Your proposal

From w3c-dist-auth-request@w3.org Sat Jan 1 11:26:50 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA27127 for ; Sat, 1 Jan 2000 11:26:50 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id LAA21425; Sat, 1 Jan 2000 11:15:37 -0500 (EST) Resent-Date: Sat, 1 Jan 2000 11:15:37 -0500 (EST) Resent-Message-Id: <200001011615.LAA21425@www19.w3.org> Date: Sat, 1 Jan 2000 11:15:24 -0500 Message-Id: <10001011615.AA16972@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <05256858.00804FA6.00@D51MTA03.pok.ibm.com> (ccjason@us.ibm.com) Subject: Re: Locking URIs rather than Resources Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3774 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list From: ccjason@us.ibm.com Now some locking questions. If LOCK applies to the name, not the resource, /x/y.htm is locked, and /b/c.htm is bound to the same resource as /x/y.htm, is /b/c.htm locked too? Probably not. Correct. But modifying the resource identified by /b/c.htm does require the lock token for the /x/y.htm lock. This does not make /b/c.htm locked. Geoff, you agreed that "/b/c.html" is not locked. In this case I think we'd preferably say the "the resource at" either/both URI's is locked... but only one of those URI's is locked. My point is that we should probably come up clearer vocabulary/notation for making a distinction between the URI and the resource. For example, we used to say the URI was protected and/or the resource was locked. I agree. If we say that a URL is locked, then we need a term to describe a resource that is identified by a locked URL. Let's try just using the word "protect". So a locked URL "protects" the resource that it identifies. If it does not (at a particular moment) identify a resource, it does not (at that moment) protect any resource (i.e. there is no "lock null resource"). So in the example above, we would say that the resource identified by /b/c.html is protected by the lock on /x/y.htm. What about LOCK /b/c.htm? That is fine. Hmmm. Jim said they are the same resource. I don't think he meant a null-mapped resource. That being the case, I think you mean to say that the second lock can only be placed if it doesn't conflict with the lock already acting on the resource at that URI. I think you must have assumed he meant a shared lock when you said that is fine. Actually not. I was using the "exclusive" aspect of a lock to be completely URL based. So you couldn't have two exclusive locks on the same URL (i.e. you can't have a depth:infinity exclusive lock on /x and an exclusive lock on /x/y), but you *could* have a resource that is protected by two exclusive locks. Although this simplifies LOCK/UNLOCK implementation for a server, I (believe I) agree that a client would rather the "exclusive" aspect of a lock apply to the resource. So a particular resource can only be protected by one exclusive lock of a given type. This modifies the last line of the latest locking proposal, which would now state: "A lock can be placed on a URL with a LOCK request. This URL is called the "lock base". If the lock is Depth:N, then a lock is induced on any URL that consists of the lock base extended by N or fewer segments. Only an authorized holder of a lock token for a locked URL can modify either the state of the resource identified by the URL, or which resource is identified by the URL. If a locked URL identifies a resource, the lock "protects" that resource. A resource may not be protected by two exclusive locks with the same locktype." This would then change my answer to Jim's question. The revised definition would not allow an exclusive write lock on /x/y.htm and one on /b/c.htm, since that would result in a resource being protected by two exclusive locks of the same type. One user has /x/y.htm locked. The other user has /b/c.htm locked. That means you can't modify that resource unless you have both lock tokens. In this model, a LOCK prevents a certain kind of change to something, but does *not* guarantee the ability to make such a change, since other access rights or locks can come into play. I agree with what you said about not guarantee'ing a right to change, but what about requiring two tokens? As far as I know, the situation you outlined can only happen if shared locks are used. In that case, only one lock token is required. Yes, for the situation where two URL's identify the same resource. But there still will be operations that will require the use of multiple lock tokens. An example would be the original scenario described by Yaron, where: - /x identifies a collection - /x/y does not identify a resource - there is a depth:0 exclusive write lock on /x - there is an exclusive write lock on /x/y In order to do a "PUT /x/y", you would need a Lock-Token for both the /x lock and the /x/y lock, since you are modifying the state of both /x and /x/y. Cheers, Geoff From w3c-dist-auth-request@w3.org Sun Jan 2 08:25:29 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA08085 for ; Sun, 2 Jan 2000 08:25:28 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id IAA01481; Sun, 2 Jan 2000 08:14:27 -0500 (EST) Resent-Date: Sun, 2 Jan 2000 08:14:27 -0500 (EST) Resent-Message-Id: <200001021314.IAA01481@www19.w3.org> Message-Id: <4.1.20000102093420.00b4f5c0@pop.xs4all.nl> X-Sender: jdavis@pop.xs4all.nl X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Sun, 02 Jan 2000 09:54:46 +0100 To: w3c-dist-auth@w3.org From: Jim Davis In-Reply-To: <9912302233.AA16478@tantalum> References: <7DE119D3D0E15543874F7561EECBDBED02619DE5@BEG.platinum.corp.microsoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: Re: Creating a lock-null in a locked collection Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3775 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list At 05:33 PM 12/30/99 -0500, Geoffrey M. Clemm wrote: > >As an addendum to Yaron's response, I'll note that there is a proposal >that WebDAV locking is better understood as locks on URL's rather than >on resources. I am not sure I understand what "is better understood as" means here. I would like it to be the case that if I have a datastore (file system, an object oriented database, an RDBMS, whatever) that *does* support locking, I can use the WebDAV to set a lock on a resource in the datastore, and expect the lock to actually be set on the resource such that other applications accessing that very same resource likewise see the lock, even if they use a different protocol or API to do so. I may be reading more into the nuances of language than is intended, but does this mean that WebDAV locks would only be visible at the WebDAV layer (or perhaps to other protocols that also use URLs) but *not* to other protocols or APIs that were accessing the same resource? I would be very unhappy with a design change that asserted that the locks were only in some "namespace" that only affected WebDAV, or HTTP-based applications, but not the datastore itself. I would probably prefer to give up the functionality of BIND than lose the ability to set locks on underlying resources. But again, I am not sure that Geoff was actually suggesting this. regards and happy Y2K Jim From w3c-dist-auth-request@w3.org Mon Jan 3 04:34:52 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA28480 for ; Mon, 3 Jan 2000 04:34:51 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id EAA15669; Mon, 3 Jan 2000 04:23:10 -0500 (EST) Resent-Date: Mon, 3 Jan 2000 04:23:10 -0500 (EST) Resent-Message-Id: <200001030923.EAA15669@www19.w3.org> Message-ID: <00ba01bf55cc$1a312160$9a114498@us.oracle.com> From: "Eric Sedlar" To: References: <05256858.00804FA6.00@D51MTA03.pok.ibm.com> Date: Mon, 3 Jan 2000 01:22:48 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Subject: Re: Locking URIs rather than Resources Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3776 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit I think the existing proposals are kind of crufty, because there is no sensible abstraction that people can understand and expand on. They either have the yucky lock-null, or they introduce a new kind of object (a URL) that is not a resource, the "atom" (basic building block) of web applications. Here are the fundamental issues I see: 1) are the list of names in a collection logically part of the collection, or do they live in some separate space outside the domain of resources? (I'm using the word name the way jra uses "binding"--the relationship between a containing collection and a particular resource which is given a unique name within that collection). To me the answer must be that they are a part of the collection. The only type of object that can be identified within this model is a resource. You are going to have (in a real system) access control on resources, and not a separate access control model for names. There are too many concepts in the world of the web to introduce another type of object other than a resource. Every filesystem in the world stores the list of filenames as a part of the directory, and locks & access control on the directory affects all names within. Let's stick with current usage unless we have compelling reasons to deviate. 2) what kind of locks are there? IMHO, there must be two kinds of locks--name locks and resource locks. The problem with just locking a collection resource is that it is to coarse-grained--there are lots of applications that will want to just lock a single name in a collection, and resource locking every collection in a path will reduce concurrency too much. I think of this like table level and row level locks in a database--a lock on the collection is like a table level lock, locking all names (rows) in that collection. Another way to think of a name is like a fragment within the collection document. 3) what about the notion of a lock "depth"? There is no such thing. However, depth may be one way that a protocol request can specify a particular set of locks. Now that we understand that, what do we do about RFC 2518 LOCK's? (I'm using a capitalized LOCK to distinguish the RFC 2518 protocol request from name locks and resource locks). The requirements are: * a LOCK on must prevent the resource from being moved, for compatability with existing applications. * a LOCK on must prevent any changes to that resource (updates, deletes, etc.) if it exists * a LOCK token must be associated with the locked resource and URL So, it seems like that the following solution is the right abstraction: 1) add the notion of name and resource locks. A name lock applies to a single level name within a collection. A resource lock applies to the data identified by a particular URL. If that URL identifies a collection, a resource lock locks ALL of the names in that collection, and is blocked by any name lock within, and vice versa. 2) we introduce the notion of a lock "set". A lock set is a group of any number of name and resource locks. Each lock set as a single associated lock token. An RFC 2518 LOCK request applied to an existing non-collection resource will grant name locks to each name in the path from the root down to the bottom, and a resource lock on the identified resource, create a lock set from this group, and grant an identifying LOCK token. An RFC 2518 LOCK request applied to a collection will work in the same way, except that if the depth header is specified, name and resource locks will be given recursively for each contained resource. A LOCK request on a URL giving a nonexistent name in a existing collection will issue only name locks on the path elements. If the URL minus the last path element does not refer to an existing collection, the LOCK request will fail. 3) the activelocks property displays all name locks active for this collection as well as all resource locks. 4) the "locktype" property is used to distinguish between name and resource locks. If locktype "resource" is specified, only the specified resource lock is granted in that lock set. If locktype "name" is specified, the names from root to the resource are locked, if the Depth header is not specified. If the URL "/a/b/c.html" is given, negative depth values can be given to lock fractions of the path. E.g. if Depth:0 is specified, the name "c.html" is reserved in collection /a/b, but no other locks are granted. If Depth:-1 is specified, the name "b" in "/a" is also reserved (etc.) Only if locktype is not specified does the LOCK request behave as it point #2 (granting resource & name locks simoultaneously), basically for compatability with existing applications. --Eric From w3c-dist-auth-request@w3.org Mon Jan 3 11:21:28 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA03587 for ; Mon, 3 Jan 2000 11:21:27 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id LAA24099; Mon, 3 Jan 2000 11:09:55 -0500 (EST) Resent-Date: Mon, 3 Jan 2000 11:09:55 -0500 (EST) Resent-Message-Id: <200001031609.LAA24099@www19.w3.org> From: jamsden@us.ibm.com X-Lotus-FromDomain: IBMUS To: w3c-dist-auth@w3.org Message-ID: <8525685B.0058C2FD.00@d54mta03.raleigh.ibm.com> Date: Mon, 3 Jan 2000 11:07:54 -0500 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Re: Creating a lock-null in a locked collection Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3777 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Jim, WebDAV locking semantics are defined independently of the actual server implementation. If a server provides multiple protocol access to some underlying storage system, including WebDAV and say ftp, then that server is free to implement locks in such a way that both protocols are effected as long as the semantics for WebDAV locks are honored when doing WebDAV access. Jim Davis @w3.org on 01/02/2000 03:54:46 AM Sent by: w3c-dist-auth-request@w3.org To: w3c-dist-auth@w3.org cc: Subject: Re: Creating a lock-null in a locked collection At 05:33 PM 12/30/99 -0500, Geoffrey M. Clemm wrote: > >As an addendum to Yaron's response, I'll note that there is a proposal >that WebDAV locking is better understood as locks on URL's rather than >on resources. I am not sure I understand what "is better understood as" means here. I would like it to be the case that if I have a datastore (file system, an object oriented database, an RDBMS, whatever) that *does* support locking, I can use the WebDAV to set a lock on a resource in the datastore, and expect the lock to actually be set on the resource such that other applications accessing that very same resource likewise see the lock, even if they use a different protocol or API to do so. I may be reading more into the nuances of language than is intended, but does this mean that WebDAV locks would only be visible at the WebDAV layer (or perhaps to other protocols that also use URLs) but *not* to other protocols or APIs that were accessing the same resource? I would be very unhappy with a design change that asserted that the locks were only in some "namespace" that only affected WebDAV, or HTTP-based applications, but not the datastore itself. I would probably prefer to give up the functionality of BIND than lose the ability to set locks on underlying resources. But again, I am not sure that Geoff was actually suggesting this. regards and happy Y2K Jim From w3c-dist-auth-request@w3.org Mon Jan 3 13:28:23 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA05543 for ; Mon, 3 Jan 2000 13:28:22 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id NAA27012; Mon, 3 Jan 2000 13:15:45 -0500 (EST) Resent-Date: Mon, 3 Jan 2000 13:15:45 -0500 (EST) Resent-Message-Id: <200001031815.NAA27012@www19.w3.org> Message-ID: <001d01bf5616$7e60de10$9a114498@us.oracle.com> From: "Eric Sedlar" To: , References: <8525685B.0058C2FD.00@d54mta03.raleigh.ibm.com> Date: Mon, 3 Jan 2000 10:15:19 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Subject: Re: Creating a lock-null in a locked collection Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3778 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit I think the point is that if the WebDAV locking model is too strange, it will be hard to reconcile the WebDAV locking mechanism with the other locking mechanisms. Introducing new concepts like lock-null's makes it much more difficult and less intuitive to reconcile in this way. Perhaps we should discuss other locking mechanisms in filesystems and RDBMS's to validate this. My understanding is that both Windows & UNIX filesystems lock all of the names in a directory when the directory is explicitly locked (via lockf()/flock() or something similar). In Windows filesystems, this guarantees that the name cannot change since each file can be in only one directory. --Eric ----- Original Message ----- From: To: Sent: Monday, January 03, 2000 8:07 AM Subject: Re: Creating a lock-null in a locked collection > > > Jim, > WebDAV locking semantics are defined independently of the actual server > implementation. If a server provides multiple protocol access to some > underlying storage system, including WebDAV and say ftp, then that server > is free to implement locks in such a way that both protocols are effected > as long as the semantics for WebDAV locks are honored when doing WebDAV > access. > > > > > > Jim Davis @w3.org on 01/02/2000 03:54:46 AM > > Sent by: w3c-dist-auth-request@w3.org > > > To: w3c-dist-auth@w3.org > cc: > > Subject: Re: Creating a lock-null in a locked collection > > > At 05:33 PM 12/30/99 -0500, Geoffrey M. Clemm wrote: > > > >As an addendum to Yaron's response, I'll note that there is a proposal > >that WebDAV locking is better understood as locks on URL's rather than > >on resources. > > I am not sure I understand what "is better understood as" means here. > > I would like it to be the case that if I have a datastore (file system, an > object oriented database, an RDBMS, whatever) that *does* support locking, > I can use the WebDAV to set a lock on a resource in the datastore, and > expect the lock to actually be set on the resource such that other > applications accessing that very same resource likewise see the lock, even > if they use a different protocol or API to do so. > > I may be reading more into the nuances of language than is intended, but > does this mean that WebDAV locks would only be visible at the WebDAV layer > (or perhaps to other protocols that also use URLs) but *not* to other > protocols or APIs that were accessing the same resource? > > I would be very unhappy with a design change that asserted that the locks > were only in some "namespace" that only affected WebDAV, or HTTP-based > applications, but not the datastore itself. > > I would probably prefer to give up the functionality of BIND than lose the > ability to set locks on underlying resources. > > But again, I am not sure that Geoff was actually suggesting this. > > regards and happy Y2K > > Jim > > > > > > From w3c-dist-auth-request@w3.org Mon Jan 3 13:48:18 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA05925 for ; Mon, 3 Jan 2000 13:48:17 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id NAA28024; Mon, 3 Jan 2000 13:36:58 -0500 (EST) Resent-Date: Mon, 3 Jan 2000 13:36:58 -0500 (EST) Resent-Message-Id: <200001031836.NAA28024@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED0261A016@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: "'Geoffrey M. Clemm'" , w3c-dist-auth@w3.org Date: Mon, 3 Jan 2000 10:35:46 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain Subject: RE: Creating a lock-null in a locked collection Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3779 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Geoff said: "It sometimes acts like a resource (modifies the parent collection), and sometimes does not (returns a 404 when you GET it)." In HTTP, as I understand it, one sends a method to a resource identified by a URI. As such any response one gets must have come from a resource. Therefore a 404 must be issued by a resource. This is why the object model I suggested for WebDAV has the universal NULL resource that handles things such as issuing 404s. As such how can one say that because a resource issues a 404 it is not acting like a resource? Yaron > -----Original Message----- > From: Geoffrey M. Clemm [mailto:geoffrey.clemm@rational.com] > Sent: Thursday, December 30, 1999 7:35 PM > To: w3c-dist-auth@w3.org > Subject: Re: Creating a lock-null in a locked collection > > > > From: Joe Orton > > ... It just seemed slightly weird, that if you LOCK or UNLOCK a > lock-null resource, you are modifying the state of the > parent collection; > when if you do the same to a normal resource, you are not. > > Yes, that is one of the reasons I strongly object to the notion of a > "lock null resource". It sometimes acts like a resource (modifies the > parent collection), and sometimes does not (returns a 404 when you GET > it). This makes it very hard to predict what its behavior should be > whenever you extend the protocol (i.e. should it act like a resource, > or act like not a resource). For example: > > - the BIND protocol (can you "BIND" a lock null resource to > another URL?) > - the versioning protocol (do you have to checkout a > versioned collection > in order to add a lock null resource to it?) > > Cheers, > Geoff > From w3c-dist-auth-request@w3.org Mon Jan 3 15:04:04 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA06817 for ; Mon, 3 Jan 2000 15:04:04 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id OAA29699; Mon, 3 Jan 2000 14:51:08 -0500 (EST) Resent-Date: Mon, 3 Jan 2000 14:51:08 -0500 (EST) Resent-Message-Id: <200001031951.OAA29699@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619DE9@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: "'Eric Sedlar'" , w3c-dist-auth@w3.org, "'gclemm@atria.com'" Date: Mon, 3 Jan 2000 11:50:09 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Subject: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3780 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list I believe that there are too many different unstated assumptions held by members of this group for this group to be ready to deal with specific locking proposals. The fact that Geoff, Eric and RFC 2518 can come out with such different proposals helps to illustrate the issue. Rather than attempting to achieve consensus in one fell swoop by having everyone read and critique full proposals I would suggest that we start from a simpler basis. Let us first see if we can establish agreement on some very basic precepts. I will start with just one precept and see if we can get agreement on just that. Precept #1 - HTTP clients send HTTP request messages to resources that respond with HTTP response messages. Corollary #1.1 - All HTTP proposals can only be written in terms of how a resource processes a HTTP request from a HTTP client and generates a HTTP response as a result. Corollary #1.2 - HTTP requests do not necessarily have to be handled by HTTP resources. For example, it is possible to send a HTTP request with a FTP request-URI. Some HTTP proxies are set up to act as gateways that can handle translating the HTTP request into a FTP request and then translate the FTP response into a HTTP response. That is why precept #1 states "...to resources..." rather than specifying a HTTP resource. Corollary #1.3 - Since HTTP request messages can only be handled by resources which respond with HTTP response messages then even error messages such as "Not Found" must have been generated by a resource. Let's see if we can just get agreement on this single precept and its corollaries. Merci, Yaron From w3c-dist-auth-request@w3.org Mon Jan 3 16:21:00 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA07809 for ; Mon, 3 Jan 2000 16:20:59 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id QAA01353; Mon, 3 Jan 2000 16:09:43 -0500 (EST) Resent-Date: Mon, 3 Jan 2000 16:09:43 -0500 (EST) Resent-Message-Id: <200001032109.QAA01353@www19.w3.org> Message-ID: <004501bf562e$ceafdf20$9a114498@us.oracle.com> From: "Eric Sedlar" To: "Yaron Goland" Cc: References: <7DE119D3D0E15543874F7561EECBDBED02619DEA@BEG.platinum.corp.microsoft.com> Date: Mon, 3 Jan 2000 13:09:22 -0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0042_01BF55EB.C05821A0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Subject: Re: Your proposal Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3781 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This is a multi-part message in MIME format. ------=_NextPart_000_0042_01BF55EB.C05821A0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Your proposalOne problem with your qualms about properties is that we = are trying to map WebDAV data to object representation systems that do = not have functional semantics, like XML. We should define an interface = that doesn't rely on the distinction between functional interfaces and = properties for maximum implementability on various servers. (This = distinction is something may programmers have trouble with--does = everyone always bother to create accessor methods for everything? ...) = The benefit of using live properties as a representation is that object = properties are more "portable" to the other types of systems that may = want to access the same data, presumably through another means than the = HTTP protocol (which isn't particularly efficient). (Which brings me to = another unrelated issue--should there be a functional interface to = WebDAV methods for programs living in the same server as the data = repository, given the performance costs of HTTP within a single = process--more on that later). Yes you need a set of clear rules for how live properties are used, and = unless their use is rigorously controlled, you will have compatability = problems of the type you cite, but this is a problem with any loosely = written standard. I think of properties in the JavaBeans sense--in an OO language binding, = they would actually be functional interfaces to set and retrieve them, = but could be overridden to provide customized behaviour. Any JavaBeans = user has no idea whether or not this piece of data is live or not, and = this model works well. --Eric ----- Original Message -----=20 From: Yaron Goland=20 To: 'Eric Sedlar'=20 Sent: Monday, January 03, 2000 11:18 AM Subject: Your proposal Eric, I read your analysis of Geoff's proposal and was really = impressed by your deep grasp of both HTTP and WebDAV.=20 I have a series of issues with your counter-proposal but I'm going to = hold off on commenting until we can build up more of a common base for = conversation. Please see my post on the mailing list in regards to this. I did, however, want to point out a general design issue regarding = your proposal that isn't directly related to locks. In your proposal you = suggest using properties to provide various bits of protocol = information, such as which names are currently locked. I would caution = against using properties in this way, see = http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0302.html = for more details. For a history of how we ended up in this mess in the = first place see = http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0074.html = and = http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0303.html. = BTW, all of these posts are collected in the WebDAV Book of Why = available at = http://lists.w3.org/Archives/Public/w3c-dist-auth/1999JanMar/0129.html. Thanks,=20 Yaron=20 ------=_NextPart_000_0042_01BF55EB.C05821A0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Your proposal

