- From: <lazear@dockside.mitre.org>
- Date: Mon, 21 Aug 95 15:41:41 -0400
- To: "Karen R. Sollins" <sollins@lcs.mit.edu>
- Cc: uri@bunyip.com, lazear@dockside.mitre.org
>people who built capability systems many years ago in much more >limited contexts realized that revocation had to be an integral part >of any naming/access system. This why cache schemes need timeouts, so that people don't believe forever the information they've gathered. So, how long should a URL be valid for? One could carry individual timeout information with each URL (like DNS can), or one could set a Web-wide value, such as a week, beyond which one would not believe that URL any longer. So, no matter when one received the URL, one could not depend on it for more than that week. After that, one would need to verify the URL by going back to the longer-lived URN (?) and retrieving the associated URL(s) again. Perhaps URNs should have a life of a year, after which they should be questioned as to their validity. One problem: who validates URNs, since they are the longest-lived element in the UR* universe? Like DNS, one can find out that a URN is no longer valid. The issue then is to find out a source from which one can get the new form of the URN or an alternate URN or confirmation that the URN doesn't exist at all anymore. This is usually an offline task (like calling a friend to learn what the real domain name is). Walt
Received on Monday, 21 August 1995 15:43:46 UTC