- From: Roy T. Fielding <fielding@apache.org>
- Date: Fri, 19 Apr 2002 13:20:27 -0700
- To: Graham Klyne <GK@NineByNine.org>
- Cc: www-tag@w3.org
>> I didn't bother to define "safe" in the HTTP spec because there already >> exist far more definitive works in software engineering literature >> that define the term completely. A search for Nancy Leveson's research >> will pick up the appropriate definition. > > A quick search reveals work that seems to deal with safety related to > fault tolerance. I had the idea that "safe" in HTTP was a slightly > different idea. Could you please provide a more specific reference, or > an extra keyword or two to locate the right kind of definition? Sorry, sometimes I forget that I studied that stuff before the Web had escaped the boundaries of CERN. The reference is Leveson, Nancy G. Software safety: why, what and how, ACM Computing Surveys, June 1986, pages 125-163. <http://doi.acm.org/10.1145/7474.7528> `Safety here is regarded as a relative term. Although safety has been defined as "freedom from those conditions that can cause death, injury, occupational illness, or damage to or loss of equipment or property" [MIL-STD-882B 1984], it is generally recognized that this is unrealistic; by this definition any system that presents an element of risk is unsafe. ... Unfortunately, the question of "How safe is safe enough?" has no simple answer.' HTTP does not attempt to require the results of a GET to be safe. What it does is require that the semantics of the operation be safe, and therefore it is a fault of the implementation, not the interface or the user of that interface, if anything happens as a result that causes loss of property (money, BTW, is considered property for the sake of this definition). ....Roy
Received on Friday, 19 April 2002 16:21:12 UTC