Lists Home |
Date Index |
On Thursday 20 December 2001 05:27 am, Julian Reschke wrote:
> > No, but things like the lack of versioning, locking being
> > optional, etc. etc.
> Versioning is specified in the WebDAV deltav extension, which has been
> submitted to the IESG in October.
Not *yet* ratified. I guess DASL et al. are coming too. Still, these add a
lot to an already shaky specification.
> And why is the fact that locking is optional a problem? If you hit a server
> that doesn't support locking while youre application requires it -- just
> don't talk to it. I agree that it would be a shame if major vendors come
> out with "WebDAV" servers without locking support (is this the case? IIS
> and Apache support it).
One of the things I've learnt over time is that you cannot rely upon those
things that are optional. Assuming that all servers will support it is not
good enough.... a case in point here is the way properties are handled by
existing clients. The specification is very unclear about ordering of
properties and response blocks. The specification, if read one way, would
allow every reponse for every resource to be separate. Most clients can't
handle this. Another one is the special header needed for MS clients to work
(not in the specification).
WebDAV interoperability has more to do with the small size of the overall
community (tribal knowledge) than it does with clarity or correctness of
> > a) circumvent firewall issues
> Actually, I'd say the fact that WebDAV uses well-defined HTTP method names
> makes it *less* likely that security is compromised (as compared to XML-RPC
> or SOAP).
C'mon, using port 80 for is a kludge.... just like using finger back in the
old days was. While some firewalls allow you to block individual HTTP
methods, many do not.
That said, I expect this kludge to go mainstream... though maybe by having a
dedicated SOAP port and straight TCP/IP connections (see the comment about
> Doesn't come extensibility (the ability to marshall "anything") with the
> price of being *harder* to control?
Not necessarily. My bet is that routers will have this capability (message
validation, and smart routing or messages) built into them soon. It's a
logical extrapolation of the trend in router technology to put more layers
into the box.