On 29 March 2016 at 08:04, Bill Frantz <[email protected]> wrote: >> surely there are very sensitive things in urls, > > > A number of URLs include an authorization token which authorizes access to a > resource. This token is frequently a long "unguessable" number. It must be > kept secret. I think DropBox URLs are one example.
The risk to the secrecy of that sort of data is limited. The primary risk is in the traffic analysis that might be performed as a result of replaying. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
