2013 01:31:21 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) by ietfa.amsl.com (Postfix) with ESMTP id CB6E011E841F for <apps-discuss@ietf.org>; Tue, 2 Jul 2013 01:31:14 -0700 (PDT)
Received: from Vostro3500 ([178.115.248.36]) by mail.gmx.com (mrgmx101) with ESMTPSA (Nemesis) id 0MbsV8-1Ucwo30gNC-00JKJV for <apps-discuss@ietf.org>; Tue, 02 Jul 2013 10:31:13 +0200
From: Markus Lanthaler <markus.lanthaler@gmx.net>
To: apps-discuss@ietf.org
References: <20130617205341.15641.96770.idtracker@ietfa.amsl.com> <51BF786B.9060703@stpeter.im> <016d01ce767f$2ea45990$8bed0cb0$@lanthaler@gmx.net> <51D1C423.5000804@stpeter.im> <017801ce7686$afc9db60$0f5d9220$@lanthaler@gmx.net> <51D1D417.5040705@stpeter.im>
In-Reply-To: <51D1D417.5040705@stpeter.im>
Date: Tue, 02 Jul 2013 10:31:10 +0200
Message-ID: <00ea01ce76fe$82e660f0$88b322d0$@lanthaler>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac52jqB4m7/Hk7mcRk+JVH//q25QVwAbomKA
Content-Language: de
X-Provags-ID: V03:K0:Wp1dmCfNpozlWGGRiBRK4XP67lLPlxjVxRHUYz7w3jWy96UtAZB 9TAaaTKUN/k7prnvFR+i3io2RxUz6/2eJth6HQZfnBIjrXFw3fkNjgUzcPwCPYovH4KpuOC yYWgFWwzNqCDeI29fvAoRNezYGwYez54j1zp5+j+p9YZ1hu/8bp2Pd7E6k8E08PAe9pvUuI TAfDZrLvz/prZXH9eDfEA==
Subject: Re: [apps-discuss] I-D Action: draft-ietf-appsawg-acct-uri-05.txt
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jul 2013 08:31:26 -0000
On Monday, July 01, 2013 9:10 PM, Peter Saint-Andre wrote: > >> However, a date could be included in an API or protocol that enables > >> applications to use 'acct' URIs. Is there a reason why this would > >> need to be included in the URI itself? > > > > Sure.. but I think the date should actually be a (perhaps optional) part > > of the identifier, i.e., the acct URI. That would also make it easier to > > exchange it between various applications and protocols. > > Are you arguing that it would be easier or *safer*? Well, both I think. It would make it simpler to exchange such information in an interoperable manner and the resulting systems would be safer. > Also, it seems that your argument would apply to URIs in general (e.g., > HTTP URIs for web pages) and not just 'acct' URIs. However, we seem to That's true and AFAIK there have been efforts to do such things there as well. Now of course we can't change HTTP URIs but since acct is just about to be established we still have a chance to "fix" it there. > have ways to deal with stale/old HTTP URIs and the like. Thus I wonder > what in your mind is special about 'acct' URIs in this respect. It is specifically designed to denote a user account on some system. Consequently it is highly security sensitive. We've seen the problem with recycled email accounts that have been used for user identification. Again, email is really old and we can't change it anymore. We have, however, still the chance to improve the situation for acct and I think it would be worthwhile to do so. -- Markus Lanthaler @markuslanthaler
- [apps-discuss] I-D Action: draft-ietf-appsawg-acc… internet-drafts
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Peter Saint-Andre
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Markus Lanthaler
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Peter Saint-Andre
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Markus Lanthaler
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Peter Saint-Andre
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… DataPacRat
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Paul E. Jones
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Markus Lanthaler
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Markus Lanthaler
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Paul E. Jones
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Barry Leiba
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Markus Lanthaler
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Paul E. Jones
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Bob Wyman
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… DataPacRat
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Bob Wyman
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Graham Klyne
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Larry Masinter
- Re: [apps-discuss] I-D Action: draft-ietf-appsawg… Murray S. Kucherawy