Skip to content

RFC: Add privacy and durability guidance for conversation links #26

Open
Open
RFC: Add privacy and durability guidance for conversation links#26
@jonathansantilli

Description

@jonathansantilli
jonathansantilli
opened on Feb 20, 2026

conversation.url and related.url are useful but can be ephemeral, access-controlled, and sensitive.

Problem

Without guidance, implementations may assume links are durable/public or store artifacts containing secrets.

Proposal

Add a non-normative guidance section:

  1. Treat links as potentially non-durable and authentication-dependent.
  2. Treat linked prompts/tool outputs as potentially sensitive.
  3. Recommend redaction and secret scanning before persistence/public sharing.
  4. Recommend durable artifact links when long-term auditability is required.

Why This Should Be Added

  1. Improves safety and operational realism.
  2. Helps consumers interpret missing/expired links correctly.
  3. Keeps schema unchanged while improving practical interoperability.

Compatibility

Documentation-only clarification; no schema break.

Scope

This is guidance for handling existing URL fields. It does not standardize authentication or access-control protocols.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions