[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] Designating DNS discovery for non-HTTP URIs
This is one of the options (see my reply to Peter). But it has to be "Add DNS record to authorize" and not "Add DNS record to forbid". The real problem is that an eager HTTP admin will be able to hijack an organization identity services or other sensitive discovery-based data without anyone having any control over it. In most companies, there is a clear separation between the postmaster and webmaster and we need to make sure not to introduce security issues.
EHL
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]