Re: OPTIONS issues from Koen

From: Roy T. Fielding (fielding@kiwi.ics.uci.edu)
Date: Wed, Mar 11 1998


To: Henrik Frystyk Nielsen <frystyk@w3.org>
cc: Jeffrey Mogul <mogul@pa.dec.com>, "ietf-http-ext (E-mail)" <ietf-http-ext@w3.org>
Date: Wed, 11 Mar 1998 16:25:59 -0800
From: "Roy T. Fielding" <fielding@kiwi.ics.uci.edu>
Message-ID:  <9803111626.aa27416@paris.ics.uci.edu>
Subject: Re: OPTIONS issues from Koen 

In message <3.0.5.32.19980311173541.03404710@localhost>, Henrik Frystyk Nielsen
 writes:
>At 01:12 3/5/98 -0800, Roy T. Fielding wrote:
>
>A belated comment...
>
>>Consider an encrypted encapsulation option that allows a client
>>to wrap a request such that an intermediary can't see what resource
>>is being requested (remember WRAPPED?).  If the requestor has to identify
>>the intended resource just to see if that option is supported, then
>>it defeats the purpose of hiding the later request.
>
>As the OPTIONS response can not say whether this goes for all resources or
>just a subset (this would again defeat the purpose) then the client is no
>better of than it was before it asked using the OPTIONS method.

It wouldn't have to -- this particular use of OPTIONS is not resource
dependent.  It is simply asking if the connection peer is capable of
unwrapping before handling the underlying request.  For example, the
response might include a public key for use in encrypting the later
request such that only that peer can unwrap it.

....Roy