I take it you ment the rc_id (recentchanges table) and log_id (logevents table) fields in your other email.

The only security issue with exposing IDs I can think of is to be able to detect when some event (row) has been added by looking at two subsequent events and seeing a missing number. Unfortunatelly this is already exposed for page ids, so I really see no reason to protect it (unless Brion says otherwise :)).

I don't think most people will need it, so it will be an optional ...prop=ids value to show them.

Out of curiosity, how do you plan to usem them?

--Yuri

On 7/10/07, Jean-Lou Dupont jeanlou.dupont@gmail.com wrote:

 Would it be possible to add all the properties to queries?

Of course, there are some security issues but what if there is a configuration parameter to gate this? and what about only allowing certain properties to be queried by a user within a specific group?

jld.