- From: Paul Burchard <burchard@cs.princeton.edu>
- Date: Thu, 9 May 96 02:17:10 -0400
- To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
[continued from a private discussion of the security implications of the automatic retry in multi-phase POST...] Jeffrey Mogul <mogul@pa.dec.com> writes: > The problem is that if you insist on perfect > failure-atomicity, you need an end-to-end "commit" mechanism. [...] > HTTP operates at least one level too low for that Yes, that's what is troubling me. For that reason, I don't think HTTP agents should make any *automatic* retry decisions for POST, a method which can initiate arbitrary state changes. You are really inventing a completely new method, with dramatically different semantics. Call the new method something else (maybe REPOST?), and let it compete side-by-side with POST. In constrast, retry makes much more sense for a method like PUT, which is in principle idempotent. > You should also note that the two-phase mechanism is > entirely at the option of the server. But at great cost in performance (compared to HTTP/1.0). If a full wait is the only way to get standard POST semantics in HTTP/1.1, then my objections re the previous multi-phase draft still stand. -------------------------------------------------------------------- Paul Burchard <burchard@cs.princeton.edu> ``I'm still learning how to count backwards from infinity...'' --------------------------------------------------------------------
Received on Wednesday, 8 May 1996 23:27:20 UTC