OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services-comment] clarification needed on use of data: URI in MDUI metadata?


On 29 Jan 2013, at 15:07, Tom Scavo <trscavo@gmail.com> wrote:

> On Tue, Jan 29, 2013 at 10:01 AM, Ian Young <ian@iay.org.uk> wrote:
>> 
>> If we do think that "data:" is an intended possibility, it is also probably worth highlighting that case as something that consumers of this metadata might need to handle.
> 
> I'm pretty sure this was in fact specified in *some* version of the spec.

I think the only version that matters is the published one, which I quoted from.

It also has the following at line 244 in the "Security" section:

> Schemes other than “https”, “http”, or “data” SHOULD NOT be used.


This again supports the idea that it wasn't the intention to exclude "data:", but the earlier parts are still contradictory.

	-- Ian



Attachment: smime.p7s
Description: S/MIME cryptographic signature



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]