W3C home > Mailing lists > Public > public-sdw-wg@w3.org > April 2016

Re: More on HTTP/S

From: Frans Knibbe <frans.knibbe@geodan.nl>
Date: Fri, 22 Apr 2016 13:05:06 +0200
Message-ID: <CAFVDz429PeG9YAj7yPKwC1ss=ypCobeOpBpqCR5rXsYZPiQNvQ@mail.gmail.com>
To: Phil Archer <phila@w3.org>
Cc: SDW WG Public List <public-sdw-wg@w3.org>
Hello Phil,

Thank you for this interesting information. I sometimes wonder why not to
mint HTTPS URIs by default, just to have more opportunities for future
development, like making data read/write instead of read-only.

Some questions:

   - I thought a major problem with HTTPS is that you loose abilities to
   cache data, for example with proxy servers. Since spatial data often have
   high volume and do not change too often, they are a good candidate for
   caching somewhere on the web. So I wonder: would encouraging using HTTPS
   for spatial web resources impede opportunities for caching?
   - What is meant with 'using a cached copy of the namespace'?
   Particularly, which namespace is that about?
   - Is there any sense in recommending using a HTTP *and* a HTTPS URI for
   identifying the same resource, given that it is bad practice to have
   such URIs resolve to a different resource?

Greetings,
Frans




2016-04-20 17:42 GMT+02:00 Phil Archer <phila@w3.org>:

> More on the topic of HTTP or HTTPS.
>
> Context: W3C and others are encouraging the greater use of HTTPS, we'd
> like this to be the norm as the Web becomes more secure and trusted.
>
> The automatic switching to https seen on w3.org now uses new fangled ways
> of doing stuff that avoid us having to make any changes to long-established
> resources.
>
> For new resources, we have more choice of course. For example, in BP 1 the
> Intended Outcome is (currently):
>
> Entities (SpatialThings) described in a dataset will each be identified
> using a globally unique HTTP URI so that a given entity can be
> unambiguously identified in statements that refer to that entity.
>
>
> I would suggest that this could say:
>
> "...using a globally unique HTTP or HTTPS URI..."
>
> We may want to include wording somewhere along the lines of
>
> "The upside of using HTTPS URIs is increased security for applications
> that dereference them.  A downside could be that existing tools might not
> handle HTTPS "well".  An upside could be that such tools would be upgraded
> to have better security or would be upgraded to use a cached copy of the
> namespace."
>
> HTH
>
> Phil.
>
>
> For tracker: Action-107
>
> --
>
>
> Phil Archer
> W3C Data Activity Lead
> http://www.w3.org/2013/data/
>
> http://philarcher.org
> +44 (0)7887 767755
> @philarcher1
>
>
Received on Friday, 22 April 2016 11:05:35 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:31:20 UTC