One problem with your qualms about = properties is=20 that we are trying to map WebDAV data to object representation systems = that do=20 not have functional semantics, like XML. We should define an = interface=20 that doesn't rely on the distinction between functional interfaces and=20 properties for maximum implementability on various servers. (This=20 distinction is something may programmers have trouble with--does = everyone always=20 bother to create accessor methods for everything? ...) The = benefit=20 of using live properties as a representation is that object properties = are more=20 "portable" to the other types of systems that may want to access the = same data,=20 presumably through another means than the HTTP protocol (which isn't=20 particularly efficient). (Which brings me to another unrelated=20 issue--should there be a functional interface to WebDAV methods for = programs=20 living in the same server as the data repository, given the performance = costs of=20 HTTP within a single process--more on that later).

Yes you need a set of clear rules for = how live=20 properties are used, and unless their use is rigorously controlled, you = will=20 have compatability problems of the type you cite, but this is a problem = with any=20 loosely written standard.

I think of properties in the JavaBeans = sense--in an=20 OO language binding, they would actually be functional interfaces to set = and=20 retrieve them, but could be overridden to provide customized = behaviour. =20 Any JavaBeans user has no idea whether or not this piece of data is live = or not,=20 and this model works well.

--Eric

----- Original Message -----

From:=20 Yaron Goland

To: 'Eric=20 Sedlar'

Sent: Monday, January 03, 2000 = 11:18=20 AM

Subject: Your proposal

Eric, I read your analysis of Geoff's = proposal and=20 was really impressed by your deep grasp of both HTTP and = WebDAV.

I have a series of issues with your=20 counter-proposal but I'm going to hold off on commenting until we can = build up=20 more of a common base for conversation. Please see my post on the = mailing list=20 in regards to this.

I did, however, want to point out a = general design=20 issue regarding your proposal that isn't directly related to locks. In = your=20 proposal you suggest using properties to provide various bits of = protocol=20 information, such as which names are currently locked. I would caution = against=20 using properties in this way, see http://lists.w3.org/Archives/Public/w3c-dist-auth/1998Oct= Dec/0302.html=20 for more details. For a history of how we ended up in this mess in the = first=20 place see http://lists.w3.org/Archives/Public/w3c-dist-auth/1998Oct= Dec/0074.html=20 and http://lists.w3.org/Archives/Public/w3c-dist-auth/1998Oct= Dec/0303.html.=20 BTW, all of these posts are collected in the WebDAV Book of Why = available at=20 http://lists.w3.org/Archives/Public/w3c-dist-auth/1999Jan= Mar/0129.html.

=20 Thanks,
= =20 =20 Yaron

------=_NextPart_000_0042_01BF55EB.C05821A0-- From w3c-dist-auth-request@w3.org Mon Jan 3 18:58:30 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA09200 for ; Mon, 3 Jan 2000 18:58:30 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id SAA04545; Mon, 3 Jan 2000 18:47:26 -0500 (EST) Resent-Date: Mon, 3 Jan 2000 18:47:26 -0500 (EST) Resent-Message-Id: <200001032347.SAA04545@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619DEC@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: "'Eric Sedlar'" Cc: w3c-dist-auth@w3.org Date: Mon, 3 Jan 2000 15:45:23 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF5644.D81E20E2" Subject: RE: Your proposal Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3782 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF5644.D81E20E2 Content-Type: text/plain; charset="iso-8859-1" I wouldn't accept a blanket statement that HTTP has lousy performance. I have seen it repeatedly beat the pants off all competing systems. For example, we did a speed comparison of a super optimized SMB implementation and DAV in W2K. DAV won hands down. The reason is that SMB, like most protocols of its ilk, is unbelievably chatty. They are basically RPCs rather than protocols. DAV, on the other hand, is extremely optimized. So even though the SMB implementation could process some ridiculous number of messages per second DAV still had better performance because it sent a hell of a lot less messages. As for the use of properties, I assert that there is no difference between executing a GETLOCKEDNAME method and getting the lockedname property in terms of how you write your back end. However, the first is a hell of a lot easier to deal with in terms of specifying and extending the protocol than the second. So the issue isn't one of back end implementation, it is one of front end convenience. In other words, just say NO to live properties. Yaron -----Original Message----- From: Eric Sedlar [mailto:esedlar@us.oracle.com] Sent: Monday, January 03, 2000 1:09 PM To: Yaron Goland Cc: w3c-dist-auth@w3.org Subject: Re: Your proposal One problem with your qualms about properties is that we are trying to map WebDAV data to object representation systems that do not have functional semantics, like XML. We should define an interface that doesn't rely on the distinction between functional interfaces and properties for maximum implementability on various servers. (This distinction is something may programmers have trouble with--does everyone always bother to create accessor methods for everything? ...) The benefit of using live properties as a representation is that object properties are more "portable" to the other types of systems that may want to access the same data, presumably through another means than the HTTP protocol (which isn't particularly efficient). (Which brings me to another unrelated issue--should there be a functional interface to WebDAV methods for programs living in the same server as the data repository, given the performance costs of HTTP within a single process--more on that later). Yes you need a set of clear rules for how live properties are used, and unless their use is rigorously controlled, you will have compatability problems of the type you cite, but this is a problem with any loosely written standard. I think of properties in the JavaBeans sense--in an OO language binding, they would actually be functional interfaces to set and retrieve them, but could be overridden to provide customized behaviour. Any JavaBeans user has no idea whether or not this piece of data is live or not, and this model works well. --Eric ----- Original Message ----- From: Yaron Goland To: 'Eric Sedlar' Sent: Monday, January 03, 2000 11:18 AM Subject: Your proposal Eric, I read your analysis of Geoff's proposal and was really impressed by your deep grasp of both HTTP and WebDAV. I have a series of issues with your counter-proposal but I'm going to hold off on commenting until we can build up more of a common base for conversation. Please see my post on the mailing list in regards to this. I did, however, want to point out a general design issue regarding your proposal that isn't directly related to locks. In your proposal you suggest using properties to provide various bits of protocol information, such as which names are currently locked. I would caution against using properties in this way, see http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0302.html for more details. For a history of how we ended up in this mess in the first place see http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0074.html and http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0303.html . BTW, all of these posts are collected in the WebDAV Book of Why available at http://lists.w3.org/Archives/Public/w3c-dist-auth/1999JanMar/0129.html . Thanks, Yaron ------_=_NextPart_001_01BF5644.D81E20E2 Content-Type: text/html; charset="iso-8859-1" Your proposal

I wouldn't accept a blanket statement that HTTP has lousy performance. I have seen it repeatedly beat the pants off all competing systems.

