- From: J Ross Nicoll <jrn@jrn.me.uk>
- Date: Thu, 25 Aug 2011 18:00:24 +0100
- To: Alexandre.Morgaut@4d.com
- CC: ietf-http-wg@w3.org, karld@opera.com, julian.reschke@gmx.de
On 25/08/2011 17:08, Alexandre Morgaut wrote: > Use cases: > - change of identity of somebody, maybe a whole family for their security > - someone is tagged by a third party on a picture and want this tag to be removed (the picture may be completly unrelated to the person like a porn or a racist picture just to give him a bad reputation) > > The fact is that with some very google friendly URL anyone could try some manually constructed URL to know if something has be related to another > > ex: > Someone told me this guy was member of this organization > I check > > -> GET http://thisorganiztion.org/members/john-doe > <- 410 Gone HTTP1/1 > > If this wanted all his informations being removed from this organization website (he may not agree any more with its actions), here there is a problem... > I think what you've argued here is more that the entire 410 status code needs to be deprecated or have significant notes about privacy added, than the specific case of what happens after a DELETE operation. Which is fair, but I think an important distinction. Assuming the 410 status code isn't going anywhere, I think "response on any subsequent requests on the same URI SHOULD be 410 (Gone)" is fine, as there's a SHOULD (appropriate to most cases) but if a server admin feels a need to return 404 instead they have that option. Ross
Received on Thursday, 25 August 2011 17:00:51 UTC