> On 7 Jan 2020, at 9:36 am, Yakov Shafranovich <yakov@xxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote: > > On Mon, Jan 6, 2020 at 12:27 AM Mark Nottingham <mnot@xxxxxxxx> wrote: >> >> * Section 3.1 can be read to allow security.txt to appear on HTTP servers in arbitrary locations. Is that the intent? > > Are you referring to the ability to place the file within file systems? I'm referring to: > # This file applies to the /example/folder1 directory and subfolders. > /example/folder1/security.txt A casual reader might interpret that as applying to URIs. Cheers, -- Mark Nottingham https://www.mnot.net/ -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