For example, we did a speed comparison of a super optimized SMB implementation and DAV in W2K. DAV won hands down. The reason is that SMB, like most protocols of its ilk, is unbelievably chatty. They are basically RPCs rather than protocols. DAV, on the other hand, is extremely optimized. So even though the SMB implementation could process some ridiculous number of messages per second DAV still had better performance because it sent a hell of a lot less messages.

As for the use of properties, I assert that there is no difference between executing a GETLOCKEDNAME method and getting the lockedname property in terms of how you write your back end. However, the first is a hell of a lot easier to deal with in terms of specifying and extending the protocol than the second. So the issue isn't one of back end implementation, it is one of front end convenience.

In other words, just say NO to live properties.

Yaron

-----Original Message-----
From: Eric Sedlar [mailto:esedlar@us.oracle.com]
Sent: Monday, January 03, 2000 1:09 PM
To: Yaron Goland
Cc: w3c-dist-auth@w3.org
Subject: Re: Your proposal

One problem with your qualms about properties is that we are trying to map WebDAV data to object representation systems that do not have functional semantics, like XML. We should define an interface that doesn't rely on the distinction between functional interfaces and properties for maximum implementability on various servers. (This distinction is something may programmers have trouble with--does everyone always bother to create accessor methods for everything? ...) The benefit of using live properties as a representation is that object properties are more "portable" to the other types of systems that may want to access the same data, presumably through another means than the HTTP protocol (which isn't particularly efficient). (Which brings me to another unrelated issue--should there be a functional interface to WebDAV methods for programs living in the same server as the data repository, given the performance costs of HTTP within a single process--more on that later).

Yes you need a set of clear rules for how live properties are used, and unless their use is rigorously controlled, you will have compatability problems of the type you cite, but this is a problem with any loosely written standard.

I think of properties in the JavaBeans sense--in an OO language binding, they would actually be functional interfaces to set and retrieve them, but could be overridden to provide customized behaviour. Any JavaBeans user has no idea whether or not this piece of data is live or not, and this model works well.

--Eric

----- Original Message -----

From: Yaron Goland

To: 'Eric Sedlar'

Sent: Monday, January 03, 2000 11:18 AM

Subject: Your proposal

Eric, I read your analysis of Geoff's proposal and was really impressed by your deep grasp of both HTTP and WebDAV.

I have a series of issues with your counter-proposal but I'm going to hold off on commenting until we can build up more of a common base for conversation. Please see my post on the mailing list in regards to this.

I did, however, want to point out a general design issue regarding your proposal that isn't directly related to locks. In your proposal you suggest using properties to provide various bits of protocol information, such as which names are currently locked. I would caution against using properties in this way, see http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0302.html for more details. For a history of how we ended up in this mess in the first place see http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0074.html and http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0303.html. BTW, all of these posts are collected in the WebDAV Book of Why available at http://lists.w3.org/Archives/Public/w3c-dist-auth/1999JanMar/0129.html.

Thanks,
Yaron

------_=_NextPart_001_01BF5644.D81E20E2-- From w3c-dist-auth-request@w3.org Mon Jan 3 19:12:13 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA09319 for ; Mon, 3 Jan 2000 19:12:12 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id TAA05024; Mon, 3 Jan 2000 19:01:27 -0500 (EST) Resent-Date: Mon, 3 Jan 2000 19:01:27 -0500 (EST) Resent-Message-Id: <200001040001.TAA05024@www19.w3.org> Message-ID: <387139FF.100634F4@us.oracle.com> Date: Mon, 03 Jan 2000 16:08:31 -0800 From: Eric Sedlar Organization: Oracle Corporation X-Mailer: Mozilla 4.7 [en] (X11; I; SunOS 5.6 sun4u) X-Accept-Language: en MIME-Version: 1.0 To: Yaron Goland CC: w3c-dist-auth@w3.org, "'gclemm@atria.com'" References: <7DE119D3D0E15543874F7561EECBDBED02619DE9@BEG.platinum.corp.microsoft.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3783 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit Yaron, The problem with discussing abstractions like this without concrete examples is like trying to write legislation without loopholes--you don't really know if it's well written until you see its effects. My guess is that the direction you are heading in is defining a resource as the base class of all WebDAV objects capable of responding to an HTTP request. This is a good abstraction. It follows from this that an HTTP method like LOCK should not apply to a URL that does not identify a resource, since there is no resource to respond to the request, which would outlaw the lock-null approach. It might be useful to give more of an "agenda" for where this thread is going (even without filling in the details), so people can better place your discussion in context of the world of WebDAV problems. In general, however, I think that any solution to the locking problems discussed recently has to fit in some general model like the one I anticipate that Yaron will propose. However, I prefer a complete model to be laid out before me before I comment on particular precepts of the model. For example, following this level of abstraction, we should define a resource better. I would say that a resource has a set of properties, which can be represented via an XML document. Some of these properties are "live" properties, which are read-only and are set as a side effect of other methods ( for example a modification date). Attempts to set the value of a live property directly via generic property mutator method(s) (e.g. PROPPATCH, PUT, etc.) should always be ignored. A collection is a subclass of resource that has a live property containing a list of tuples including at least a name (and possibly with other values such as a resource ID associated with that name). A BIND request is treated as a method that modifies the values of the collection's name tuple list. This should all be worked into the versioning model document (http://www.ics.uci.edu/pub/ietf/webdav/versioning/model990209/), which while defining some of the functional methods available on a resource, doesn't define the properties on a resource as well as a number of the other assumptions along the lines Yaron proposes. --Eric Yaron Goland wrote: > I believe that there are too many different unstated assumptions held by > members of this group for this group to be ready to deal with specific > locking proposals. The fact that Geoff, Eric and RFC 2518 can come out with > such different proposals helps to illustrate the issue. Rather than > attempting to achieve consensus in one fell swoop by having everyone read > and critique full proposals I would suggest that we start from a simpler > basis. Let us first see if we can establish agreement on some very basic > precepts. I will start with just one precept and see if we can get agreement > on just that. > > Precept #1 - HTTP clients send HTTP request messages to resources that > respond with HTTP response messages. > > Corollary #1.1 - All HTTP proposals can only be written in terms of how a > resource processes a HTTP request from a HTTP client and generates a HTTP > response as a result. > > Corollary #1.2 - HTTP requests do not necessarily have to be handled by HTTP > resources. For example, it is possible to send a HTTP request with a FTP > request-URI. Some HTTP proxies are set up to act as gateways that can handle > translating the HTTP request into a FTP request and then translate the FTP > response into a HTTP response. That is why precept #1 states "...to > resources..." rather than specifying a HTTP resource. > > Corollary #1.3 - Since HTTP request messages can only be handled by > resources which respond with HTTP response messages then even error messages > such as "Not Found" must have been generated by a resource. > > Let's see if we can just get agreement on this single precept and its > corollaries. > > Merci, > > Yaron From w3c-dist-auth-request@w3.org Mon Jan 3 19:38:23 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA09482 for ; Mon, 3 Jan 2000 19:38:23 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id TAA06162; Mon, 3 Jan 2000 19:26:11 -0500 (EST) Resent-Date: Mon, 3 Jan 2000 19:26:11 -0500 (EST) Resent-Message-Id: <200001040026.TAA06162@www19.w3.org> Message-ID: <38713FCB.ED63D67C@us.oracle.com> Date: Mon, 03 Jan 2000 16:33:15 -0800 From: Eric Sedlar Organization: Oracle Corporation X-Mailer: Mozilla 4.7 [en] (X11; I; SunOS 5.6 sun4u) X-Accept-Language: en MIME-Version: 1.0 To: Yaron Goland CC: w3c-dist-auth@w3.org References: <7DE119D3D0E15543874F7561EECBDBED02619DEC@BEG.platinum.corp.microsoft.com> Content-Type: multipart/alternative; boundary="------------D4BB2E8C9D1D7669A2F5C3EA" Subject: Re: Your proposal Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3784 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list --------------D4BB2E8C9D1D7669A2F5C3EA Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Now we get into our areas of disagreement. * I mentioned HTTP as having lousy performance WITHIN A SINGLE PROCESS. I guarantee you that a function call is much cheaper than formatting the request into a stream, writing into a loopback socket, reading the result back, parsing it, and then the reverse. Another example is SQL access to properties of a resource. If I want to query the resource data efficiently, I need to be able to treat properties of the resource as "virtual data", not make a series of function calls on each item in the query set. If I want to write a servlet that takes an HTML form input and changes WebDAV properties, I definitely want a functional API (in Java). Everyone knows that SMB sucks and is incredibly chatty. As far as HTTP performance, it mostly depends on the amount of functionality you can pack into one request. If I have to issue a GETLOCKED name request followed by a bunch of other requests to get all of the state of a particular resource, HTTP will suck. My point was that the WebDAV model is actually bigger than HTTP--other data access systems (like SQL and XML technologies) should also be able to manipulate the data easily. * Another reason for making all information about a resource available as properties is using XSL to format an HTML page giving access to all of this data. There is a lot of support for not requiring a lot of programming (ala JSPs or ASPs) to format data within a page. * I don't understand why you think it will be easier to handle protocol extensions on the client side by using additional HTTP methods rather than resources. XML applications are used to ignoring elements that they don't care about--extensibility is one of the key wins of XML vs. traditional OO languages. It allows DOM objects to be passed around multiple areas of the system better. For example, let's say that I have some client library which implements the client side of the HTTP protocol, and allows plugins to that client to access the XML DOM for each resource. I can install a new client plugin to handle new properties that appear in that DOM, but I won't be able to extend the HTTP protocol. HTTP protocol implementation is typically at a lower level of the client or server than properties. HTTP request/response parsers are not generic technology like XML parsers are * It sounds like you are arguing against the general trend of making all of your data available via XML, which is counter to the general strategies most technology companies are following now, including Microsoft and Oracle. With your proposal, you are going to render all of the burgeoning XML technology base useless, which is why the WebDAV people built around XML in the first place. Is anyone thinking about a thin-client WebDAV implementation (HTML only) running in a browser? I should be able to do stuff like changing RSRs, manipulate directories, etc. with a web app. --Eric Yaron Goland wrote: > I wouldn't accept a blanket statement that HTTP has lousy performance. > I have seen it repeatedly beat the pants off all competing > systems. For example, we did a speed comparison of a super optimized > SMB implementation and DAV in W2K. DAV won hands down. The reason is > that SMB, like most protocols of its ilk, is unbelievably chatty. They > are basically RPCs rather than protocols. DAV, on the other hand, is > extremely optimized. So even though the SMB implementation could > process some ridiculous number of messages per second DAV still had > better performance because it sent a hell of a lot less messages.As > for the use of properties, I assert that there is no difference > between executing a GETLOCKEDNAME method and getting the lockedname > property in terms of how you write your back end. However, the first > is a hell of a lot easier to deal with in terms of specifying and > extending the protocol than the second. So the issue isn't one of back > end implementation, it is one of front end convenience.In other words, > just say NO to live properties. Yaron > > -----Original Message----- > From: Eric Sedlar [mailto:esedlar@us.oracle.com] > Sent: Monday, January 03, 2000 1:09 PM > To: Yaron Goland > Cc: w3c-dist-auth@w3.org > Subject: Re: Your proposal > > One problem with your qualms about properties is that we are > trying to map WebDAV data to object representation systems > that do not have functional semantics, like XML. We should > define an interface that doesn't rely on the distinction > between functional interfaces and properties for maximum > implementability on various servers. (This distinction is > something may programmers have trouble with--does everyone > always bother to create accessor methods for everything? > ...) The benefit of using live properties as a > representation is that object properties are more "portable" > to the other types of systems that may want to access the > same data, presumably through another means than the HTTP > protocol (which isn't particularly efficient). (Which > brings me to another unrelated issue--should there be a > functional interface to WebDAV methods for programs living > in the same server as the data repository, given the > performance costs of HTTP within a single process--more on > that later). Yes you need a set of clear rules for how live > properties are used, and unless their use is rigorously > controlled, you will have compatability problems of the type > you cite, but this is a problem with any loosely written > standard.I think of properties in the JavaBeans sense--in an > OO language binding, they would actually be functional > interfaces to set and retrieve them, but could be overridden > to provide customized behaviour. Any JavaBeans user has no > idea whether or not this piece of data is live or not, and > this model works well. --Eric > > ----- Original Message ----- > From: Yaron Goland > To: 'Eric Sedlar' > Sent: Monday, January 03, 2000 11:18 AM > Subject: Your proposal > Eric, I read your analysis of Geoff's proposal > and was really impressed by your deep grasp of > both HTTP and WebDAV. > > I have a series of issues with your > counter-proposal but I'm going to hold off on > commenting until we can build up more of a common > base for conversation. Please see my post on the > mailing list in regards to this. > > I did, however, want to point out a general design > issue regarding your proposal that isn't directly > related to locks. In your proposal you suggest > using properties to provide various bits of > protocol information, such as which names are > currently locked. I would caution against using > properties in this way, see > http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0302.html > for more details. For a history of how we ended up > in this mess in the first place see > http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0074.html > and > http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0303.html. > BTW, all of these posts are collected in the > WebDAV Book of Why available at > http://lists.w3.org/Archives/Public/w3c-dist-auth/1999JanMar/0129.html. > > Thanks, > Yaron > --------------D4BB2E8C9D1D7669A2F5C3EA Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Now we get into our areas of disagreement.

