On 1/18/06, Kendall Clark <kendall@monkeyfist.com> wrote: > > On Jan 18, 2006, at 5:15 PM, Mark Baker wrote: > > > FWIW, I just offered that text as a starting point, and it probably > > goes further than it needs to from my POV. I think I'd be happy if > > you simply "linked" the choice of GET and POST to the security section > > in *some* manner. > > Well, yeah, that's a lot weaker than SHOULD'ing the link. But the WG > folks who've responded (except for Pat) don't seem to see a > connection here. I confess that I don't see it. Ah, I just read some of the responses. Dan's surprises me; "Asking a question is asking a question; whether it's a hard question or not seems orthogonal to safety." If by "safety" Dan's thinking about the absence of a change in state (which I think you mentioned was your understanding, Kendall), then I disagree, but let me try to put my position in those terms. If I asked you "What are the prime factors of this kazillion-digit integer", that's a question that would take a large amount of time and money to answer. And if it costs money to answer, then that requires your bank account be debited by that amount of money, which is a state change. Food for thought ... Mark.Received on Wednesday, 18 January 2006 22:47:56 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:14:50 GMT