Other things to keep in mind

• There are non-humans on the web

  • spiders, crawlers, worms, etc, may behave badly
    • infinite FTP directory traps, request bursts, ...

• Netscape, MSIE, and Apache set defacto standards

  • their semantics may subtly differ from standards
  • error-tolerance of popular clients/servers means that everybody must achieve same levels of tolerance
    • otherwise, you appear to be broken to users
    • e.g.: Netscape not parsing comments properly

• SSL/X.509

  • transport-level security: fixes up basic auth problems
  • eliminates caching or proxy mechanisms

Previous slide

Back to first slide

View graphic version