- From: Blaine Cook <romeda@gmail.com>
- Date: Mon, 25 Jun 2012 10:22:18 -0700
- To: Julien Genestoux <julien.genestoux@gmail.com>
- Cc: Martin Atkins <mart@degeneration.co.uk>, Evan Prodromou <evan@status.net>, public-pubsub@w3.org
On 25 June 2012 03:31, Julien Genestoux <julien.genestoux@gmail.com> wrote: > My publisher endpoint will ask me whether I allow you to subscribe to my > feed... (it will have previously checked who you are using the From header > obviously). > If I allow you to subscirbe to that feed... it's all great. I can also > decide that you're actually going to be subscribed to > http://ouvre-boite.com/feed/friends and you will then get a confirmation > with that new url (check 0.4 for the confirmation steps). Obviously I still need to review 0.4, but as I've discussed with Julien, I really really dislike encoding this practice as "the way" to do private subscriptions. The content of the feed at a URL can be different per subscriber, and can be easily managed with code. Compare this to going to e.g., "http://facebook.com/" - the content represented there is different for each signed-in user. The approach on the web allows reusability of URLs while enabling diverse permissions models. Facebook *could* use URLs like "http://facebook.com/bob/friends" or "http://facebook.com/friends=bob,anne,sally,tom,mark,..." but clearly this doesn't offer a usable solution. We should emulate as closely as possible the existing web model when designing the spec – rather than describing how to do privacy with URLs, we should allow the programmatic elements of the web to define that. b.
Received on Monday, 25 June 2012 17:23:10 UTC