W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2005

Re: [Ietf-caldav] [Fwd: draft-reschke-http-addmember-00]

From: Cyrus Daboo <daboo@isamet.com>
Date: Thu, 17 Feb 2005 17:03:53 +0000
To: Jamie Lokier <jamie@shareable.org>, Julian Reschke <julian.reschke@gmx.de>
cc: Mark Baker <distobj@acm.org>, "Roy T. Fielding" <fielding@gbiv.com>, WebDAV <w3c-dist-auth@w3.org>, HTTP Working Group <ietf-http-wg@w3.org>, CalDAV DevList <ietf-caldav@osafoundation.org>
Message-ID: <788C984DF503C81DC332E7DB@ninevah.cyrusoft.com>




Hi Jamie,

--On February 17, 2005 4:41:42 PM +0000 Jamie Lokier <jamie@shareable.org> 
wrote:

>> No, it would be the container resource itself. For CalDav, the calendar
>> collection; for Atompub, the feed resource itself.
>
> Why can't you POST to the container resource?
>
> That's what POST is for, after all.

The WebDAV rfc has the following statement in it in Section 5.3 as a 
justification for creating a new method (MKCOL in this case) rather than 
using a special POST operation:

>    While the POST method is sufficiently open-ended that a "create a
>    collection" POST command could be constructed, this is undesirable
>    because it would be difficult to separate access control for
>    collection creation from other uses of POST.

Wouldn't the same issue be relevant here?

Interestingly the current WebDAV ACL document does not appear to mention 
POST at all - even in the 'Normative' Method Privilege Table in Appendix B. 
Is there a reason for that?

Whatever solution we come up with it ideally needs to work seamlessly with 
WebDAV ACL.

-- 
Cyrus Daboo
Received on Thursday, 17 February 2005 17:06:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:39 GMT