From: Fisher Mark <FisherM@is3.indy.tce.com>
To: Masinter Larry <masinter@parc.xerox.com>
Subject: Re: URN Resolution Security and Privacy Issues
Date: Tue, 11 Jul 95 06:55:00 PDT
Message-Id: <300281AD@MSMAIL.INDY.TCE.COM>
>Should your set of security issues be folded into
>draft-ietf-uri-urn-issues-00.txt?
Yes, I think it should. (I'll need some guidance on what to do to help, as
I have never done this before!)
It would be very shortsighted of this group to not address how Internet
traffic patterns will change in the future. I can see where much data and
traffic would continue to be unencrypted and basically available to all and
sundry (the current situation). For that case, the only security
consideration might be authentication. However, there will be some subset
of traffic that is designed to be opaque to everyone but the sender and
receiver; not just military and intelligence folks, but buyers and sellers
in the upcoming electronic markets of the Internet, as well as people who,
for whatever reason, do not wish everyone to know their business. As
significant intelligence could be gleaned from examination of a URN/URL
resolution, there should be provisions made for this resolution to be
opaque.
======================================================================
Mark Fisher Thomson Consumer Electronics
fisherm@indy.tce.com Indianapolis, IN