- From: Mark Nottingham <mnot@akamai.com>
- Date: Fri, 15 Jun 2001 22:53:57 -0700
- To: Dan Connolly <connolly@w3.org>
- Cc: "Roy T. Fielding" <fielding@eBuilt.com>, uri@w3.org
Since it's somewhat pertinent; One group of issues (11 and 13) for XMLP is what port to run on, and possibly how to identify the use of SOAP in URIs. Although SOAP messages currently use unadorned schemes (e.g., http), there is some pressure to use a separate default port and identify the use of XML messaging with a different scheme. To that end, one of the suggested approaches is: soap.http://www.example.com/service soap.beep://www.example.com/service or perhaps a syntax like soap:http://www.example.com/service It would be nice to have reccommendations as to: a) whether or not it's a Good Idea to make the use of XML Messaging visible in URIs b) if it is necessary to have a different URI scheme for XML Messaging, due to a different default port, how that should be formatted. (I'm not speaking for the group here, just giving a heads-up). Cheers, Dan Connolly wrote: > "Roy T. Fielding" wrote: > > >>On Fri, Jun 15, 2001 at 11:41:21AM -0500, Dan Connolly wrote: >> > [...] > >>>But folks have mostly avoided the practical side of >>>this issue by layering everything on top of http; >>>a noteable exception is https:, where I wish >>>we would have avoided putting the "secure" flag >>>in the name. >>> >>But we could not have avoided that. The security context must be established >>before the client uses the URL in any other way, which meant that an http URL >>cannot be used because of the risk of older browsers mistaking it for a normal >>request without secure communication. >> > > I'd prefer that they found out some other way than peeking > in the name. But maybe there's no way to do that; there > certainly wasn't at the time. > > >>In any case, http and https define two entirely different naming authorities, >>even when their implementations reside on the same machine. >> > > Really? Hmm... I'm not sure what you mean by that. > Do you mean that the authority comes from the PKI > certificate hierarchy, rather than the DNS hierarchy? > I guess that makes sense. > > -- Mark Nottingham, Research Scientist Akamai Technologies (San Mateo, CA USA)
Received on Saturday, 16 June 2001 01:54:02 UTC