W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 1997

Re: factoring of DAV services

From: Larry Masinter <masinter@parc.xerox.com>
Date: Tue, 6 May 1997 09:03:06 PDT
Message-ID: <336F563A.1E9@parc.xerox.com>
To: Sankar Virdhagriswaran <sv@hunchuen.crystaliz.com>
CC: w3c-dist-auth@w3.org
> By stoping at the "resource" boundry and also by not separating the
> services offered by a DAV system we are not scaling the DAV system itself.
> Here are some examples. 

Since we're talking at the abstract layer, it's easy to generate
A "resource" is in fact a service; an object, if you will.

(I'd disagree with the post that we're not adopting an "object-oriented"
framework; I think the 'web' is object-oriented in that resources are
the objects, URLs are object pointers, although web resources normally
only offer methods of GET, PUT and POST, although we're considering
additional resource-based methods; insofar as we add additional methods,
it ties the delivery of services to those transports that offer
additional methods.)

We've noted, for example, that the resource of "the source" is a
different resource from "the generated content", with a link
relationship of derived-from. So you can 'get the source' by applying
the GET method to the source instead of applying it to the derived
content, e.g., for web pages with server-side includes. However, with
this choice, we're also allowing the source and the generated content to
be on separate machines.

Scalability and distribution are good properties in the abstract, but in
practice, it's possible to carry the abstract goal farther than
necessary, while at the same time, burdening the implementations with
too many levels of indirection. So we need to carefully balance the
separation of objects against actual practical needs.

The main "scalable" case I'd like to argue for, for DAV (and perhaps
this is a request to add something to the requirements document) is that
it should be possible to do authoring against a completely separate
machine than the machine(s) that are actually serving the content being

I'm imagining for security & firewall considerations, as well as for
load distribution, that one might want to have a separate server which
handles all authenticated operations of update, but that, as far as the
user and client are concerned, they *start* with the web server. That
is, if you have "davserver.host.dom" and "www.host.dom", you might find
that the URLs for the version tree, the source of documents, etc., are
all "http://davserver.host.dom", even though the documents that you're
actually authoring are "www.host.dom". It should be possible to not have
to authenticate against the machine that is actually serving the

> This is why I wondered if a service model had been developed.

Your scenarios are interesting; the question is whether a standard
should dictate a service model, or just allow a wide variety of service
models. Although any product architecture needs a service model, we're
clearly trying to support "all of them". Perhaps we should instead try
to focus on just documenting the service models of the products that
we're trying to support.

Received on Tuesday, 6 May 1997 12:26:29 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:10 UTC