Re: The document's address from Martin Thomson on 2013-03-08 (ietf-http-wg@w3.org from January to March 2013)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 8 Mar 2013 11:30:24 -0800
To: Julian Reschke <julian.reschke@gmx.de>
Cc: Nicholas Shanks <nickshanks@gmail.com>, IETF HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABkgnnU-zHR+zQR3UEkW712SaHBYhzBm+_OJEx2_ssGYymXP7w@mail.gmail.com>

On 8 March 2013 08:15, Julian Reschke <julian.reschke@gmx.de> wrote:

> On 2013-03-08 17:10, Nicholas Shanks wrote:
>
>> On 8 March 2013 15:42, Julian Reschke <julian.reschke@gmx.de> wrote:
>>
>>  That implies a concept of hierarchical ownership that simply does not
>>> exist
>>> in HTTP. It might for some servers, but there's no guarantee.
>>>
>>
>> Can you provide an example (make one up) where ownership cannot be
>> defined as hierarchical and accumulative?
>>
>
> Pretty much any server that is backed by a content management system where
> ACLs can be set on individual resources.
>
>
We have this exact issue for push in HTTP/2.0.  The solution is to require
the server to understand the ownership structure of all the resources that
it serves and to enforce any constraints as necessary.

That's a fairly fundamental change to the expectations and responsibilities
around routing and ownership.  Clearly there are cases where this is
difficult for a server.  We have text on the subject, but more feedback is
always welcome.  We certainly do not make any assumptions about a
hierarchical structure to ownership.  That's the server's business.

--Martin

Received on Friday, 8 March 2013 19:30:55 UTC