W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 1999

RE: Globally unique tokens. Was: One lock per resource per person?

From: <ccjason@us.ibm.com>
Date: Tue, 19 Oct 1999 14:32:08 -0400
To: bill@carpenter.ORG (WJCarpenter)
cc: w3c-dist-auth@w3.org
Message-ID: <8525680F.00657393.00@D51MTA03.pok.ibm.com>

ccjason> So you are suggesting that they don't need to be *globally*
ccjason> unique as long as they are unique within the cluster?

wjc>  No, actually.  I'm still saying unique-within-resource.  (My only
wjc>  caveat is that it's kind of vague to me what this cluster example is
wjc>  all about, so I've interpreted it to support what I'm saying. :-)  If
wjc>  there are multiple hands in the cookie jar for the same resource, they
wjc>  just need a private agreement that will keep them from reaching for
wjc>  the same cookie.

Bill, I can't speak for JimW's meaning of a cluster, but let me give
you another interpretation...

First... I assume the existance of depth locks and shared locks.
Secondly... you seem to understand that the token needs to be
   unique within the resource.

Now an example....

  LOCK /a/b/  shared depth.
  LOCK /m/n  shared
  BIND /a/b/n to the resource at /m/n

Now after the bind, the resource /a/b/n inherits an additional lock.  If both
locks used the same token, now the resource has two locks with the same token.
You've already recognized this as a bad thing.

In a server that supports cross server bindings... the domain of necessary
uniqueness extends to all servers that cooperate on bindings.

As far as being *globally* unique.  I don't have an explanation for that.
Perhaps JimW and Yaron do.  (I didn't fully understand their examples.)  But
requiring global uniqueness seems like a small price to pay.

Received on Tuesday, 19 October 1999 14:30:37 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:18 UTC