[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services-comment] clarification needed on use of data: URI in MDUI metadata?
On 29 Jan 2013, at 15:07, Tom Scavo <trscavo@gmail.com> wrote: > On Tue, Jan 29, 2013 at 10:01 AM, Ian Young <ian@iay.org.uk> wrote: >> >> If we do think that "data:" is an intended possibility, it is also probably worth highlighting that case as something that consumers of this metadata might need to handle. > > I'm pretty sure this was in fact specified in *some* version of the spec. I think the only version that matters is the published one, which I quoted from. It also has the following at line 244 in the "Security" section: > Schemes other than “https”, “http”, or “data” SHOULD NOT be used. This again supports the idea that it wasn't the intention to exclude "data:", but the earlier parts are still contradictory. -- Ian
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]