We took the view that, with few exceptions, if you own example.com, you
have complete control over example.example.com too.
It means that, in the POWDER world, you could publish a description of
"com" - i.e. everything on .com. It may be pretty meaningless, but,
well, when did language stop people saying meaningless things? :-)
It's tempting to try and add restrictions such as requiring at least a
2nd level domain. This might have the desired effect for .com, .org etc,
but falls down in places where third level domains are the norm (.co.uk,
.com.au, .com.cn etc.)
Phil
Jonas Sicking wrote:
Jonas Sicking wrote:
Anne van Kesteren wrote:
On Mon, 23 Jul 2007 20:29:42 +0200, Jonas Sicking <[EMAIL PROTECTED]>
wrote:
OK, forget the ? notation. Your examples are very clear and we
seem in full alignment that <foo.com> includes sub domains but
<*.foo.com> wouldn't include foo.com itself.
Sounds great. What do other people think of switching to this
syntax? The difference from the current spec would be to change
The only slightly confusing thing is that <http://foo.com> also
matches <http://bar.foo.com> but I suppose that's ok.
Yeah, I agree, but given all other alternatives I think this is
better. If for example someone does
CAC: allow <*> exclude <http://evil.com>
is most likely useless since the owners of very.evil.com are the same
ones as evil.com. So it's not unlikely that the rule can be easily
circumvented.
It's not ideal, but it's the least bad suggestion yet IMHO.
Sorry if the above is confusing. What I meant was that the above bad
scenario can happen unless we let http://evil.com match all subdomains
as well.
/ Jonas
