The reliance on Content-type
David Recordon
david at sixapart.com
Mon Nov 14 13:54:40 PST 2005
I really do think it is a principal that overrides everything else in
relation to URL based digital identity schemes. We assume a server is
setup so access to a directory is the same for every file within it, but
the reality is I may one david.html and you own johannes.html and we
cannot edit each others; even though they are in the same directory. I
agree uploading a file may be slightly easier than editing your HTML
document, but the security tradeoff seems to kill the URL based model.
--David
-----Original Message-----
From: Ernst Johannes [mailto:jernst+lists.danga.com at netmesh.us]
Sent: Monday, November 14, 2005 1:28 PM
To: David Recordon
Cc: Discussion OpenID
Subject: Re: The reliance on Content-type
On Nov 14, 2005, at 12:45, David Recordon wrote:
> The issue with any of the URL based magic is that it doesn't work
> along with the concept of owning a single URL.
I agree with the statement, but I'm not certain any more that this is a
principle that overrides everything else. (as much as I like REST, ...)
For example, the case has been made that it is much simpler for Joe User
to upload an additional file to his website than it is to change his
HTML head entry or the script that runs at that URL. Based on gut feel,
this sounds right.
More information about the yadis
mailing list