- From: Seaborne, Andy <andy.seaborne@hp.com>
- Date: Wed, 11 Jan 2006 17:52:30 +0000
- To: Kendall Clark <kendall@monkeyfist.com>
- CC: RDF Data Access Working Group <public-rdf-dawg@w3.org>
Kendall Clark wrote: > > On Jan 11, 2006, at 10:39 AM, Seaborne, Andy wrote: > > >>The one I have difficulty is how a security problem (403) is not a >>refusal by the service. > > > Overloading overloading overloading overloading. > > Our WSDL serializes *no* fault with 403. Yes > Thus, any 403 returned is > NOT a WSDL fault. From the SPARQL protocol document, yes. It seems at odds with the open set but let's stick with that for the moment. > It *cannot* be a WSDL fault. QueryRequestRefused > *is* a WSDL fault. Thus 403 cannot be a refusal by the service. That is odd because: A/ HTTP 1.1 RFC 2616 says: """ 403 Forbidden The server understood the request, but is refusing to fulfill it. """ which uses the term "refuse". http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4 B/ The client can not communicate in the usual HTTP manner the reason for a 'refusal' (this is why I suggested "should", in the RFC 2119 sense). If you have a specific definition of "refuse", then please put that definition in the document. > > Yr systematically confusing situations where natural language > speakers might use the English verb "to refuse" with situations where > QueryRequestRefused is being returned as a WSDL fault. This text makes the connection to my reading: """ QueryRequestRefused This fault message must be returned when a client submits a request that the service _refuses_ to process. """ because it uses "refuse" in the English definition, there being no other definition of the work in scope (and HTTP 1.1 uses it in the common protocol sense anyway). "refuse" / OED: 1/ state that one is unwilling to do something 2/ state that one is unwilling to give or accept (something offered or requested) That seems appropriate use of the word "refuse". [The following text in the definition of the fault does not modify the first statement.] > This is at > least the third time I've explained this, Andy, and yet you accuse me > in private email of "avoiding concrete examples". -sigh- You said you believed that using the word "should" would change the design. Please give an example. Andy > HTTP 403 *cannot* be a WSDL-refusal by the WSDL service *per > definitionem* because the *only* way to refuse *in the WSDFL fault > sense* is to return 500. If a service returns 403, it hasn't refused > in the sense of QueryRequestRefused or of WSDL, which is the only > sense that matters. > > Can you or someone else use the English verb "to refuse" to describe > what it has done? Of course, but that doesn't make it a WSDL fault. > > Cheers, > Kendall
Received on Wednesday, 11 January 2006 17:52:39 UTC