Loading ...
Sorry, an error occurred while loading the content.

3651Re: [rest-discuss] Why do I care about visibility?

Expand Messages
  • Tyler Close
    May 1, 2003
    • 0 Attachment
      On Thursday 01 May 2003 16:03, Roy T. Fielding wrote:
      > - security across trust boundaries
      >
      > Many networks don't trust each other, or at least don't trust what
      > is on the other side of a firewall. As a result, intermediaries are
      > installed to filter traffic. That is a hard problem for
      > general-purpose
      > application protocols, so we need to make it easier in order to make
      > filtering more efficient and gain the trust of firewall admins.

      I am wondering how much thought you have put into application
      security and how it fits in with REST. Do you have a model for how
      application security should be done? Has there been an exploration
      of how application security affects other REST guidelines? It
      seems like supporting access control has ramifications for many
      parts of REST, the most well-known effect being the interplay of
      HTTP Auth and caching. It seems that if not done carefully,
      access control could negate many of the benefits of REST. What are
      your thoughts?

      Thank you for sharing your expertise.

      Tyler
    • Show all 10 messages in this topic