Lists Home |
Date Index |
> [I'll jump in because I'm interested in understanding Rich's security
> question. He's posed it to me before and I must not have understood it
> then either.]
That seems to be living under a separate thread, so I won't discuss it here.
>>3. I don't understand the rationale for principal #2; what's the
>>reason to prefer one of these three?
>>Yes, I removed the "get" word; once I do that, what's the issue?
> Practically, there is probably not much of a difference.
> But, the first is a reference to a resource. The latter two are queries
> and (arguably) not resources in their own right. Queries have slightly
> different semantics. For instance, queries are constructed by the client
> whereas normal hierarchical URIs should be treated as opaque.
Queries *can* be constructed by the client, but they needn't be. I can
certainly have "query-string URL's" embedded in my documents. In fact,
in order for a client to construct a query, it needs external schema
information: the field names.