* I mentioned HTTP as having lousy performance WITHIN A SINGLE PROCESS. I guarantee you that a function call is much cheaper than formatting the request into a stream, writing into a loopback socket, reading the result back, parsing it, and then the reverse. Another example is SQL access to properties of a resource. If I want to query the resource data efficiently, I need to be able to treat properties of the resource as "virtual data", not make a series of function calls on each item in the query set. If I want to write a servlet that takes an HTML form input and changes WebDAV properties, I definitely want a functional API (in Java). Everyone knows that SMB sucks and is incredibly chatty. As far as HTTP performance, it mostly depends on the amount of functionality you can pack into one request. If I have to issue a GETLOCKED name request followed by a bunch of other requests to get all of the state of a particular resource, HTTP will suck.

My point was that the WebDAV model is actually bigger than HTTP--other data access systems (like SQL and XML technologies) should also be able to manipulate the data easily.

* Another reason for making all information about a resource available as properties is using XSL to format an HTML page giving access to all of this data. There is a lot of support for not requiring a lot of programming (ala JSPs or ASPs) to format data within a page.

* I don't understand why you think it will be easier to handle protocol extensions on the client side by using additional HTTP methods rather than resources. XML applications are used to ignoring elements that they don't care about--extensibility is one of the key wins of XML vs. traditional OO languages. It allows DOM objects to be passed around multiple areas of the system better. For example, let's say that I have some client library which implements the client side of the HTTP protocol, and allows plugins to that client to access the XML DOM for each resource. I can install a new client plugin to handle new properties that appear in that DOM, but I won't be able to extend the HTTP protocol. HTTP protocol implementation is typically at a lower level of the client or server than properties.

HTTP request/response parsers are not generic technology like XML parsers are

* It sounds like you are arguing against the general trend of making all of your data available via XML, which is counter to the general strategies most technology companies are following now, including Microsoft and Oracle. With your proposal, you are going to render all of the burgeoning XML technology base useless, which is why the WebDAV people built around XML in the first place.

Is anyone thinking about a thin-client WebDAV implementation (HTML only) running in a browser? I should be able to do stuff like changing RSRs, manipulate directories, etc. with a web app.

--Eric

Yaron Goland wrote:

I wouldn't accept a blanket statement that HTTP has lousy performance. I have seen it repeatedly beat the pants off all competing systems. For example, we did a speed comparison of a super optimized SMB implementation and DAV in W2K. DAV won hands down. The reason is that SMB, like most protocols of its ilk, is unbelievably chatty. They are basically RPCs rather than protocols. DAV, on the other hand, is extremely optimized. So even though the SMB implementation could process some ridiculous number of messages per second DAV still had better performance because it sent a hell of a lot less messages.As for the use of properties, I assert that there is no difference between executing a GETLOCKEDNAME method and getting the lockedname property in terms of how you write your back end. However, the first is a hell of a lot easier to deal with in terms of specifying and extending the protocol than the second. So the issue isn't one of back end implementation, it is one of front end convenience.In other words, just say NO to live properties.            Yaron

-----Original Message-----
From: Eric Sedlar [mailto:esedlar@us.oracle.com]
Sent: Monday, January 03, 2000 1:09 PM
To: Yaron Goland
Cc: w3c-dist-auth@w3.org
Subject: Re: Your proposal

One problem with your qualms about properties is that we are trying to map WebDAV data to object representation systems that do not have functional semantics, like XML. We should define an interface that doesn't rely on the distinction between functional interfaces and properties for maximum implementability on various servers. (This distinction is something may programmers have trouble with--does everyone always bother to create accessor methods for everything? ...) The benefit of using live properties as a representation is that object properties are more "portable" to the other types of systems that may want to access the same data, presumably through another means than the HTTP protocol (which isn't particularly efficient). (Which brings me to another unrelated issue--should there be a functional interface to WebDAV methods for programs living in the same server as the data repository, given the performance costs of HTTP within a single process--more on that later). Yes you need a set of clear rules for how live properties are used, and unless their use is rigorously controlled, you will have compatability problems of the type you cite, but this is a problem with any loosely written standard.I think of properties in the JavaBeans sense--in an OO language binding, they would actually be functional interfaces to set and retrieve them, but could be overridden to provide customized behaviour. Any JavaBeans user has no idea whether or not this piece of data is live or not, and this model works well. --Eric

----- Original Message -----

From: Yaron Goland

To: 'Eric Sedlar'

Sent: Monday, January 03, 2000 11:18 AM

Subject: Your proposal
Eric, I read your analysis of Geoff's proposal and was really impressed by your deep grasp of both HTTP and WebDAV.
I have a series of issues with your counter-proposal but I'm going to hold off on commenting until we can build up more of a common base for conversation. Please see my post on the mailing list in regards to this.
I did, however, want to point out a general design issue regarding your proposal that isn't directly related to locks. In your proposal you suggest using properties to provide various bits of protocol information, such as which names are currently locked. I would caution against using properties in this way, see http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0302.html for more details. For a history of how we ended up in this mess in the first place see http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0074.html and http://lists.w3.org/Archives/Public/w3c-dist-auth/1998OctDec/0303.html. BTW, all of these posts are collected in the WebDAV Book of Why available at http://lists.w3.org/Archives/Public/w3c-dist-auth/1999JanMar/0129.html.
                Thanks,
                                Yaron

