xml-dev - Re: [xml-dev] Re: Cookies at XML Europe 2004 -- Call for Participation

Re: [xml-dev] Re: Cookies at XML Europe 2004 -- Call for Participation

[ Lists Home | Date Index | Thread Index ]

To: "jcowan@reutershealth.com" <jcowan@reutershealth.com>
Subject: Re: [xml-dev] Re: Cookies at XML Europe 2004 -- Call for Participation
From: Rich Salz <rsalz@datapower.com>
Date: Mon, 5 Jan 2004 19:20:24 -0500 (EST)
Cc: "xml-dev@lists.xml.org" <xml-dev@lists.xml.org>
In-reply-to: <20040105215708.GF2625@skunk.reutershealth.com>

> I don't see why embedding a capability in the URL is un-RESTy, though.
> Every resource has a stable URL still; it's just that publishing certain
> URLs becomes a Bad Thing.

Well, this is where my knowledge on REST starts skating on thin ice.
If the only way to get to a resource is through one of "n" URLs that
contain a capability, then who can we tell if two resources are the
same?  How can you and I know we're both looking at the referee evals
for paper 34 if we can't share links?

The security practices generally use names to tie authentication and
authorization data to an object, which is names are so important to
security.  They generally don't (i.e., I can't think of any) subsume
the name of the object.
        /r$
--
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html

References:
- Re: [xml-dev] Re: Cookies at XML Europe 2004 -- Call for Participation
  - From: jcowan@reutershealth.com

Prev by Date: RE: [xml-dev] Re: Cookies at XML Europe 2004 -- Call for Participation
Next by Date: RE: [xml-dev] Re: Cookies at XML Europe 2004 -- Call for Particip ation
Previous by thread: Re: [xml-dev] Re: Cookies at XML Europe 2004 -- Call for Participation
Next by thread: RE: [xml-dev] Re: Cookies at XML Europe 2004 -- Call for Participation
Index(es):
- Date
- Thread