W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2010

Re: UMP / CORS: Implementor Interest

From: Mark S. Miller <erights@google.com>
Date: Wed, 21 Apr 2010 19:09:14 -0700
Message-ID: <r2r4d2fac901004211909pff820de8gb9d1f02fe1ae04dd@mail.gmail.com>
To: Maciej Stachowiak <mjs@apple.com>
Cc: Anne van Kesteren <annevk@opera.com>, Jonas Sicking <jonas@sicking.cc>, "public-webapps@w3.org" <public-webapps@w3.org>
On Wed, Apr 21, 2010 at 6:45 PM, Maciej Stachowiak <mjs@apple.com> wrote:

> On Apr 21, 2010, at 6:23 PM, Mark S. Miller wrote:
> On Wed, Apr 21, 2010 at 12:24 PM, Maciej Stachowiak <mjs@apple.com> wrote:
>> I agree that "Anonymous" or "Anon" is more clear as to the purpose than
>> "Uniform".
> In the same say this email is anonymous. Sure, I say it is from MarkM, but
> my browser doesn't add any identifying info that you can see. Even if I
> included MarkM's PGP signature, by your criteria, it would still be
> anonymous.
> Your mail client automatically adds identifying info, as do any mail relays
> in the delivery path. If that were not the case, I would think it's fair to
> say the message is sent anonymously based on the envelope being anynymous.
> That's so even if the message contents include a claim or proof of your
> identity.

Ok, so a request is non-anonymous if the identifying information is added by
at least:
1) a browser (cookies, etc)
2) a mail client
3) any mail relays in the delivery path.

What other software counts? Why does PGP not count? If the mail client in
question is JavaScript running in a web page sending a uniform message, is
it still non-anonymous?

>> I understand why UMP uses that term but I don't think it will be obvious
>> to authors reading code.
> "XML" is also a misnomer. And "Http" is confusing as well, since these
> requests can (and should) generally be carried over https. At least we agree
> on "Request" ;).
> I agree, but (a) that ship has sailed; and (b) dropping those from the name
> only in the anonymous/uniform/whatever version would probably be more
> confusing than helpful, at least if the API ends up being roughly similar.
> XMLHttpRequest has brand value, and it's worth building on author awareness
> even if the X and the H are more historical than meaningful at this point.

Funny, I don't recall anyone objecting that the proposed JSONRequest should
have been called JSONXmlHttpRequest. I also don't recall anyone suggesting
that Microsoft rename XDomainRequest to XDomainXmlHttpRequest. Surely the
same argument holds for these?

> Cheers,
> Maciej

Received on Thursday, 22 April 2010 02:09:44 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:24 UTC