- From: Jonathan Borden <jonathan@openhealth.org>
- Date: Wed, 11 Sep 2002 08:47:25 -0400
- To: "Jean-Jacques Moreau" <moreau@crf.canon.fr>, <noah_mendelsohn@us.ibm.com>
- Cc: "Mark Baker" <distobj@acm.org>, "Elliotte Rusty Harold" <elharo@metalab.unc.edu>, "Tim Bray" <tbray@textuality.com>, <www-tag@w3.org>
+1 Jonathan > > +1 as well to Mark and to the additional example. > > Jean-Jacques. > > noah_mendelsohn@us.ibm.com wrote: > > If we can't distinguish an access that incurs obligations from one that > > does not, I fear that no access can be viewed as completely safe. So, +1 > > to what Mark has written. > > > > > > Mark Baker wrote: > > > >>Tim Bray wrote: > >> > >>Why not? This is my reading. I do *not* want to make payments, even > >>micropayments, as a result of doing a GET, without have done an explicit > >>prior authorization. > > > > And even then ... > > > > I don't want to be charged per GET, period. If I'm going to be charged > > per-page, it better be via POST, because I may be using a personal proxy > > that does things like invoking GETs on my behalf to keep my cache fresh. > > > > I think #4 is fine as is, but perhaps an additional example to cover > > the pay-per-page case would be worthwhile? > > > > MB > >
Received on Wednesday, 11 September 2002 09:05:43 UTC