- From: Stephanos Piperoglou <sp249@cam.ac.uk>
- Date: Fri, 10 Apr 1998 17:09:26 +0100 (BST)
- To: nir dagan <dagan@upf.es>
- cc: roconnor@uwaterloo.ca, www-html@w3.org, www-talk@w3.org
On Sat, 21 Mar 1998, nir dagan wrote: > I would like to make a point in favor of client side "things" > in general as opposed to server side. I would like to disagree here. Server side has too many advantages to disregard like this. The main arguments against client-side are two: First, the fact that it makes clients too "heavy", and with everything from watches to TV sets becoming web-compatible these days, this introduces too much extra overhead. The client side should be kept as simple as possible. I think that HTTP-NG + XML + CSS2 + DOM + ECMAScript is enough for any reasonable Web application. Perhaps Java would make a nice addition to the above package, but there are both licensing and implementation problems with Java. Perhaps if we get a more "final" version of Java and we know that any future versions will be backward-compatible, and a VM that's fast and open-source, we can talk... The second problem is one that anyone who programs Java or JavaScript knows already. Client-side methods are difficult to standardize and implement across platforms. If the client side is kept simple, this will not be a problem. The server-side can safely be kept proprietary. The number of platforms that need to support server-side applications are very limited and these can be developed safely. The other problem is one that will become (I hope) apparent with HTTP-NG. If we are going to have an object-oriented Web, we need to upgrade the server side and slowly kill off the client side. I think you are trying to approach the problem from the wrong angle. The problem is *not* that servers often need to be as secure as clients, but that the dominant format for the server-side right now is a file tree of HTML documents. This is wrong. In order to provide proper implementations, the information on the server side needs to be stored in a different format. A sensible architecture for this is what is needed. CGI is not enough. It usually uses languages like C or Perl that have much wider scope than web publishing and hence create security risks for servers. Besides, CGI is just a "patch" that sits on top of the familiar document-tree format. A standardized, secure mechanism that stores and produces Web documents in a different format would be more appropriate and solve the problems you mention. -- Stephanos Piperoglou -- sp249@cam.ac.uk ------------------- All I want is a little love and a lot of money. In that order. ------------------------- http://www.thor.cam.ac.uk/~sp249/ --
Received on Friday, 10 April 1998 10:17:01 UTC