- From: Yaron Goland <yarong@microsoft.com>
- Date: Fri, 23 May 1997 12:07:57 -0700
- To: 'Ross Patterson' <Ross_Patterson@ns.reston.vmd.sterling.com>, http-wg@cuckoo.hpl.hp.com, confctrl@isi.edu
PEP is very useful in cases where I need to make sure the server will do the right thing without first having to negotiate with the server. For example, I may only want to COPY a resource (using one of the new WebDAV methods) if I know the servers is a Level 2 compliant DAV server and thus supports Versioning. Rather than having to first do a discovery on the server and then sending the method, I can just shoot off the method with a PEP header specifying my requirements. Yaron > -----Original Message----- > From: Ross Patterson [SMTP:Ross_Patterson@ns.reston.vmd.sterling.com] > Sent: Friday, May 16, 1997 4:44 PM > To: http-wg@cuckoo.hpl.hp.com; confctrl@isi.edu > Subject: Re: PEP Integration in RTSP > > http-wg@cuckoo.hpl.hp.com writes: > > >The authors of RTSP [1] and authors of PEP [2] have been discussing > how to > >integrate PEP into RTSP as the standard extension mechanism for RTSP. > The > >authors of RTSP have very strong consensus now that we will use PEP, > and > >the only question remains: how will this be integrated? > > > Some of us, myself included, don't believe PEP is such a great idea. > Its bias towards nonstandard extensions with downloadable > implementations just doesn't jive with the '90s "safe computing" > world. > I'll have a very hard time convincing any of my customers to download > anything into the webservers my company sold them, no matter who's > responsible for the code. My personal expectation (not necessarily > Sterling Software's, as we haven't discussed PEP much) is that PEP in > the traditionally high-security, high-reliability mainframe world is > dead on arrival. I've held off commenting to date as I expect this is > both a minority viewpoint and an environment where no matter what > changes are made (short of using URNs to identify already-embedded > "extensions"), any form of PEP will be simply unacceptable. > > >In the discussions between authors of RTSP and PEP, we came to the > >conclusion that PEP complience in RTSP should be mandatory, which > would > >make the relationship between PEP and RTSP different than the > relationship > >between PEP and HTTP. > > If you're going to use PEP, making it a MUST from the start is a very > good idea. Some of the weirdness in PEP today derives from HTTP 1.x's > "don't ask, don't tell" attitude towards unrecognized header fields. > That was a wise choice at the time, and remains so, but it makes PEP a > little odd as a result. > > Ross Patterson > Sterling Software, Inc. > VM Software Division
Received on Friday, 23 May 1997 12:10:31 UTC