2016-09-25 UTC
# aaronpk 5) good question, I'm not sure yet. however, if you send this private webmention to someone who doesn't support it, the worst that happens is they fetch the source URL with no authentication and they are unable to verify the webmention. at least no data is leaked, and the sender also has a way to tell that the sender didn't support it if they notice that the URL was fetched without authentication.