[erlang-questions] Twoorl: an open source Twitter clone
Joe Armstrong
erlang@REDACTED
Fri Jun 6 14:48:16 CEST 2008
On Fri, Jun 6, 2008 at 4:52 AM, Barry Kelly <bkelly.ie@REDACTED> wrote:
> Joe Armstrong wrote:
>
>> Yes yes yes - I have for a long time thought that non-destructive
>> persistent queues are the perfect data structure for
>> many applications. I can't see why REST has GET, PUT, POST and DELETE
>> - It should have GET and APPEND
>> (only).
>
>> Appending things to a input queue *and never deleting them* seems to
>> me a perfect way to deal with things.
>
> There are privacy and security ramifications to such a design. A service
> provider implemented using such a model may hold passwords and customer
> data much longer than it needs to.
>
Security has nothing to do with this argument - if a password is sent
over the network it has been
sent - nothing can alter that.
A man in the middle might store the message forever so it would make
no difference if the
server stores the data for a millisecond or a trillion years.
The reason for storing things in an appended log is to be able to
replay the log later if things go wrong and
recover from errors - it has nothing to do with security. Security and
privacy has to do with the level of
encryption that is applied to the items in the log.
/Joe
> Furthermore, the semantic operations of PUT and DELETE still need
> implementing - customers still want to logically upsert and delete
> resources, so a second-level API convention or standard is still
> required.
>
> Why not simply implement PUT, POST and DELETE as enqueued operations on
> the server side?
>
> -- Barry
>
> --
> http://barrkel.blogspot.com/
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://www.erlang.org/mailman/listinfo/erlang-questions
>
More information about the erlang-questions
mailing list