On 24.02.2007, at 18:43, Gregg Wonderly wrote:
There is absolutely
nothing about HTTP or REST that guarantees that a correct
implementation of the
semantic meaning of your resource is carried out on the remote end.
Correct.
So, there
are no additional guarantees that HTTP provides over any other
mechanism over
the network to something that you are not in control of.
Correct.
Specs are worthless unless you are in control of the implementation
of those
specs if we are talking about security and QOS and service
guarantees. You are
just trusting that the remote end is doing the right thing.
The lack of control you describe is exactly the reason why the
messages MUST be self descriptive
in order to protect the client from change on the server side
affecting what it is effectively saying.
From a legal/business transaction POV it is totally irrelevant what
the other side actually *does* with
my request. It is important that the transition the client made (here
from "wantingToOrderPizza" to
"havingPlacedPizzaOrder" ) is uttered in a way that is independent
from serevr side issues.
Jan
Gregg Wonderly
