Re: Identifying the Resource Associated with a Representation?

Yes, but really you're just looking for a definition of Content-Location; see
  http://tools.ietf.org/html/draft-ietf-httpbis-p3-payload-12#section-6.7

Cheers,


On 09/11/2010, at 11:48 PM, Mike Kelly wrote:

> Ok, thanks for clarifying.
> 
> Regardless - it does sound here as though a 200 with C-L response to a
> GET should be considered to have rule 4 applied. Correct?
> 
> Cheers,
> Mike
> 
> On Tue, Nov 9, 2010 at 11:38 AM, Mark Nottingham <mnot@mnot.net> wrote:
>> It's a matter of degrees; the worst that can happen with invalidation is that there will be a cache miss. If a cache were to use C-L to satisfy future requests at that URL, it would allow cache poisoning.
>> 
>> Cheers,
>> 
>> 
>> On 09/11/2010, at 10:18 PM, Mike Kelly wrote:
>> 
>>> Ok - how does that leave the cache invalidation rule for C-L and
>>> Location? Do the same concerns over trust not apply?
>>> 
>>> Cheers,
>>> Mike
>>> 
>>> On Tue, Nov 9, 2010 at 1:22 AM, Mark Nottingham <mnot@mnot.net> wrote:
>>>> 
>>>> On 08/11/2010, at 3:33 AM, Mike Kelly wrote:
>>>>> 
>>>>> Out of interest; has anyone explored the possibility of a specific
>>>>> cache-control directive that could indicate that the cache conditions
>>>>> apply to the Content-Location URI?
>>>> 
>>>> 
>>>> The problem is one of trust; if you own http://example.com/~mike/a and I own http://example.com/~mark/b, you don't want my responses making asserting things about yours.
>>>> 
>>>> What's interesting is that there's talk in a few different places (mostly security communities, e.g., WEBSEC and the W3C) about policy frameworks; this may provide something to hang these sorts of semantics off of as well.
>>>> 
>>>> Cheers,
>>>> 
>>>> --
>>>> Mark Nottingham   http://www.mnot.net/
>>>> 
>>>> 
>>>> 
>>>> 
>> 
>> --
>> Mark Nottingham   http://www.mnot.net/
>> 
>> 
>> 
>> 

--
Mark Nottingham   http://www.mnot.net/

Received on Tuesday, 9 November 2010 23:07:13 UTC