[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fwd: A modest proposal for an OpenSocial RESTful API]

To: James M Snell <jasnell@xxxxxxxxx>
Subject: Re: [Fwd: A modest proposal for an OpenSocial RESTful API]
From: "Roy T. Fielding" <fielding@xxxxxxxx>
Date: Mon, 3 Mar 2008 10:15:25 -0800
Cc: John Panzer <jpanzer@xxxxxxx>, Atom Publishing Protocol <atom-protocol@xxxxxxx>
In-reply-to: <47CBA931.3080608@xxxxxxxxx>
List-archive: <http://www.imc.org/atom-protocol/mail-archive/>
List-id: <atom-protocol.imc.org>
List-unsubscribe: <mailto:atom-protocol-request@imc.org?body=unsubscribe>
References: <47C5205F.1070000@xxxxxxx> <7EEFBB29-95D4-42EF-BEB8-138D45799FB4@xxxxxxxx> <47CBA931.3080608@xxxxxxxxx>
Sender: owner-atom-protocol@xxxxxxxxxxxx


On Mar 2, 2008, at 11:30 PM, James M Snell wrote:

I definitely don't think that batched requests are ideal, and Icertainly do not agree that using POST is appropriate, however,based on the number of times this has come up, I think there'sdefinitely a need for a workable approach for batched operations.Pipelining would likely be sufficient if caching and idempotencyissues were handled well, but they're not. IMHO, the BATCH+Multipart approach that I've proposed provides a relatively decentcompromise in that the use of BATCH makes the intent of the requestclear and bypasses the caching and idempotency issues. Forsecurity, intermediaries can choose to block the BATCH methodentirely. In time, intermediaries such as caching proxies couldeven learn how to intelligently deal with BATCH+Multipart (e.g. byanalyzing the individual batched requests according to the securitypolicy, etc). I'm not saying that it's problem-free, I'm justsaying that it's a workable approach.

Changing the method to BATCH doesn't make any difference. You stillallowHTTP to be tunneled through HTTP, you still need to reimplement anentire

server within a server and an entire client within a client, you still

need to deal with the associated bypass of all security controls, andyou

still have gained nothing whatsoever over simple HTTP pipelining.

There are no caching issues with pipelining -- only benefits.  The
idempotency issue is due to error-recovery concerns when a connection is

terminated, leaving the client with an unknown as to which non-repeatablerequests were received by the origin. Those are not helpedwhatsoever by

sticking the requests inside another envelope, but can be reduced with
pipelining simply by ensuring that the connection is sustained through

the delivery of all response messages. It is a pure serverimplementation

problem.

I cannot imagine a worse idea for HTTP than BATCH+Multipart, and I'veseenthem all. Multipart is a terrible way to frame messages -- it isn'tevensane unless you assume a 7bit unreliable transport, which is whatMIME wasdesigned to survive within. If you want to invent a new protocol,than doso at the session layer -- use SSH multiplexing or SCTP or somevariation

on the HTTPng session multiplexing.

....Roy

Follow-Ups:
- Re: [Fwd: A modest proposal for an OpenSocial RESTful API]
  - From: Lisa Dusseault

References:
- [Fwd: A modest proposal for an OpenSocial RESTful API]
  - From: John Panzer
- Re: [Fwd: A modest proposal for an OpenSocial RESTful API]
  - From: Roy T. Fielding
- Re: [Fwd: A modest proposal for an OpenSocial RESTful API]
  - From: James M Snell

Prev by Date: Re: [Fwd: A modest proposal for an OpenSocial RESTful API]
Next by Date: Re: [Fwd: A modest proposal for an OpenSocial RESTful API]
Previous by thread: Re: [Fwd: A modest proposal for an OpenSocial RESTful API]
Next by thread: Re: [Fwd: A modest proposal for an OpenSocial RESTful API]
Index(es):
- Date
- Thread