W3C home > Mailing lists > Public > www-tag@w3.org > April 2002

Re: draft findings on Unsafe Methods (whenToUseGet-7)

From: Roy T. Fielding <fielding@apache.org>
Date: Fri, 19 Apr 2002 13:20:27 -0700
Cc: www-tag@w3.org
To: Graham Klyne <GK@NineByNine.org>
Message-Id: <E34DB594-53D2-11D6-9803-000393753936@apache.org>
>> I didn't bother to define "safe" in the HTTP spec because there already
>> exist far more definitive works in software engineering literature
>> that define the term completely.  A search for Nancy Leveson's research
>> will pick up the appropriate definition.
>
> A quick search reveals work that seems to deal with safety related to 
> fault tolerance.  I had the idea that "safe" in HTTP was a slightly 
> different idea.  Could you please provide a more specific reference, or 
> an extra keyword or two to locate the right kind of definition?

Sorry, sometimes I forget that I studied that stuff before the Web had
escaped the boundaries of CERN.  The reference is

    Leveson, Nancy G. Software safety: why, what and how,
           ACM Computing Surveys, June 1986, pages 125-163.
           <http://doi.acm.org/10.1145/7474.7528>

   `Safety here is regarded as a relative term. Although safety has been
    defined as "freedom from those conditions that can cause death, injury,
    occupational illness, or damage to or loss of equipment or property"
    [MIL-STD-882B 1984], it is generally recognized that this is 
unrealistic;
    by this definition any system that presents an element of risk is
    unsafe.  ...  Unfortunately, the question of "How safe is safe enough?"
    has no simple answer.'

HTTP does not attempt to require the results of a GET to be safe.  What
it does is require that the semantics of the operation be safe, and
therefore it is a fault of the implementation, not the interface
or the user of that interface, if anything happens as a result that
causes loss of property (money, BTW, is considered property for the
sake of this definition).

....Roy
Received on Friday, 19 April 2002 16:21:12 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:47:06 GMT