Updated finding: "URIs, Addressability, and the use of HTTP GET and POST

Hello,

As I mentioned in my email about the 16 Sep draft 
of this finding [1], I was uncomfortable with some
of the new language involving the broad term "auditing".

In light of some feedback from Noah, and from discussions 
with Dan Connolly (on this topic and another), I have
made available the 19 Sep draft of "URIs, Addressability, and the use of
HTTP GET and POST" [2].

[1] http://lists.w3.org/Archives/Public/www-tag/2003Sep/0044
[2] http://www.w3.org/2001/tag/doc/whenToUseGet-20030919.html

The changes between the 16 and 19 Sep drafts are:

 - Addition of sentence about and reference to RFC2310
   (based on Larry Masinter email). Sentence added just
   before 3.1

 - Section 3.1 examples moved to three subsections. Two
   examples added:
 
   * 3.1.2 Steps for establishing an obligation. Most of this
     text is taken from DanC's original version of this
     finding.

   * 3.1.3 Side effects do not imply unsafe interaction.
     The example of site counters is given. The user incurs
     no obligation even though the interaction changes the
     state of the server.

 - Section 4. Sentence about 'audited resource' deleted since
   I think overly broad. Instead, I hope the new examples will
   cover some of the ground Noah had in mind.

HTML diff available at:
  http://www.w3.org/2001/tag/doc/whenToUseGet-20030919-diffs.html

 _ Ian

-- 
Ian Jacobs (ij@w3.org)   http://www.w3.org/People/Jacobs
Tel:                     +1 718 260-9447

Received on Friday, 19 September 2003 17:39:36 UTC