W3C home > Mailing lists > Public > public-webapi@w3.org > May 2006

Re: Extension HTTP methods

From: Anne van Kesteren <annevk@opera.com>
Date: Sun, 14 May 2006 14:35:02 +0200
To: "Jim Ley" <jim@jibbering.com>
Cc: "Web APIs WG (public)" <public-webapi@w3.org>
Message-ID: <op.s9jjwoyl64w2qv@id-c0020.oslo.opera.com>

On Sun, 14 May 2006 14:30:28 +0200, Jim Ley <jim@jibbering.com> wrote:
> Sure, but if the groups aim is to work in public, then it needs to work  
> in public, ie provide the motivations for the decisions, and not just  
> the decisions, otherwise exactly what happens here happens and all we  
> get is discussion on the public list that exactly reflects the existing  
> discussions already had at a f2f or in a telcon etc. Which wastes  
> everyones time.  Just reporting decisions is unhelpful, especially when  
> they reverse previous public decisions of the group.

I agree. I guess there's some delay at some point in the process.


>> What was raised against that is that  it hurts adoption of new HTTP  
>> methods. That's true for all other types of  APIs as well though.  
>> Internet Explorer 7 as opposed to Internet Explorer 6  uses a whitelist  
>> and other browsers vendors are planning to do the same  thing. The  
>> whitelist would contain all "safe methods" currently spreaded  over  
>> various RFCs.
>
> I assume the whitelist is a SHOULD requirement - a MUST requirement  
> would be absolutely wrong as it prevents user agents from denying them  
> for security reasons.

That's something else we resolved. All security related "requirements" are  
going to be SHOULDs so you can ignore them if you have good reasons.  
Please let me know if you find a place in the specification where this is  
not the case.


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
Received on Sunday, 14 May 2006 12:35:12 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:55 GMT