W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2001


From: Jason Crawford <ccjason@us.ibm.com>
Date: Fri, 4 May 2001 12:45:49 -0400
To: Tim_Ellison@uk.ibm.com
Cc: w3c-dist-auth@w3.org
Message-ID: <OF8FD334B9.2B8138B0-ON85256A42.0056BC1B@pok.ibm.com>

I think the key part of Geoff's post is "the subset that it can use".  The
problem with allprop is that it will return all the live properties
irrespective of whether the client is aware of the properties' semantics.
Sometimes this is what the client wants, say if it is naively displaying a
property sheet; but most likely it is not since there is no way for the
client to interpret the values or know if/how they can be changed.
Actually I'd think that property sheet case would be pretty common.  And
removing allprop isn't going to prevent people from doing the same thing...
now with two requests rather than one.  And sometimes for wide directories
it will be difficult to avoid this (suspected) problem even without
ALLPROP.  If this is actually the pivotal concern, I think the best you can
do just warn people of the potential cost that we see of using allprop.
From there on in, let time tell if it's really a problem.  If we discover
it is, let's *really* solves the problem then.  I'm willing to remove
ALLPROP, but it doesn't sound like doing that really would solve the
problem and it's not clear if there is a problem.

> It's the old NRA argument -- allprop doesn't kill servers, clients kill
> servers ;-)
At first I thought that analogy was flawed, but as I think about it, I
think that the situation is analogous.  This discussion seems to have all
of the same aspects.  The differences I see are...

1) I don't think it's clear that there actually is a problem in 2518 that
we need to solve.
2) In 2518, the people that would be vicitimized by the concern are
actually in (more) control over whether they are vulnerable.  (Client
programers can discover that they don't really want all those random
properties and perhaps conclude that it's slowing their response time and
stop using ALLPROP.  I think clients can disconnect if a response is too
long.  And I think servers (with guidance from us) can chose to reject
certain requests if they really feel that they are too expensive.)

I have to agree that it is a stealth action to undermine (the effects of)
I'm guessing you're joking, but I'd like to hear why that was put in that
spec.  Was there some issue involved that we haven't mentioned here?

As it stands now, I have a mild preference for leaving allprop in.  I'm
*very* willing to support another position if it will bring us to agreement
and not do any serious damage.

Received on Friday, 4 May 2001 13:43:44 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:22 UTC