--------------D4BB2E8C9D1D7669A2F5C3EA-- From w3c-dist-auth-request@w3.org Tue Jan 4 00:27:27 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA13782 for ; Tue, 4 Jan 2000 00:27:27 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id AAA10996; Tue, 4 Jan 2000 00:16:19 -0500 (EST) Resent-Date: Tue, 4 Jan 2000 00:16:19 -0500 (EST) Resent-Message-Id: <200001040516.AAA10996@www19.w3.org> Date: Tue, 4 Jan 2000 00:15:56 -0500 Message-Id: <10001040515.AA17718@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <4.1.20000102093420.00b4f5c0@pop.xs4all.nl> (message from Jim Davis on Sun, 02 Jan 2000 09:54:46 +0100) Subject: Re: Creating a lock-null in a locked collection Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3785 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list From: Jim Davis At 05:33 PM 12/30/99 -0500, Geoffrey M. Clemm wrote: > >As an addendum to Yaron's response, I'll note that there is a proposal >that WebDAV locking is better understood as locks on URL's rather than >on resources. I am not sure I understand what "is better understood as" means here. By this, I just meant that in order to make sense out of the locking behavior described in 2518, it is better to think of the lock as being applied to the URL (rather than to the resource identified by that URL). In a simple model where every URL identifies a different resource, this distinction is unimportant (except possibly to make sense of a "lock null resource"). In a model where two distinct URL's can identify the same resource (e.g. as a result of a BIND request), this distinction is very significant. I would like it to be the case that if I have a datastore (file system, an object oriented database, an RDBMS, whatever) that *does* support locking, I can use the WebDAV to set a lock on a resource in the datastore, and expect the lock to actually be set on the resource such that other applications accessing that very same resource likewise see the lock, even if they use a different protocol or API to do so. I agree with JimA's response, namely, that the protection of the state of a resource implied by a URL lock can be exposed and enforced for alternative protocols that access the same resources, but as Eric has pointed out, some locking semantics are much easier for current implementations to enforce. Cheers, Geoff From w3c-dist-auth-request@w3.org Tue Jan 4 04:31:16 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA26726 for ; Tue, 4 Jan 2000 04:31:15 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id EAA14111; Tue, 4 Jan 2000 04:20:17 -0500 (EST) Resent-Date: Tue, 4 Jan 2000 04:20:17 -0500 (EST) Resent-Message-Id: <200001040920.EAA14111@www19.w3.org> Date: Tue, 4 Jan 2000 10:21:15 +0100 (MET) From: Yves Lafon X-Sender: ylafon@tarantula.inria.fr To: Yaron Goland cc: "'Eric Sedlar'" , w3c-dist-auth@w3.org, "'gclemm@atria.com'" In-Reply-To: <7DE119D3D0E15543874F7561EECBDBED02619DE9@BEG.platinum.corp.microsoft.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3786 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list On Mon, 3 Jan 2000, Yaron Goland wrote: > Precept #1 - HTTP clients send HTTP request messages to resources that > respond with HTTP response messages. > > Corollary #1.1 - All HTTP proposals can only be written in terms of how a > resource processes a HTTP request from a HTTP client and generates a HTTP > response as a result. > > Corollary #1.2 - HTTP requests do not necessarily have to be handled by HTTP > resources. For example, it is possible to send a HTTP request with a FTP > request-URI. Some HTTP proxies are set up to act as gateways that can handle > translating the HTTP request into a FTP request and then translate the FTP > response into a HTTP response. That is why precept #1 states "...to > resources..." rather than specifying a HTTP resource. Hum, if you see the proxy as a HTTP resource, The HTTP resource acting as a proxy may issue an ftp request then return a HTTP response to the HTTP client", so even if it end up being a ftp request, the first HTTP request was handled by an HTTP resource. No matter how the content is generated, it always an HTTP resource that is handling an HTTP request. So Precept #1 should use "HTTP resources" and not resources. Also a resource may be at the same time an HTTP resource, and answer according to another protocol. > Corollary #1.3 - Since HTTP request messages can only be handled by > resources which respond with HTTP response messages then even error messages > such as "Not Found" must have been generated by a resource. Well if the resource can't handle HTTP request, the daemon that will ask this resource to generate an HTTP reply should return to the client an error stating that the resource doesn't support this protocol, like a Not Found with a good explanation in the body. /\ - Yves Lafon - World Wide Web Consortium - /\ / \ Architecture Domain - Jigsaw Activity Leader / \ \/\ / \ / \ http://www.w3.org/People/Lafon - ylafon@w3.org From w3c-dist-auth-request@w3.org Tue Jan 4 09:16:07 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA28597 for ; Tue, 4 Jan 2000 09:16:06 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id JAA19338; Tue, 4 Jan 2000 09:01:39 -0500 (EST) Resent-Date: Tue, 4 Jan 2000 09:01:39 -0500 (EST) Resent-Message-Id: <200001041401.JAA19338@www19.w3.org> Message-Id: <4.1.20000104140118.00b4f470@pop.xs4all.nl> X-Sender: contact@pop.lanminds.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Tue, 04 Jan 2000 14:16:48 +0100 To: w3c-dist-auth@w3.org From: Jim Davis In-Reply-To: <7DE119D3D0E15543874F7561EECBDBED02619DE9@BEG.platinum.corp .microsoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: Re: Precepts of Goland Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3787 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list At 11:50 AM 1/3/00 -0800, Yaron Goland wrote: >...Let us first see if we can establish agreement on some very basic >precepts. I will start with just one precept and see if we can get agreement >on just that... This is a good strategy to clarify the issues. But there are two things I am unclear on. First is procedural. RFC 2518 exists, and has a fixed and known set of authors. When we have discussions like this, is the underlying assumption that the conceptual model of RFC 2518 was either unclear, internally inconsistent, or mistaken (perhaps because it can't be extended to support new ideas like BIND?) another way to say this, are we trying to retroactively induce a consistent conceptual model for something that already exists, or design something for the future. Second concerns Precept #1 > >Precept #1 - HTTP clients send HTTP request messages to resources that >respond with HTTP response messages. This seems reasonable, but there is at least one alternative. Precept #1a - An HTTP client sends an HTTP request message to a server (which is a process running on a specific host at a specific port). The server interprets the URL in the request. If the URL identifies a resource, the server relays the method to the resource. If not, server interprets the method. For some methods, a 404 is issued. For others, something else happens. What that something else is depends, on a case by case basis. This precept is more complicated, but does not require the ficticious "null resource" neeed in Corollary #1.3 >Corollary #1.3 - Since HTTP request messages can only be handled by >resources which respond with HTTP response messages then even error messages >such as "Not Found" must have been generated by a resource. I have no position on whether 1a should be prefered to 1, nor do I claim that this is the only other alternative to #1. From w3c-dist-auth-request@w3.org Tue Jan 4 11:45:02 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA02115 for ; Tue, 4 Jan 2000 11:45:01 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id LAA24124; Tue, 4 Jan 2000 11:30:30 -0500 (EST) Resent-Date: Tue, 4 Jan 2000 11:30:30 -0500 (EST) Resent-Message-Id: <200001041630.LAA24124@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619DEE@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: "'Eric Sedlar'" Cc: w3c-dist-auth@w3.org, "'gclemm@atria.com'" Date: Mon, 3 Jan 2000 18:00:03 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain Subject: RE: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3788 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Actually I started down the path of trying to write a general model for WebDAV in http://lists.w3.org/Archives/Public/w3c-dist-auth/1999JulSep/0020.html but no one seemed really enthusiastic about the project. > -----Original Message----- > From: Eric Sedlar [mailto:esedlar@us.oracle.com] > Sent: Monday, January 03, 2000 4:09 PM > To: Yaron Goland > Cc: w3c-dist-auth@w3.org; 'gclemm@atria.com' > Subject: Re: Translation in the Tower of Babble > > > Yaron, > > The problem with discussing abstractions like this without > concrete examples is > like trying to write legislation without loopholes--you don't > really know if > it's well written until you see its effects. > > My guess is that the direction you are heading in is defining > a resource as the > base class of all WebDAV objects capable of responding to an > HTTP request. > This is a good abstraction. It follows from this that an > HTTP method like LOCK > should not apply to a URL that does not identify a resource, > since there is no > resource to respond to the request, which would outlaw the > lock-null approach. > > It might be useful to give more of an "agenda" for where this > thread is going > (even without filling in the details), so people can better place your > discussion in context of the world of WebDAV problems. > > In general, however, I think that any solution to the locking problems > discussed recently has to fit in some general model like the > one I anticipate > that Yaron will propose. However, I prefer a complete model > to be laid out > before me before I comment on particular precepts of the model. > > For example, following this level of abstraction, we should > define a resource > better. I would say that a resource has a set of properties, > which can be > represented via an XML document. Some of these properties are > "live" properties, which are read-only and are set as a side > effect of other > methods ( for example a modification date). Attempts to set > the value of a > live property directly via generic property mutator method(s) > (e.g. PROPPATCH, > PUT, etc.) should always be ignored. A collection is a > subclass of resource > that has a live property containing a list of tuples > including at least a name > (and possibly with other values such as a resource ID > associated with that > name). A BIND request is treated as a method that modifies > the values of the > collection's name tuple list. > > This should all be worked into the versioning model document > (http://www.ics.uci.edu/pub/ietf/webdav/versioning/model990209 /), which while defining some of the functional methods available on a resource, doesn't define the properties on a resource as well as a number of the other assumptions along the lines Yaron proposes. --Eric Yaron Goland wrote: > I believe that there are too many different unstated assumptions held by > members of this group for this group to be ready to deal with specific > locking proposals. The fact that Geoff, Eric and RFC 2518 can come out with > such different proposals helps to illustrate the issue. Rather than > attempting to achieve consensus in one fell swoop by having everyone read > and critique full proposals I would suggest that we start from a simpler > basis. Let us first see if we can establish agreement on some very basic > precepts. I will start with just one precept and see if we can get agreement > on just that. > > Precept #1 - HTTP clients send HTTP request messages to resources that > respond with HTTP response messages. > > Corollary #1.1 - All HTTP proposals can only be written in terms of how a > resource processes a HTTP request from a HTTP client and generates a HTTP > response as a result. > > Corollary #1.2 - HTTP requests do not necessarily have to be handled by HTTP > resources. For example, it is possible to send a HTTP request with a FTP > request-URI. Some HTTP proxies are set up to act as gateways that can handle > translating the HTTP request into a FTP request and then translate the FTP > response into a HTTP response. That is why precept #1 states "...to > resources..." rather than specifying a HTTP resource. > > Corollary #1.3 - Since HTTP request messages can only be handled by > resources which respond with HTTP response messages then even error messages > such as "Not Found" must have been generated by a resource. > > Let's see if we can just get agreement on this single precept and its > corollaries. > > Merci, > > Yaron From w3c-dist-auth-request@w3.org Tue Jan 4 13:02:44 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA03389 for ; Tue, 4 Jan 2000 13:02:43 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id MAA26983; Tue, 4 Jan 2000 12:49:33 -0500 (EST) Resent-Date: Tue, 4 Jan 2000 12:49:33 -0500 (EST) Resent-Message-Id: <200001041749.MAA26983@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED0261A021@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: "'Jim Davis'" , w3c-dist-auth@w3.org Date: Tue, 4 Jan 2000 09:48:27 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain Subject: RE: Precepts of Goland Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3789 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list So Spoke Jim Davis: > First is procedural. RFC 2518 exists, and has a fixed and > known set of > authors. When we have discussions like this, is the > underlying assumption > that the conceptual model of RFC 2518 was either unclear, internally > inconsistent, or mistaken (perhaps because it can't be > extended to support > new ideas like BIND?) another way to say this, are we trying to > retroactively induce a consistent conceptual model for something that > already exists, or design something for the future. > My own goal would be to establish what the object model for DAV SHOULD be. If that requires us to violate RFC 2518, so be it. That is why it is called a Proposed Standard. That means it can and will change. But, BTW, we should not be to ready to change RFC 2518. If we do we will be required, if not by IETF process then by common sense/market pressures, to make changes in such a way that RFC 2518 clients/servers can continue to operate correctly. > Precept #1a - An HTTP client sends an HTTP request message > to a server > (which is a process running on a specific host at a specific > port). The > server interprets the URL in the request. If the URL identifies a > resource, the server relays the method to the resource. If > not, server > interprets the method. For some methods, a 404 is issued. For others, > something else happens. What that something else is depends, > on a case by > case basis. > > This precept is more complicated, but does not require the > ficticious "null > resource" neeed in Corollary #1.3 > What is the difference between throwing in a new object, called a server, and describing an instance of a resource called the null resource? They are, point for point, the exact same idea. The big difference is that a null resource allows us to leverage an object model with a single object and describe behaviors with it. Talking about the server throws us into a lot of really awful questions about how an implementation is put together. What happens when a proxy is involved? What happens when I have a server farm? What about a three tier system? I generally prefer to opt for the cleanest abstraction, I believe that declaring there is one and only one object - a resource and then basing everything off that single object will be the cleanest way to go. Therefore I strongly prefer Precept #1. Yaron From w3c-dist-auth-request@w3.org Tue Jan 4 14:01:36 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA04088 for ; Tue, 4 Jan 2000 14:01:34 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id NAA29075; Tue, 4 Jan 2000 13:49:00 -0500 (EST) Resent-Date: Tue, 4 Jan 2000 13:49:00 -0500 (EST) Resent-Message-Id: <200001041849.NAA29075@www19.w3.org> From: ccjason@us.ibm.com X-Lotus-FromDomain: IBMUS To: "Eric Sedlar" cc: w3c-dist-auth@w3.org Message-ID: <8525685C.006741AD.00@D51MTA03.pok.ibm.com> Date: Tue, 4 Jan 2000 13:48:23 -0500 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Re: Creating a lock-null in a locked collection Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3790 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list >> I