Re: [regrep-cooperating] No team meeting today

[Matthew MacKenzie <matt@xmlglobal.com>]

Joel,

Joel,

Thanks for the feedback.  I thought the reference did have a link, I 
will remedy that.  As for it being voted on, no, of course it wasn't.  
Its referred to because it is not an agreed upon standard.  I omitted 
reference to approved standards and documents because they are implied.  
This might be an incorrect approach, but I don't want to dwell on it.

Security was already a TODO, I will address that in the next rev.

As for the GET/POST comment, It is true that most of the operations use 
POST with the exception of the QueryManager interface.  This is a bit 
challenging because most registry operations can have requests that are 
of arbitrary lengths, which can pose problems for HTTP GET 
implementations.  The informal rule with REST is that POST is somewhat 
acceptable if the resource is being modified by the request (state 
change).  That's why the QueryManager section goes out of its way to use 
GET: the resource's state isn't being changed.  I'll see what I can do 
to make this more clear.

Thanks _a lot_ for the review,

Matt

On Wednesday, July 10, 2002, at 02:10  PM, Munter, Joel D wrote:

> Hi Matt,
>
> The following is listed as a reference:
> 	proposal/best practice document for ebXML Registry v2, entitled
> 	"URL Interface to OASIS ebXML Registry".
> Where is this document?  You may want to include the URL.  I could not 
> find
> it posted at oasis-open.org in the registry TC pages nor in its
> sub-committee pages.  I do not recall when this was voted on and 
> accepted as
> a best practice document.  Was it ever?
>
> The proposal does not address any security issues associated with the
> requisite access control stipulated within V2 or the levels of security
> expected to be present in V3.  Could you please address how security is 
> to
> be handled in this RESTful approach.
>
> While the bias toward HTTP GET is stated, most of the examples shown are
> HTTP POST.  It would probably be helpful to include a table describing 
> your
> recommendation for all ebRS interfaces/methods and whether you believe 
> an
> HTTP GET or HTTP POST would be recommended.
>
> Joel
>
> -----Original Message-----
> From: Matthew MacKenzie [mailto:matt@xmlglobal.com]
> Sent: Wednesday, July 10, 2002 10:50 AM
> To: Farrukh Najmi
> Cc: regrep-cooperating@lists.oasis-open.org
> Subject: Re: [regrep-cooperating] No team meeting today
>
>
> Here is an HTML version of the REST proposal:
>
> http://akula.geek.ca/oasis/regrep/rest/pl-REST-regrep3-0.4.html
>
> I've not had any comments except from Farrukh, I guess it is either
> really bad or really good :-)
>
> Please, have a read over it.
>
> Thanks,
>
> Matt
>
> On Wednesday, July 10, 2002, at 08:55  AM, Farrukh Najmi wrote:
>
>> Folks,
>>
>> There is no meeting today. Please send comments on both Cooperating
>> registries and REST on the mailing list.
>>
>> --
>> Regards,
>> Farrukh
>>
>>
>>
>> ----------------------------------------------------------------
>> To subscribe or unsubscribe from this elist use the subscription
>> manager: <http://lists.oasis-open.org/ob/adm.pl>
>>
--
Matthew MacKenzie
XML Global R&D
PGP Key available upon request.
>
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>