Date: Fri, 20 Nov 92 21:00:54 -0800 From: email@example.com (Marc Andreessen) Message-Id: <9211210500.AA14826@wintermute.ncsa.uiuc.edu> To: firstname.lastname@example.org Subject: Annotation & asynch collaboration I've patched httpd to allow remote annotations (an enabling mechanism for asynchronous collaboration). My httpd accepts the following command: ANNOTATE /file/to/annotate?/file/of/annotation?Text describing annotation. The result of this command is that /file/to/annotate gets a single line appended to it; this line is exactly: <A HREF=/file/of/annotation>Text describing annotation.</A> <P>\n Notice: (1) '?' is used as the divider between ``keywords'', as it is with GET (for searches). I'm content with overloading '?' (since it's already known to be safe, since it's not supposed to be part of a document ID), but other people might not be. (If not '?', what?) (2) /file/of/annotation can be any file with any access type, but is normally assumed to be a file residing on the annotator's local system and under her control. (3) The new link can be arbitrarily named; it may be a good idea to have clients that implement annotation automatically prepend the annotator's full name to this field before sending it to httpd, but httpd shouldn't have to worry about this. The security mechanism for this is as follows: (1) A file to be annotated must ``pass'' the rules normally, and also: (2) A new rule ``open'' is defined; it serves the same role (and has the same syntax) as ``pass'' except it determines whether a file can be annotated; and also: (3) Since httpd is (or should be) normally run as 'nobody', the file must be writeable by 'nobody'. This implementation does not cover informing the client whether or not a file is ``open'' until an annotation is attempted. That capability should probably be addressed separately (??). I'm sending the httpd patches to Tim tonight; unless there are problems with this approach, I'd love to see it implemented, and I'll even set up the first annotatable web site... Marc  Dan will immediately notice that quotes aren't put around the HREF field above. At the moment, I'm going to run without them (since, for one thing, I need to demo this with Midaswww on Monday), but the official implementation should do the quotes.