think the point is that if the WebDAV locking model is too strange, it will be hard to reconcile the WebDAV locking mechanism with the other locking mechanisms. Introducing new concepts like lock-null's makes it much more difficult and less intuitive to reconcile in this way. >> I agree that that was the real point in regard to LNR's. I think most of us are willing to accept that complication if there is also sufficient benefit derived from it, but based on previous discussions, it doesn't seem folks value LNR's very much. >> Perhaps we should discuss other locking mechanisms in filesystems and RDBMS's to validate this. >> Sounds good. >> My understanding is that both Windows & UNIX filesystems lock all of the names in a directory when the directory is explicitly locked (via lockf()/flock() or something similar). >> If so, that's fortunate because it's what all recent proposals have suggested. I don't think this is the case on Unix though (except by convention) because the locks there appear to be advisory. I haven't tried any *directory* locking in Windows but what you suggest sounds likely. >> In Windows filesystems, this guarantees that the name cannot change since each file can be in only one directory. >> On Linux anyone can come along and modify or delete/unlink the (f)locked resource. The (f)locks are purely advisory... but are on the resource itself. That is, the locks don't prevent operations like read/write/delete/etc... only other attempts to lock the resource. And those attempts to exclusively lock will fail no matter which filename is used to specify an already locked resource. -- FWIW, UNIX does have shared and exclusive locks. They don't have read vs. write locks... but essentially the exclusive lock is a "write" lock and the shared lock is a "read" lock by convension. Anyway, my point here is that the lock is on the resource... and the path is in no sense protected. On Windows, that's not the case. Both the resource and the URI path are locked.. but I haven't seen Windows do multiple bindings in the FS, so that may change/refine the story here. Anyone savvy in Window or Unix should feel free to correct me on any of this. All of the above is the result of both reading and testing. Jason. From w3c-dist-auth-request@w3.org Tue Jan 4 15:35:50 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA05909 for ; Tue, 4 Jan 2000 15:35:47 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id PAA01794; Tue, 4 Jan 2000 15:19:07 -0500 (EST) Resent-Date: Tue, 4 Jan 2000 15:19:07 -0500 (EST) Resent-Message-Id: <200001042019.PAA01794@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619DF1@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: "'Yves Lafon'" Cc: "'Eric Sedlar'" , w3c-dist-auth@w3.org, "'gclemm@atria.com'" Date: Tue, 4 Jan 2000 12:17:37 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain Subject: RE: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3791 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list So spoke Yves: > Hum, if you see the proxy as a HTTP resource, The HTTP > resource acting as > a proxy may issue an ftp request then return a HTTP response > to the HTTP > client", so even if it end up being a ftp request, the first > HTTP request > was handled by an HTTP resource. > No matter how the content is generated, it always an HTTP > resource that is > handling an HTTP request. > So Precept #1 should use "HTTP resources" and not resources. Also a > resource may be at the same time an HTTP resource, and answer > according to > another protocol. I think the issue here is - does the object model deal with end-to-end or hop-by-hop? That is, do we want to model a conversation between a client and server differently just because there is a proxy in the middle? If we do then I agree that we should change Precept #1 to state "HTTP resources". If not then we may want to be more vague. I suspect that we DO want to model hop-by-hop and we DO want to come up with a simple shorthand for specifying end-to-end operations where the presence or absence of proxies isn't of any relevance. Therefore I am amending Precept #1 to state "HTTP resources". > > > Corollary #1.3 - Since HTTP request messages can only be handled by > > resources which respond with HTTP response messages then > even error messages > > such as "Not Found" must have been generated by a resource. > > Well if the resource can't handle HTTP request, the daemon > that will ask > this resource to generate an HTTP reply should return to the client an > error stating that the resource doesn't support this > protocol, like a Not > Found with a good explanation in the body. > Perhaps I'm misunderstanding but I assume you are just confirming that you agree with #1.3. The resource which sent the "HTTP not supported" response is an HTTP resource. What the resource is saying is "I don't want to talk to you in HTTP." However the only way he could say that is if he supported HTTP. He is still an HTTP compliant resource and therefore it was a resource (in the object model) that generated the response. > /\ - Yves Lafon - World Wide Web Consortium - > /\ / \ Architecture Domain - Jigsaw Activity Leader > / \ \/\ > / \ / \ http://www.w3.org/People/Lafon - ylafon@w3.org > > So when the hell will Jigsaw support WebDAV?!?!? I can't figure out why, when we are completing the vision that TBL laid out in his book, that support for WebDAV from the W3C has been largely non-existent. It is very kind of the W3C to host the mailing lists and make the archives available but that is a far cry from actually embracing WebDAV. What am I missing? Has the W3C decided to invest in WebDAV and I just missed the announcement? Thanks, Yaron From w3c-dist-auth-request@w3.org Wed Jan 5 02:15:23 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA27996 for ; Wed, 5 Jan 2000 02:15:23 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id CAA14672; Wed, 5 Jan 2000 02:04:21 -0500 (EST) Resent-Date: Wed, 5 Jan 2000 02:04:21 -0500 (EST) Resent-Message-Id: <200001050704.CAA14672@www19.w3.org> Message-Id: <4.1.20000104232108.009fa820@pop.xs4all.nl> Message-Id: <4.1.20000104232108.009fa820@pop.xs4all.nl> X-Sender: contact@pop.lanminds.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Tue, 04 Jan 2000 23:28:35 +0100 To: w3c-dist-auth@w3.org From: Jim Davis In-Reply-To: <7DE119D3D0E15543874F7561EECBDBED0261A021@BEG.platinum.corp .microsoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: Precepts of Goland Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3792 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list At 09:48 AM 1/4/00 -0800, Yaron Goland wrote: >So Spoke Jim Davis: > >> Precept #1a - An HTTP client sends an HTTP request message >> to a server... >> > >What is the difference between throwing in a new object, called a server, >and describing an instance of a resource called the null resource? Well, this is just my intuition speaking, but I think many people are comfortable with the idea of a "web server" being some chunk of software that listens on a port, accepts HTTP requests, and interprets them somehow. It's a relatively familiar notion. Surely if I talk about "the Apache Web server" or Microsoft's IIS, people know roughly what I mean. I am less sure that people have an intuition about a null resource, especially since we seem to need both a "plain" null resource and a "locked null" resource. but again, this is just a hunch. Even if I am right, it could also be that that very familiarity makes it treacherous -- because t might be carrying conceptual baggage that does not belong, e.g. people might start expecting WebDAV to provide a live property that contains recent log entries or something. Rather than debate this point any further, I will be silent a while and see if anyone else has anything more principled to offer than a bare intuition. Or perhaps there is yet another Initial Precept. regards Jim From w3c-dist-auth-request@w3.org Wed Jan 5 02:23:13 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA27995 for ; Wed, 5 Jan 2000 02:15:23 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id CAA14694; Wed, 5 Jan 2000 02:04:27 -0500 (EST) Resent-Date: Wed, 5 Jan 2000 02:04:27 -0500 (EST) Resent-Message-Id: <200001050704.CAA14694@www19.w3.org> Message-Id: <4.1.20000104231923.00b5c5f0@pop.xs4all.nl> Message-Id: <4.1.20000104231923.00b5c5f0@pop.xs4all.nl> X-Sender: contact@pop.lanminds.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Tue, 04 Jan 2000 23:21:06 +0100 To: w3c-dist-auth@w3.org From: Jim Davis In-Reply-To: <7DE119D3D0E15543874F7561EECBDBED0261A021@BEG.platinum.corp .microsoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: Precepts of Goland Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3793 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list At 09:48 AM 1/4/00 -0800, Yaron Goland wrote: >So Spoke Jim Davis: > >>... are we trying to >> retroactively induce a consistent conceptual model for something that >> already exists, or design something for the future? >> >My own goal would be to establish what the object model for DAV SHOULD be. >If that requires us to violate RFC 2518, so be it. That is why it is called >a Proposed Standard. That means it can and will change. But, BTW, we should >not be too ready to change RFC 2518. If we do we will be required, if not by >IETF process then by common sense/market pressures, to make changes in such >a way that RFC 2518 clients/servers can continue to operate correctly. Great, that's just how I see it too. So on with the precepts then. From w3c-dist-auth-request@w3.org Wed Jan 5 04:53:52 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA00341 for ; Wed, 5 Jan 2000 04:53:52 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id EAA17727; Wed, 5 Jan 2000 04:41:59 -0500 (EST) Resent-Date: Wed, 5 Jan 2000 04:41:59 -0500 (EST) Resent-Message-Id: <200001050941.EAA17727@www19.w3.org> Message-ID: <00de01bf5761$0e0de8a0$9a114498@us.oracle.com> From: "Eric Sedlar" To: "Yaron Goland" Cc: , References: <7DE119D3D0E15543874F7561EECBDBED02619DEE@BEG.platinum.corp.microsoft.com> Date: Wed, 5 Jan 2000 01:41:34 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Subject: Re: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3794 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit Well the bottom line is whether or not Geoff is interested in using such a model ;-) --Eric ----- Original Message ----- From: "Yaron Goland" To: "'Eric Sedlar'" Cc: ; Sent: Monday, January 03, 2000 6:00 PM Subject: RE: Translation in the Tower of Babble > Actually I started down the path of trying to write a general model for > WebDAV in > http://lists.w3.org/Archives/Public/w3c-dist-auth/1999JulSep/0020.html but > no one seemed really enthusiastic about the project. > > > -----Original Message----- > > From: Eric Sedlar [mailto:esedlar@us.oracle.com] > > Sent: Monday, January 03, 2000 4:09 PM > > To: Yaron Goland > > Cc: w3c-dist-auth@w3.org; 'gclemm@atria.com' > > Subject: Re: Translation in the Tower of Babble > > > > > > Yaron, > > > > The problem with discussing abstractions like this without > > concrete examples is > > like trying to write legislation without loopholes--you don't > > really know if > > it's well written until you see its effects. > > > > My guess is that the direction you are heading in is defining > > a resource as the > > base class of all WebDAV objects capable of responding to an > > HTTP request. > > This is a good abstraction. It follows from this that an > > HTTP method like LOCK > > should not apply to a URL that does not identify a resource, > > since there is no > > resource to respond to the request, which would outlaw the > > lock-null approach. > > > > It might be useful to give more of an "agenda" for where this > > thread is going > > (even without filling in the details), so people can better place your > > discussion in context of the world of WebDAV problems. > > > > In general, however, I think that any solution to the locking problems > > discussed recently has to fit in some general model like the > > one I anticipate > > that Yaron will propose. However, I prefer a complete model > > to be laid out > > before me before I comment on particular precepts of the model. > > > > For example, following this level of abstraction, we should > > define a resource > > better. I would say that a resource has a set of properties, > > which can be > > represented via an XML document. Some of these properties are > > "live" properties, which are read-only and are set as a side > > effect of other > > methods ( for example a modification date). Attempts to set > > the value of a > > live property directly via generic property mutator method(s) > > (e.g. PROPPATCH, > > PUT, etc.) should always be ignored. A collection is a > > subclass of resource > > that has a live property containing a list of tuples > > including at least a name > > (and possibly with other values such as a resource ID > > associated with that > > name). A BIND request is treated as a method that modifies > > the values of the > > collection's name tuple list. > > > > This should all be worked into the versioning model document > > (http://www.ics.uci.edu/pub/ietf/webdav/versioning/model990209 > /), which while > defining some of the functional methods available on a resource, doesn't > define > the properties on a resource as well as a number of the other assumptions > along > the lines Yaron proposes. > > --Eric > > > > Yaron Goland wrote: > > > I believe that there are too many different unstated assumptions held by > > members of this group for this group to be ready to deal with specific > > locking proposals. The fact that Geoff, Eric and RFC 2518 can come out > with > > such different proposals helps to illustrate the issue. Rather than > > attempting to achieve consensus in one fell swoop by having everyone read > > and critique full proposals I would suggest that we start from a simpler > > basis. Let us first see if we can establish agreement on some very basic > > precepts. I will start with just one precept and see if we can get > agreement > > on just that. > > > > Precept #1 - HTTP clients send HTTP request messages to resources that > > respond with HTTP response messages. > > > > Corollary #1.1 - All HTTP proposals can only be written in terms of how a > > resource processes a HTTP request from a HTTP client and generates a HTTP > > response as a result. > > > > Corollary #1.2 - HTTP requests do not necessarily have to be handled by > HTTP > > resources. For example, it is possible to send a HTTP request with a FTP > > request-URI. Some HTTP proxies are set up to act as gateways that can > handle > > translating the HTTP request into a FTP request and then translate the FTP > > response into a HTTP response. That is why precept #1 states "...to > > resources..." rather than specifying a HTTP resource. > > > > Corollary #1.3 - Since HTTP request messages can only be handled by > > resources which respond with HTTP response messages then even error > messages > > such as "Not Found" must have been generated by a resource. > > > > Let's see if we can just get agreement on this single precept and its > > corollaries. > > > > Merci, > > > > Yaron > From w3c-dist-auth-request@w3.org Wed Jan 5 10:24:05 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA07530 for ; Wed, 5 Jan 2000 10:24:03 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id KAA23225; Wed, 5 Jan 2000 10:05:31 -0500 (EST) Resent-Date: Wed, 5 Jan 2000 10:05:31 -0500 (EST) Resent-Message-Id: <200001051505.KAA23225@www19.w3.org> Message-ID: <8E3CFBC709A8D21191A400805F15E0DBD24555@crte147.wc.eso.mc.xerox.com> From: "Slein, Judith A" To: "'Eric Sedlar'" , Jim Whitehead , WebDAV WG Cc: "Geoffrey M. Clemm" Date: Wed, 5 Jan 2000 10:05:11 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Subject: RE: WG Last Call: Bindings Protocol Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3795 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Thanks for your comments on the bindings spec. > -----Original Message----- > From: Eric Sedlar [mailto:esedlar@us.oracle.com] > Sent: Tuesday, December 28, 1999 1:28 AM > To: Jim Whitehead; WebDAV WG > Cc: Geoffrey M. Clemm > Subject: Re: WG Last Call: Bindings Protocol > > > This looks pretty good, as it addresses the circular > reference issue. I'd > still like to see an optional weak binding that is guaranteed > not to dangle > but that also does not affect the reference count, as I think > that is needed > when the implementor chooses not to allow circular BINDings affecting > references. When we first started talking about developing an advanced