- From: Jason Crawford <ccjason@us.ibm.com>
- Date: Fri, 2 Mar 2001 16:37:11 -0500
- To: "Dan Brotsky" <dbrotsky@Adobe.COM>
- Cc: Greg Stein <gstein@lyra.org>, w3c-dist-auth@w3.org
> 1. Does UNLOCK require IF header specifying applicable write lock token? I've tentitively added this as...UNLOCK_NEEDS_IF_HEADER I believe that the current behavior is appropriate in that the only thing the server needs to verify is that the client is aware of that lock and the requestor is the principal that owns it. If the client is explicitly requesting that the lock be destroyed, the client obviously knows about the lock and it's redundant to ask them to provide it in a second header. I think we need to treat the IF header not as a way for the server to confirm that the client knows about a lock, but (as documented) a way for a client to put a precondition on an request. If you look at the documentation for the IF header, this is the only thing it talks about. And if the server needs to verify that a client knows about a lock, it should be adequate for the client to mention the lock in a any documented headers that we enumerate to verify that the client knows about the lock. > 2. UNLOCK should return 412 if valid lock token is not supplied as > UNLOCK-TOKEN. I've tentatively added this as...UNLOCK_WITHOUT_GOOD_TOKEN J.
Received on Friday, 2 March 2001 16:42:43 UTC