[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Re: [dss-x] REST binding ?
Hi Stefan, in fact it's not that sunny here in Hannover. But from tommorow on I'll will be in Bonn and can enjoy the famous Rhine vally weather ;-) Yes, my sample is abit unclear. In case of POST. The parameter should of course be transported by the POST mechanism. Greetings Andreas ----- original Nachricht -------- Betreff: Re: [dss-x] REST binding ? Gesendet: So, 29. Mai 2011 Von: Stefan Drees<stefan@drees.name> > Hi Andreas, > > sunny sundays are so productive ;-) > > First of all I do welcome that idea, although ... > > ... these mixed calls (POST with a touch of GET-like parameters) > irritate me a bit, since I made the experience, that browsers expose > quite different behaviours with regard to a post with get semantics: > > POST URL?QUERY=GETLIKE_PART > POST_DATA > > Or did I misunderstand the initial POST example? > > But the foremost reaction remains: Interesting. > > All the best, > Stefan. > > Am 29.05.11 14:32, schrieb Andreas Kuehne: > > Hi all, > > > > we're facing some client demand on REST binding for DSS-like interfaces. > Did anyone in the group already worked in this topic ? > > > > Most of the reasons for REST don't sound valid to me ' .. SOAP is bad ... > REST is good .. and got more performance ..' But if the client asks for it > ... > > > > Designing a REST interface for signing doesn't make real sense to me, as > the document to be represented by REST doesn't really exist on a signature > server. It's a pure procedure call, no 'State' (the 'S' in REST) involved. > > > > With verification things turned out to be more useful. A signature or the > signed document could be seen as the 'State' and the service could return > verification information on it. A URL may look like this : > > > > POST > http://{server}/dss/rest/verificationStatus/SHA-256:{unique_hash}?signature= > {sig-value} > > > > The document could be identified by its hash value, the signature and > other information will be passed as parameters to a POST request. > > > > This call could create the stateful object by performing the verification. > Subsequent calls of the type 'GET' > > > > GET http://{server}/dss/rest/verificationStatus/SHA-256:{unique_hash} > > > > will return the verification outcome. This may especially be handy for > verifications that will be done several times on he same document, like code > signing or dkim messages. And in fact a REST call may use up little less > network and may require a smaller software stack ... > > > > So to me I does make sense to start thinking about standardizing a REST > binding for DSS. What's the groups opinions / experiences ? > > > > Greetings > > > > Andreas > > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > --- original Nachricht Ende ----
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]