collections spec two years ago, there was a lot of discussion about different flavors of references/links/bindings that different servers might want to support. The upshot was so much confusion that we resolved not to touch issues of weak/strong and their variants. We have had to retreat from that resolve, in order to make sure clients will understand exactly what they are getting when they create a binding or a reference. But we don't want to define semantics for all the possible variants. Instead we've chosen one flavor of binding and one flavor of reference to specify, which we believe will be widely useful and which complement each other. It's quite possible that other flavors of bindings and references will be specified in the future, and of course you are welcome to write a draft specifying the sort of weak binding you are looking for. > > A couple of other comments: > > * on the security issue of revealing the set of bindings with the > dav:bindings property: I recommend some comment to the > effect that BINDings > from unreadable collections should not be readable. So, the list of > bindings in this property would only show READABLE bindings > (and thus would > be different depending on who was examining the property) We do say in Section 11: "A PROPFIND requesting DAV:bindings MUST return only those bindings that the client is authorized to see." So your suggestion is that in addition we say that if the client is not authorized to read the collection C in which a binding C:(S->R) appears, the client is also not authorized to see that value of the DAV:bindings property on the resource R. Then we could get rid of the security concern described in 16.4. Is that right? > * some comment to the effect that if the URL is a versioned > resource, and > the currently selected revision is changed, the resourceid > will not change. > (I'm assuming that is what you want.) So even though two > people might see > different data from a GET request from the same URL (because > they would get > a different revision selected), they would still have the > same resourceid. > Therefore, people should NOT use resourceid to invalidate > caches or any > other application that assumes a one to one correspondence between > resourceid and data. I think that your conclusions are all exactly correct, but I agree with Jason that it would be better to discuss ramifications for versioning in the DeltaV spec. Thanks again for your comments. --Judy From w3c-dist-auth-request@w3.org Wed Jan 5 13:07:09 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA12221 for ; Wed, 5 Jan 2000 13:07:07 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id MAA28565; Wed, 5 Jan 2000 12:54:00 -0500 (EST) Resent-Date: Wed, 5 Jan 2000 12:54:00 -0500 (EST) Resent-Message-Id: <200001051754.MAA28565@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED0261A043@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: "'Eric Sedlar'" Cc: w3c-dist-auth@w3.org, gclemm@atria.com Date: Wed, 5 Jan 2000 09:53:01 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Subject: RE: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3796 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list A'int that the truth. Although I'm now in negotiations for a new position at MS that would allow me to return my attentions to WebDAV. So Geoff, don't get too comfy. =) Yaron > -----Original Message----- > From: Eric Sedlar [mailto:esedlar@us.oracle.com] > Sent: Wed, January 05, 2000 1:42 AM > To: Yaron Goland > Cc: w3c-dist-auth@w3.org; gclemm@atria.com > Subject: Re: Translation in the Tower of Babble > > > Well the bottom line is whether or not Geoff is interested in > using such a > model ;-) > > --Eric > > ----- Original Message ----- > From: "Yaron Goland" > To: "'Eric Sedlar'" > Cc: ; > Sent: Monday, January 03, 2000 6:00 PM > Subject: RE: Translation in the Tower of Babble > > > > Actually I started down the path of trying to write a > general model for > > WebDAV in > > > http://lists.w3.org/Archives/Public/w3c-dist-auth/1999JulSep/0 > 020.html but > > no one seemed really enthusiastic about the project. > > > > > -----Original Message----- > > > From: Eric Sedlar [mailto:esedlar@us.oracle.com] > > > Sent: Monday, January 03, 2000 4:09 PM > > > To: Yaron Goland > > > Cc: w3c-dist-auth@w3.org; 'gclemm@atria.com' > > > Subject: Re: Translation in the Tower of Babble > > > > > > > > > Yaron, > > > > > > The problem with discussing abstractions like this without > > > concrete examples is > > > like trying to write legislation without loopholes--you don't > > > really know if > > > it's well written until you see its effects. > > > > > > My guess is that the direction you are heading in is defining > > > a resource as the > > > base class of all WebDAV objects capable of responding to an > > > HTTP request. > > > This is a good abstraction. It follows from this that an > > > HTTP method like LOCK > > > should not apply to a URL that does not identify a resource, > > > since there is no > > > resource to respond to the request, which would outlaw the > > > lock-null approach. > > > > > > It might be useful to give more of an "agenda" for where this > > > thread is going > > > (even without filling in the details), so people can > better place your > > > discussion in context of the world of WebDAV problems. > > > > > > In general, however, I think that any solution to the > locking problems > > > discussed recently has to fit in some general model like the > > > one I anticipate > > > that Yaron will propose. However, I prefer a complete model > > > to be laid out > > > before me before I comment on particular precepts of the model. > > > > > > For example, following this level of abstraction, we should > > > define a resource > > > better. I would say that a resource has a set of properties, > > > which can be > > > represented via an XML document. Some of these properties are > > > "live" properties, which are read-only and are set as a side > > > effect of other > > > methods ( for example a modification date). Attempts to set > > > the value of a > > > live property directly via generic property mutator method(s) > > > (e.g. PROPPATCH, > > > PUT, etc.) should always be ignored. A collection is a > > > subclass of resource > > > that has a live property containing a list of tuples > > > including at least a name > > > (and possibly with other values such as a resource ID > > > associated with that > > > name). A BIND request is treated as a method that modifies > > > the values of the > > > collection's name tuple list. > > > > > > This should all be worked into the versioning model document > > > (http://www.ics.uci.edu/pub/ietf/webdav/versioning/model990209 > > /), which while > > defining some of the functional methods available on a > resource, doesn't > > define > > the properties on a resource as well as a number of the > other assumptions > > along > > the lines Yaron proposes. > > > > --Eric > > > > > > > > Yaron Goland wrote: > > > > > I believe that there are too many different unstated > assumptions held by > > > members of this group for this group to be ready to deal > with specific > > > locking proposals. The fact that Geoff, Eric and RFC 2518 > can come out > > with > > > such different proposals helps to illustrate the issue. > Rather than > > > attempting to achieve consensus in one fell swoop by > having everyone > read > > > and critique full proposals I would suggest that we start > from a simpler > > > basis. Let us first see if we can establish agreement on > some very basic > > > precepts. I will start with just one precept and see if we can get > > agreement > > > on just that. > > > > > > Precept #1 - HTTP clients send HTTP request messages to > resources that > > > respond with HTTP response messages. > > > > > > Corollary #1.1 - All HTTP proposals can only be written > in terms of how > a > > > resource processes a HTTP request from a HTTP client and > generates a > HTTP > > > response as a result. > > > > > > Corollary #1.2 - HTTP requests do not necessarily have to > be handled by > > HTTP > > > resources. For example, it is possible to send a HTTP > request with a FTP > > > request-URI. Some HTTP proxies are set up to act as > gateways that can > > handle > > > translating the HTTP request into a FTP request and then > translate the > FTP > > > response into a HTTP response. That is why precept #1 > states "...to > > > resources..." rather than specifying a HTTP resource. > > > > > > Corollary #1.3 - Since HTTP request messages can only be > handled by > > > resources which respond with HTTP response messages then > even error > > messages > > > such as "Not Found" must have been generated by a resource. > > > > > > Let's see if we can just get agreement on this single > precept and its > > > corollaries. > > > > > > Merci, > > > > > > Yaron > > > From w3c-dist-auth-request@w3.org Wed Jan 5 15:29:11 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA15499 for ; Wed, 5 Jan 2000 15:29:08 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id PAA03648; Wed, 5 Jan 2000 15:14:36 -0500 (EST) Resent-Date: Wed, 5 Jan 2000 15:14:36 -0500 (EST) Resent-Message-Id: <200001052014.PAA03648@www19.w3.org> Message-ID: <003f01bf57b9$a31609c0$79442382@us.oracle.com> From: "Eric Sedlar" To: "Slein, Judith A" , "Jim Whitehead" , "WebDAV WG" Cc: "Geoffrey M. Clemm" References: <8E3CFBC709A8D21191A400805F15E0DBD24555@crte147.wc.eso.mc.xerox.com> Date: Wed, 5 Jan 2000 12:15:40 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: Re: WG Last Call: Bindings Protocol Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3797 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit Responses are inlined... ----- Original Message ----- From: Slein, Judith A To: 'Eric Sedlar' ; Jim Whitehead ; WebDAV WG Cc: Geoffrey M. Clemm Sent: Wednesday, January 05, 2000 7:05 AM Subject: RE: WG Last Call: Bindings Protocol [snip] > > We do say in Section 11: > > "A PROPFIND requesting DAV:bindings MUST return only those bindings that the > client is authorized to see." > > So your suggestion is that in addition we say that if the client is not > authorized to read the collection C in which a binding C:(S->R) appears, the > client is also not authorized to see that value of the DAV:bindings property > on the resource R. Then we could get rid of the security concern described > in 16.4. Is that right? > Right. > > * some comment to the effect that if the URL is a versioned > > resource, and > > the currently selected revision is changed, the resourceid > > will not change. > > (I'm assuming that is what you want.) So even though two > > people might see > > different data from a GET request from the same URL (because > > they would get > > a different revision selected), they would still have the > > same resourceid. > > Therefore, people should NOT use resourceid to invalidate > > caches or any > > other application that assumes a one to one correspondence between > > resourceid and data. > > I think that your conclusions are all exactly correct, but I agree with > Jason that it would be better to discuss ramifications for versioning in the > DeltaV spec. > I still think it would be useful to have a reference in the Binding spec, even if you move the discussion to the DeltaV spec. --Eric From w3c-dist-auth-request@w3.org Wed Jan 5 19:02:41 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA18508 for ; Wed, 5 Jan 2000 19:02:41 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id SAA09478; Wed, 5 Jan 2000 18:50:28 -0500 (EST) Resent-Date: Wed, 5 Jan 2000 18:50:28 -0500 (EST) Resent-Message-Id: <200001052350.SAA09478@www19.w3.org> From: ccjason@us.ibm.com X-Lotus-FromDomain: IBMUS To: Yaron Goland cc: "'Eric Sedlar'" , w3c-dist-auth@w3.org, gclemm@atria.com Message-ID: <8525685D.0082C9B5.00@D51MTA03.pok.ibm.com> Date: Wed, 5 Jan 2000 18:49:10 -0500 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Subject: RE: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3798 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list > Well the bottom line is whether or not Geoff is interested in > using such a > model ;-) A model would be good. The document that Yaron originally came up with was in conflict with the bindings document that was almost finished and that everyone basically seemed comfortable with. A revised and debugged model document would be a good thing. From w3c-dist-auth-request@w3.org Wed Jan 5 23:37:20 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA22694 for ; Wed, 5 Jan 2000 23:37:19 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id XAA15046; Wed, 5 Jan 2000 23:25:40 -0500 (EST) Resent-Date: Wed, 5 Jan 2000 23:25:40 -0500 (EST) Resent-Message-Id: <200001060425.XAA15046@www19.w3.org> Date: Wed, 5 Jan 2000 23:25:29 -0500 Message-Id: <10001060425.AA18642@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <7DE119D3D0E15543874F7561EECBDBED0261A043@BEG.platinum.corp.microsoft.com> (message from Yaron Goland on Wed, 5 Jan 2000 09:53:01 -0800) Subject: Re: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3799 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list From: Eric Sedlar [mailto:esedlar@us.oracle.com] Well the bottom line is whether or not Geoff is interested in using such a model ;-) From: Yaron Goland A'int that the truth. Although I'm now in negotiations for a new position at MS that would allow me to return my attentions to WebDAV. So Geoff, don't get too comfy. =) Well, I'm far more interested in getting it right than being comfortable (:-), so I'm all for any change that increases Yaron's participation. Now, as for the object model. I am an enthusiastic supporter of the creation of an object model, and support most of Yaron's first pass at such a beast (except for the semantics of DELETE). In fact, his model clearly illustrates (to me, anyway :-) the problems associated with trying to postulate a "null resource" that handles methods applied to URL's that are not bound to a "real" resource. For example, consider the PUT method. Yaron models this as: PUT(N,G): R = NR(N); If (R != NULL) { R.GET = G; // Future responses to GET will be G return; } R' = R.CreateNewResource(); NR(N) = R'; R'.GET = G; return; Note that this is not modeled as functions on resources, but rather as a computation being performed by some other entity (I'll call it a "server") that has the key piece of data, "NR", which defines the current name-to-resource mapping defined by that server. But to be fair, we should examine whether this function could be recast as a function on the current resource identified by that URL. I'm willing to let the "R = NR(N)" slide, and agree that could be modeled as the implicit dereferencing of a name that is automagically performed before any request is "handled". The "If" statement could be just a placeholder for a type dispatch, and then the R.GET=G is clearly a method on the resource, so we're fine until then. But then we get to the case where the method is being handled by the "null resource" (R == NULL). Having "CreateNewResource" as a method on R is somewhat suspect, but I probably could live with that. It's the next line, "NR(N) = R", that illustrates the problem. Where did NR come from? My answer would just be that the PUT method is really being handled by the *server* (which has an "NR" feature), and is only dispatched to a resource when there already is a resource bound to the specified name. The DELETE method is also clearly handled by the object that owns the NR map (i.e. what I'm calling the server). Here, I'll use my definition of DELETE (but the same argument applies to Yaron's definition): DELETE(N): If (NR(N) == NULL) { error("no resource at specified URL"); return; } NR(N) = NULL; return; Again, DELETE is a method that is handled by the server (i.e. the object that owns the NR attribute), not by the resource currently bound to the specified URL. As Jason points out though, Yaron's initial model (which I think is a good model for HTTP, and so I'll call it "the HTTP model") does not adequately model the collection semantics of WebDAV. To do so, we have to supplement the "NR" feature of a server with the "bindings" feature of a collection. Since this is probably a separate thread, I'll address this in a subsequent message. Cheers, Geoff From w3c-dist-auth-request@w3.org Thu Jan 6 00:05:12 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA22941 for ; Thu, 6 Jan 2000 00:05:11 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id XAA15881; Wed, 5 Jan 2000 23:53:57 -0500 (EST) Resent-Date: Wed, 5 Jan 2000 23:53:57 -0500 (EST) Resent-Message-Id: <200001060453.XAA15881@www19.w3.org> Date: