- From: Mark Baker <distobj@acm.org>
- Date: Thu, 2 Jan 2003 14:12:33 -0500
- To: David Orchard <dorchard@bea.com>
- Cc: www-ws-arch@w3.org
On Thu, Jan 02, 2003 at 10:13:57AM -0800, David Orchard wrote: > 2. Optimization for GET means that optimization for another verb, say POST, > is harder. Eh? You can't easily optimize for POST, because the meaning of POST doesn't permit it. What kind of optimizations would you like to see for a non-idempotent, unsafe method? > 3. The web security model is pretty badly broken in some areas. The very > fact that a server can't time-out an HTTP log-in, Erm, yes it can. A server can send a 401 any time it feels like it, for any reason. MB -- Mark Baker. Ottawa, Ontario, CANADA. http://www.markbaker.ca Web architecture consulting, technical reports, evaluation & analysis
Received on Thursday, 2 January 2003 14:06:34 UTC