On Mon, Oct 3, 2011 at 1:05 PM, Paul Hoffman <paul.hoff...@vpnc.org> wrote: > On Oct 3, 2011, at 9:22 AM, Phillip Hallam-Baker wrote: > >> URLs are used in cases where hierarchy is assumed. > > I didn't see such use cases in your draft, nor in Stephen's. Maybe you'll put > them in your next proposal.
As Julian correctly pointed out, a generic URI will be used in situations where the application will (correctly) assume that anything in URI syntax that has a slash character in it will be hierarchical. Thus a URI scheme that does not intend to indicate hierarchy MUST NOT include a slash character in that part of the identifier. Plus it is essential to ensure that anything that is to fit in a URI slot is compatible with code for making entries URI-safe. A URI that contains a + character is likely to end up being mangled. This issue has already been litigated in the IETF and the result of that consensus was RFC 4648. I see no reason to re-open that discussion in case someone does not bother to test their code. -- Website: http://hallambaker.com/ _______________________________________________ websec mailing list websec@ietf.org https://www.ietf.org/mailman/listinfo/websec