inline... On Tue, Jan 7, 2025 at 12:15 PM <kowa...@denic.de> wrote: > > [AN] A server MUST only copy a request parameter to a server in another > authority if it knows that server is the proper target for the information of > the query parameter, regardless of the extension. Otherwise sensitive data > may leak. > > [PK] I like the proposal from Tom. "proper target for the information" is for > me covered by "required or permitted", but to be clear it may be expanded > with "required or permitted by the specification or extension that defines > the query parameter and does not pose a risk of leakage of sensitive or > security related data".
I think the expanded text works. > > > > >> Section 4.1, paragraph 4 > > >> In general, extension authors should be mindful of situations requiring > >> clients to directly handle redirects at the RDAP layer. > > > > > I think if such dependency exist the best way would be to define link > > referrals rather than redirects. > > Isn't this section 4.2? -andy _______________________________________________ regext mailing list -- regext@ietf.org To unsubscribe send an email to regext-le...@ietf.org
