W3C home > Mailing lists > Public > public-appformats@w3.org > January 2008

RE: P3P - Feedback on Access Control

From: Close, Tyler J. <tyler.close@hp.com>
Date: Fri, 25 Jan 2008 19:30:56 +0000
To: Ian Hickson <ian@hixie.ch>, Mark Nottingham <mnot@yahoo-inc.com>
CC: "WAF WG (public)" <public-appformats@w3.org>, Anne van Kesteren <annevk@opera.com>
Message-ID: <C7B67062D31B9E459128006BAAD0DC3D074F4F69D7@G6W0269.americas.hpqcorp.net>

Ian Hickson wrote:
> On Thu, 24 Jan 2008, Close, Tyler J. wrote:
> > 2. a web application that puts a new GUI on another web application,
> > such as skining an auction site, or email application
> >
> > 3. a content authoring web application that stores user
> created content
> > in a data store provided by another web application, such as one
> > operated by Amazon.
>
> Again, the number of URIs involved in this kind of case is
> limited, so I
> don't see the extra roundtrip per resource to be especially worrying.

In Amazon's SimpleDB API, the request URL contains a cryptographic signature of the request arguments. See:

http://docs.amazonwebservices.com/AmazonSimpleDB/2007-11-07/DeveloperGuide/REST_RESTAuth.html

The WG's current proposal doubles the cost of using the Amazon SimpleDB API in a mashup.

--Tyler
Received on Friday, 25 January 2008 19:31:54 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:56:21 UTC