OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [xri] GCS Characters


You might want to do it for some malicious reason.

If we don't preclude it, the syntax  is valid stupid or not.

If @microsoft.com=drummond  is a subject in Microsoft's authority server that it is inferring has something to do with =Drummond then why wouldn't =drummond@microsoft.com be a subject in =Drummond's authority server hat he is inferring has something to do with the global @Microsoft.com

If we allow it someone will use it and if it can be misused someone will.

Steve's quite legitimate question is will the benefits of saying =drummond@Microsoft.com vs =drummond*(@microsoft.com) outweigh the possible social engineering dangers that are introduced.

We need a clear answer to that.  The answer may well be yes they do, but we need to consider it carefully.

John B.


On 23-Nov-08, at 3:58 PM, Markus Sabadello wrote:

Why would you ever want to put a company into the context of an
individual (what does =drummond@microsoft.com mean??). To me it makes
sense only the other way round, i.e. @microsoft.com=drummond.

And something that never appears anywhere can hardly confuse people, or? :)

Markus

On Sun, Nov 23, 2008 at 7:25 PM, John Bradley <jbradley@mac.com> wrote:
I spent some time on the phone yesterday with Steve Churchill reviewing the
proposal on GCS symbols in XRI 3.0.

He reminded me that one of the original objections was allowing:
=drummond@microsoft.com
http://xri.net/=drummond@microsoft.com

This in 2.0 would be represented as:
=drummond*(@microsoft.com)
http://xri.net/=drummond*(@microsoft.com)

In removing the need for parenthesizing cross-references we run the risk of
people misconstruing direct concatenated XRI as email addresses or otherwise
trying to read the first XRI segment from right to left.

The problem is alleviated slightly by having the XRI bound to a scheme.

This is a  social engineering problem rather than a actual resolution issue.

Thoughts?

John B.





---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]