[e-lang] What is defensive consistency?
Karp, Alan H
alan.karp at hp.com
Thu Nov 1 11:22:33 EDT 2007
David Wagner wrote:
> Ok so far, I think, but what's the definition of a client? I used the
> names Xavier and Yolanda to refer to some unspecified
> entity(entities),
> but who/what are those entities and what is the granularity
> of a client
> entity? How do I tell when an object or pair of objects
> should count as
> two different clients as opposed to a single client? Put another way,
> what is the granularity of the failure domain?
>
I have always assumed that what makes two clients different is the
capability they use to access the object. Basically, if the
capabilities the clients use could be separately revokable, then the
clients are different. (I don't want to say "are not EQ" with Dean
listening in.) I don't know if this distinction is what MarkM had in
mind, but I think it covers most of the cases in David's note. The only
alternative I can think of, that every valid request returns a valid
result but that an invalid request may not, does not appear to be
consistent with MarkM's example.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the e-lang
mailing list