W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 1999

Re: Integrity of bindings

From: Geoffrey M. Clemm <gclemm@tantalum.atria.com>
Date: Fri, 7 May 1999 09:51:45 -0400
Message-Id: <9905071351.AA08543@tantalum>
To: JSlein@crt.xerox.com
Cc: JSlein@crt.xerox.com, w3c-dist-auth@w3.org
   From: "Slein, Judith A" <JSlein@crt.xerox.com>

   > From: Geoffrey M. Clemm [mailto:gclemm@tantalum.atria.com]
   > 
   > I believe it is important that if a server can't guarantee binding
   > semantics, it MUST fail the BIND request.  I expect few servers will
   > be able to support cross-server bindings, and therefore clients should
   > expect attempts to create cross-server bindings to fail.  If a client
   > wants to allow dangling references, it should use a redirect
   > reference, not a binding.

   I think the question Chuck was trying to raise was whether the semantics we
   specify do actually require servers to guarantee the integrity of bindings.
   Although the overview implies that this is so, I think he is right that the
   semantics do not require it.

The semantics I (vigorously :-) advocate do require it.

   The most likely place where broken bindings could occur is cross-server
   bindings.  We don't forbid them.  Nor do we forbid cross-server MOVEs; in
   fact, we proposed to talk explicitly about cross-server MOVEs in an
   implementation note.

We don't forbid cross-server bindings because there actually are ways to
implement them if the servers are willing to cooperate.  We certainly don't
forbid cross-server MOVE's, since a MOVE of an object with only a single
binding can fairly easily be achieved with a COPY/DELETE, without violating
binding semantics.  But neither of these statements imply that a server
can chose to violate binding semantics, irrespective of whether the binding
is cross-server or not.

If you want to create these non-bind style relationships, that's what
redirect references are for.

   For DELETEs, either of a single binding (in the case where it's the last
   binding the server knows about) or of all bindings, the server is permitted
   to do garbage collection once the last binding that it knows about is
   removed.  So if there can be any bindings the server doesn't know about,
   there is the possibility that those bindings could be broken.

Then either creating such "unknown" bindings MUST be aborted by a server,
or the DELETE MUST fail.  In particular, a server MUST fail a request to
bind to a resource on another server, unless it can guarantee that the
other server will respect the semantics of bind for that cross-server
binding.

   Similarly for MOVE in a case where the server implements it as COPY / fix up
   / DELETE.  If there are any bindings the server doesn't know about, it will
   fail to fix those up.

And similarly, either the BIND request MUST fail, or the MOVE request MUST
fail in this case.

   There might also be some same-server cases where a server might be unaware
   of some bindings to a particular resource, but I can't think how that could
   happen.

It could easily not be aware of some associations (e.g. from symbolic links
or shortcuts), but those then are by definition, not "bindings".  If an
attempt to create a binding fails, a client is always free to create a
redirect reference instead.  If the server says it has created a binding,
but won't guarantee any semantics for it, it is useless (at least for my
purposes).

Cheers,
Geoff
Received on Friday, 7 May 1999 09:51:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:49 GMT