Wed, 5 Jan 2000 23:53:48 -0500 Message-Id: <10001060453.AA18659@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <7DE119D3D0E15543874F7561EECBDBED02619DF1@BEG.platinum.corp.microsoft.com> (message from Yaron Goland on Tue, 4 Jan 2000 12:17:37 -0800) Subject: Re: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3800 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list From: Yaron Goland Corollary #1.3 - Since HTTP request messages can only be handled by resources which respond with HTTP response messages then even error messages such as "Not Found" must have been generated by a resource. Well if the resource can't handle HTTP request, the daemon that will ask this resource to generate an HTTP reply should return to the client an error stating that the resource doesn't support this protocol, like a Not Found with a good explanation in the body. Perhaps I'm misunderstanding but I assume you are just confirming that you agree with #1.3. The resource which sent the "HTTP not supported" response is an HTTP resource. What the resource is saying is "I don't want to talk to you in HTTP." However the only way he could say that is if he supported HTTP. He is still an HTTP compliant resource and therefore it was a resource (in the object model) that generated the response. For me, saying that "every resource must be an HTTP resource so that it at least can say that it doesn't understand HTTP requests" is another result of trying to eliminate the concept of a "server" (what Yves calls a "daemon") from the model. I believe a simpler (and more intuitive) model is to just say that there is a server, and if the server sees that a resource at a URL is not an HTTP resource, it returns an "HTTP not supported" response. This is the same server object that owns the NR (name-to-resource) mapping data. Cheers, Geoff From w3c-dist-auth-request@w3.org Thu Jan 6 00:32:15 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA23314 for ; Thu, 6 Jan 2000 00:32:13 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id AAA16729; Thu, 6 Jan 2000 00:20:48 -0500 (EST) Resent-Date: Thu, 6 Jan 2000 00:20:48 -0500 (EST) Resent-Message-Id: <200001060520.AAA16729@www19.w3.org> Date: Thu, 6 Jan 2000 00:20:42 -0500 From: gclemm@atria.com (Geoffrey M. Clemm) Message-Id: <10001060520.AA18685@tantalum> To: w3c-dist-auth@w3.org Subject: Re: WG Last Call: Bindings Protocol Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3801 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list > From: "Eric Sedlar" > > * some comment to the effect that if the URL is a versioned resource, and > the currently selected revision is changed, the resourceid will not change. > (I'm assuming that is what you want.) So even though two people might see > different data from a GET request from the same URL (because they would get > a different revision selected), they would still have the same resourceid. > Therefore, people should NOT use resourceid to invalidate caches or any > other application that assumes a one to one correspondence between > resourceid and data. Yes, I believe that is what we want, and will insert some wording of this kind in the versioning protocol (unless anyone objects). I agree with Judy that this is better placed in the versioning protocol document, since resourceid's are likely to matter and be understood by anyone reading the versioning document (we have various id's), while the notion of a revision and a versioned resource is much less likely to be matter or be understood by someone reading the bindings document. Cheers, Geoff From w3c-dist-auth-request@w3.org Thu Jan 6 12:57:37 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA18230 for ; Thu, 6 Jan 2000 12:57:34 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id MAA05791; Thu, 6 Jan 2000 12:44:45 -0500 (EST) Resent-Date: Thu, 6 Jan 2000 12:44:45 -0500 (EST) Resent-Message-Id: <200001061744.MAA05791@www19.w3.org> From: ccjason@us.ibm.com X-Lotus-FromDomain: IBMUS To: w3c-dist-auth@w3.org Message-ID: <8525685E.0061610F.00@D51MTA03.pok.ibm.com> Date: Thu, 6 Jan 2000 12:44:09 -0500 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Re: Translation in the Tower of Babble Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3802 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list For me, saying that "every resource must be an HTTP resource so that it at least can say that it doesn't understand HTTP requests" is another result of trying to eliminate the concept of a "server" (what Yves calls a "daemon") from the model. I believe a simpler (and more intuitive) model is to just say that there is a server, and if the server sees that a resource at a URL is not an HTTP resource, it returns an "HTTP not supported" response. This is the same server object that owns the NR (name-to-resource) mapping data. Based on what I've seen so far, I tend to agree. I can understand NR() returning NULL (not that I think that NR() should be the basis of the model), but I don't feel that we can say that it's a "NULL resource". I think we should also determine if we should be formally declare that a collection is fundamentally different than a non-collection... or just a matter of having or not having children. I'd also like to say, that in some ways I like EricS's "model". There are a bunch of things that I don't like or feel need to be cleaned up (if possible), but he has presented a way to achieve the LNR functionality without actually having null resources. His model also achieves URI protection without talking about the namespace. I've sent Eric a note with my reservations. Hopefully he'll be presenting an improved version of his model here. Finally, it was LOCKING that kicked off this renewed discussion of our model. It's not clear to me if the model should drive the locking proposal... or if the locking proposal should drive it. Or if they really need to affect each other at all at this point. I certainly wouldn't want to delay progress on locking if we don't need to. Jason. From w3c-dist-auth-request@w3.org Thu Jan 6 18:23:13 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24890 for ; Thu, 6 Jan 2000 18:23:11 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id SAA16469; Thu, 6 Jan 2000 18:09:20 -0500 (EST) Resent-Date: Thu, 6 Jan 2000 18:09:20 -0500 (EST) Resent-Message-Id: <200001062309.SAA16469@www19.w3.org> Date: Thu, 6 Jan 2000 18:08:50 -0500 Message-Id: <10001062308.AA19169@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org Subject: Anomaly in the DAV:prop element usage Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3803 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list In rfc2518, the example of propfind in 8.1.1 issues a PROPFIND request with a DAV:prop element of the form: It is very likely that this violates at least some of the element definitions for R:bigbox, R:author, R:DingALing, and R:Random. I have gone to some trouble to avoid this kind of element definition violation in the versioning spec, but since it didn't bother the authors of 2518, should I not let it bother me? As was pointed out in an earlier thread, there are other reasons why WebDAV XML will be rejected by validating parsers ... Cheers, Geoff From w3c-dist-auth-request@w3.org Thu Jan 6 18:32:34 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA25125 for ; Thu, 6 Jan 2000 18:32:33 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id SAA17224; Thu, 6 Jan 2000 18:21:17 -0500 (EST) Resent-Date: Thu, 6 Jan 2000 18:21:17 -0500 (EST) Resent-Message-Id: <200001062321.SAA17224@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619DFD@BEG.platinum.corp.microsoft.com> From: =?utf-8?B?WWFyb24gR29sYW5k?= To: =?utf-8?B?R2VvZmZyZXkgTS4gQ2xlbW0=?= , w3c-dist-auth@w3.org Date: Thu, 6 Jan 2000 15:20:12 -0800 X-MS-TNEF-Correlator: <7DE119D3D0E15543874F7561EECBDBED02619DFD@BEG.platinum.corp.microsoft.com> MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/mixed; boundary="----_=_NextPart_000_01BF589C.B513D402" Subject: =?utf-8?B?UkU6IEFub21hbHkgaW4gdGhlIERBVjpwcm9wIGVsZW1lbnQgdXNh?= =?utf-8?B?Z2U=?= Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3804 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_000_01BF589C.B513D402 Content-Type: text/plain; charset="utf-8" I wouldn't worry about this issue at all. Any element used inside of a prop element must be a WebDAV property and hence must be defined using WebDAV rules. Yaron -----Original Message----- From: Geoffrey M. Clemm Sent: 1/6/2000 3:08 PM To: w3c-dist-auth@w3.org Cc: Subject: Anomaly in the DAV:prop element usage In rfc2518, the example of propfind in 8.1.1 issues a PROPFIND request with a DAV:prop element of the form: It is very likely that this violates at least some of the element definitions for R:bigbox, R:author, R:DingALing, and R:Random. I have gone to some trouble to avoid this kind of element definition violation in the versioning spec, but since it didn't bother the authors of 2518, should I not let it bother me? As was pointed out in an earlier thread, there are other reasons why WebDAV XML will be rejected by validating parsers ... Cheers, Geoff ------_=_NextPart_000_01BF589C.B513D402 Content-Type: application/ms-tnef Content-Transfer-Encoding: base64 eJ8+IggXAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEFgAMADgAAANAHAQAGAA8A FAAMAAQAEQEBCYABACEAAABCQzY1NTFDOTlBQzhBQjRGOEE2NTM0NTg0NzJCMUEyMwAyBwEggAMA DgAAANAHAQAGAA8AFQAGAAQADAEBDYAEAAIAAAACAAIAAQOQBgA8EQAALgAAAEAAOQDQmACVnFi/ AR8AMUABAAAADgAAAFkAQQBSAE8ATgBHAAAAAAADABpAAAAAAB8AMEABAAAADgAAAFkAQQBSAE8A TgBHAAAAAAADABlAAAAAAB8ASQABAAAATAAAAEEAbgBvAG0AYQBsAHkAIABpAG4AIAB0AGgAZQAg AEQAQQBWADoAcAByAG8AcAAgAGUAbABlAG0AZQBuAHQAIAB1AHMAYQBnAGUAAABAAE4AAO0K/ppY vwEfAFoAAQAAACQAAABHAGUAbwBmAGYAcgBlAHkAIABNAC4AIABDAGwAZQBtAG0AAAADAB1AAAAA AB8AcAABAAAATAAAAEEAbgBvAG0AYQBsAHkAIABpAG4AIAB0AGgAZQAgAEQAQQBWADoAcAByAG8A cAAgAGUAbABlAG0AZQBuAHQAIAB1AHMAYQBnAGUAAAACAXEAAQAAABsAAAABv1ibKEULizf2xIkR 07TtAFCLLNjlAABQZ0YAHwB0AAEAAAAqAAAAdwAzAGMALQBkAGkAcwB0AC0AYQB1AHQAaABAAHcA MwAuAG8AcgBnAAAAAAACAQkQAQAAAMYKAADCCgAACS0AAExaRnWhcWNbAwAKAHJjcGcxMjWCMgND aHRtbDEDMD8BAwH3CoACpAPjAgBjaMEKwHNldDAgBxMCgP8QAwBQBFYIVQeyEdUOUQMB3RDXMgYA BsMR1TMERhDZbxLrEeMI7wn3OxjPDjA1OxHSDGBjAFALCQFkMzaTEWALpTQgEAIqXA6yvQGQZxTw CqMR4x3oNBTwADwhRE9DVFlQAEUgSFRNTCBQAFVCTElDICItIC8vVzNDIYBEVCJEIJQzLjIhgEVO nCI+Hu0ejyPBMTgf8G8goiMPJB8mkDMdgCVwRXxBRCXNDvEm7ylvJPQ2QQ7wPE1FVEEHsEExLGA9 IkcJ8ASQYXRFBbAiEtBPTlQi0FQTLPAF4UV4EPFuZ2U9BlJ2EzEvQQCQAiAgNoAuMC40MTcxMBAn Iv4qzyUDNzcf8FRJuFRMRSXOMEARcG4DcYhseSALgCB0aC7wIERBVjpwA2BwIBhlbGUHgAIwIHVz 1SaQZSRuNR/wLzNPMX+/JkU0kTgwKE8mnzwENRFg4DxCT0RZO30c8TyfiGc5Nh/wRElWO3B7O+MA ISAAAEEVEWA7uTZGNED/QgJJIHcIYGyYZG4nBUBEgHJyNSD/AaAIYAVANXAEADUwBBAKUOdFYAVA B0BsLjSxNSA2SE8JgDUxAJABACBvQXBh/iA18zocPzVDJwMwQbc2RhZtNsAFQGJGYSBXZa5iNbFI wwSQdEVRbkfw+TWAbmMu8Ew2AQELgEfhezbAC4BnTMZJL0o/QdVy+0SgB5AuO7kBwEMXCqJDF/sK cSR8MCgRIeBAy1TYHZy/Py9AP0FPQl9bTjubOB2AYCZuYnNwAoBdJ1z8J2EBQFu/U79Uz1XfVu// Xg9ZD1ofXU9cP2k/Xl9fb/9ge2x/bY9un2+vcL9xz3Lf/3PvdP92D3cfeC95P3pPe1//fG99f36P f5+Ar4G/gs+D3/+E74X/hw+IH4kvij+LT4xf/41vjn+Pj5Cfka+Sv5PPlN9/le+W/5gPmR9qA1A/ Z2NZ/wrAAiBhT2JfY29kf2WPZp8LZ6894EwgMEtRVU/jLfBO4GlyPTwgBcBMUAZ5NlAuMUFSR0lO EC1SSUcgoDogMPxweCLxm+gKsRACp3EKsfOqYhDwXHEDIaOfpK8fOY+dMaVfaKNGoWlnbqdg/wFx pyZo+6tCqn9pz2rfszetshBpHNIkfDQlUUYt0emnoGl6p/AyaPsL4ksJ6i254k8FEGcLgAdABdD/ B5A20rnjnV9RT6ufmwWufvYxLBA90VKpSrAALTAKga+9n5r2PeBo+2JLCUYDYbY6rqwf4S/DaqN5 IC0Qq0iAA1BlNSBNRuBDNlH+bbZNwD/BT8Jfw2+zNwZgDwIwxU/GX5zXMS82LycB0NIAInA6MCVQ UE3/u4+8n8ufvr/Jj8qf1O/MvznEDlRvzw/QH5zXdzNMYy2nMExQLWFFoGj6QN8ALgWwT7DWj9ef 2K/n2b/az7NkQ2PcX91vnN8f4N/h7+L/5A/N3nViav8FkM7/5y/oODTG0s/T3+tv/9X3NU82Wujf 6e/q//fv+P/r+g8k1jVokS+3cvA/YP//n8+g36Hv/1/6nx/h+9yqA78FD6yPrZ87m7RwH/BQBu+/ tUm0v7XPtt+377j9SfXwLnIWgBsAJUAs9gNleHxhbRwQSGNI0k8RR/Ig/DguMHA68EYjRgBIsPIv B/M/CC/V91BST1BG/ahgRP2//s/oH/sP/B8Yn28QLxE/uP3IQHEWMUTxaf/2EEyh9l9IgfYSFp8X ryBP/dX3Zi2AxT0br8b+AW8Cdf8MbyjPAPTv8QwxCJ8Jrwq//wvPDm8PfyGfIq8wL5r/nA//Ot87 7zz/Pg8/H0AvQT9CT68dT0RVM+BFCTz/6ET2hMJ4KDBuczpSqADr39ZBMuRSEGjIQGaoACgQQHRw Oi8vd0ygLhEqcG8uYi/QL2JvTHhzqxAl4GEvqTp71zpgFSAlwGQzcmZPIPXgASSQe0hZUEVSTJmo YEsgTC9NPH19OgEJTyByczPgXGNmMfxcdataUL9NSixfDcoE/03vakEe8EovJmdHyj7/WB8rPyxP Rl+eJylP1m8er/8fvzefOK85v2S/RH9Fj2if/2mvar9rz2zfbe9u/3APcR//ci9zP3RPdV92b3d/ eI95n/96r3u/fM9930XvX99g74PPY0evAAZSOmK6UE1hL/+FD1svfy9dT15fHZ9i/2QP/2UfZiNL ZWZ/Z4+IL4Cvft//lO+V/5cPmB+ZL5o/m0+cX/+db55/n4+gn6Gvor+jz6Tf/6Xvpv+oD6kfqi+N L4MvhD//hU+GX4dj35LgEIgfiS+rH/+LT4xfjW+Of4+PkJ+Rr5K//5PPq9+s78AfwS/CP8NPxF// xW/Gf8ePyJ/Jr8q/y8/M3//N787/0A/RH9Iv0z/UT9VfP9Zvrl+vb7B/sY+ynzpE8RVwZ0FM38G0 H7Uv1x//t0+4X7lvun+7j7yfva++v/+/z9ff2O/sT+1f7m/vf/CP//Gf8q/zv/TP9d/27/f/+Q// +h/7L/w//U/+X/9vAH8Bj38Cn9pf22/cf92P3p9J8GH5FUBvbeBP4V8DT+N/5I//5Z/mr+e/6M9m H+tfFG8Ef/8FjxhPGV8abxt/HI8dnx6vvx+/EY8HjwifCa8Kvy9JNP8mbw1vII8PjxCfS7Antkti 31gIFAgkwxQPM6Y3WZI1occRy1dRJO9nMjQjsSZNPjZLETMBFrlW6BPAMzYPFK8VvxbP3xZJdCBp gHMgdmVyeSATwO5rTxA80LPQYTxQs9A8cmhpb2w9gGU8gD2BbBxlYU/QOhAMIGUgb/9IYLPQP1Aj 7zRCJ7cXryWb408QTcBlbnQr/y0PEQ8/Eh8TL0HvOT86TxdtZGWxTvBuaXQ+EE/AIFUQ++pgh5Ys s4dPAD/vQP9Jj98l19+ZTwAL8Qu3LkQfRS//Lh8vLzA/Ub8yXzNvNH81j782nzevSf9LD0wfO+Ug PXCZPKAgZ04AP1B0bz8UcnQpMHViPsBmImWgb/ZpVHA9s2tJAFRwP3FDpf9Pv1DPWp8lyE2IVS9W P0Y//0dPSF9rH2JvY38XbT4ETfH/PGB3YD+iPKF0wE4A38F0sGhwZWNPAGJPUHSxbv5jP89qD3LP JblN0E1wZ5D8bic8UIfgP6HqYD+hbX//bo9vn3Cvcb97r3PfdO8XbYeztDyAP3EyNTE4TwCyc7Pg dWxUcGVwbn4Qfz6xaP96n4P/fLx+BT9AP1cpbyIPIxtBPIB3PuAg9nBngEPwZWhBT1B+r3+//4DP gd+C74w/hQ+GHxdtd4H/C/BogOpQl7B+QYo/i0+YT+sl17PQcj7QZE8AfiI/UD/qUD9RfiOhAT8g ThF3aAE80FdlYkRBViCIWE1MkdBpbGx48P9+n5PflO+V/5cPnx/pP+pPt5rf3zShAGp4wJJiYjzQ dHZhqSBkdyF4cV1hc/l4ASAusBCkT6VfV09YX/9Zb6mPW49cn12vXr9fz2Dfb6ovmc+sv980Qz+w eAEs/7BPsV+mb6d/qI+1r72Pvp/pF21HZT9wZsEPwh/DLz+df7M/tE+1X7ZvuMwxMAG68S9CTE9D S1HwVU9URcw/0b+4T9cPjc3nNasR1HBPRFm3bZfS4NjPuYE3y8FIVKOgBcUgfd2AAAAfAEcQAQAA AB4AAABtAGUAcwBzAGEAZwBlAC8AcgBmAGMAOAAyADIAAAAAAAMAJgAAAAAAAwA2AAAAAAADAN4/ 6f0AAAMA8T8JBAAAAwD9P+QEAAALAPIQAQAAAAsA9BAAAAAACwD1EAAAAAALAPYQAAAAAB8A8xAB AAAAZAAAAFIARQAlADMAQQAgAEEAbgBvAG0AYQBsAHkAIABpAG4AIAB0AGgAZQAgAEQAQQBWACUA MwBBAHAAcgBvAHAAIABlAGwAZQBtAGUAbgB0ACAAdQBzAGEAZwBlAC4ARQBNAEwAAAACAUcAAQAA AC0AAABjPXVzO2E9IDtwPUFQUFMtV0dBO2w9QkVHLTAwMDEwNjIzMjAxMlotMjAwNgAAAAACAfk/ AQAAAB4AAAAAAAAA3KdAyMBCEBq0uQgAKy/hggEAAAAAAAAALgAAAB8A+D8BAAAAKgAAAFMAeQBz AHQAZQBtACAAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgAAAAAAHwA4QAEAAAAEAAAALgAAAAIB +z8BAAAAHgAAAAAAAADcp0DIwEIQGrS5CAArL+GCAQAAAAAAAAAuAAAAHwD6PwEAAAAqAAAAUwB5 AHMAdABlAG0AIABBAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAAAAAAAfADlAAQAAAA4AAABZAEEA UgBPAE4ARwAAAAAAQAAHML6IGJWcWL8BQAAIMALUE7WcWL8BHwAaAAEAAAASAAAASQBQAE0ALgBO AE8AVABFAAAAAAAfADcAAQAAAFQAAABSAEUAOgAgAEEAbgBvAG0AYQBsAHkAIABpAG4AIAB0AGgA ZQAgAEQAQQBWADoAcAByAG8AcAAgAGUAbABlAG0AZQBuAHQAIAB1AHMAYQBnAGUAAAAfAD0AAQAA AAoAAABSAEUAOgAgAAAAAAAfAB0OAQAAAEwAAABBAG4AbwBtAGEAbAB5ACAAaQBuACAAdABoAGUA IABEAEEAVgA6AHAAcgBvAHAAIABlAGwAZQBtAGUAbgB0ACAAdQBzAGEAZwBlAAAAHwA1EAEAAACW AAAAPAA3AEQARQAxADEAOQBEADMARAAwAEUAMQA1ADUANAAzADgANwA0AEYANwA1ADYAMQBFAEUA QwBCAEQAQgBFAEQAMAAyADYAMQA5AEQARgBEAEAAQgBFAEcALgBwAGwAYQB0AGkAbgB1AG0ALgBj AG8AcgBwAC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQA+AAAAAAALACkAAAAAAAsAIwAAAAAA AwAGEC30Lp4DAAcQQAMAAAMAEBAAAAAAAwAREAAAAAAeAAgQAQAAAGUAAABJV09VTEROVFdPUlJZ QUJPVVRUSElTSVNTVUVBVEFMTEFOWUVMRU1FTlRVU0VESU5TSURFT0ZBUFJPUEVMRU1FTlRNVVNU QkVBV0VCREFWUFJPUEVSVFlBTkRIRU5DRU1VU1RCAAAAAAIBfwABAAAASwAAADw3REUxMTlEM0Qw RTE1NTQzODc0Rjc1NjFFRUNCREJFRDAyNjE5REZEQEJFRy5wbGF0aW51bS5jb3JwLm1pY3Jvc29m dC5jb20+AAD2yA== ------_=_NextPart_000_01BF589C.B513D402-- From w3c-dist-auth-request@w3.org Thu Jan 6 19:12:04 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA25634 for ; Thu, 6 Jan 2000 19:12:03 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id TAA18317; Thu, 6 Jan 2000 19:00:48 -0500 (EST) Resent-Date: Thu, 6 Jan 2000 19:00:48 -0500 (EST) Resent-Message-Id: <200001070000.TAA18317@www19.w3.org> Message-ID: <028a01bf58a1$a4f98c60$0201a8c0@everest.com> From: "Kaelin Colclasure" To: "Geoffrey M. Clemm" , References: <10001062308.AA19169@tantalum> Date: Thu, 6 Jan 2000 15:56:26 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: Re: Anomaly in the DAV:prop element usage Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3805 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit ----- Original Message ----- From: Geoffrey M. Clemm To: Sent: Thursday, January 06, 2000 3:08 PM Subject: Anomaly in the DAV:prop element usage > In rfc2518, the example of propfind in 8.1.1 issues a PROPFIND > request with a DAV:prop element of the form: > > > > > > > > > It is very likely that this violates at least some of the element > definitions for R:bigbox, R:author, R:DingALing, and R:Random. > > I have gone to some trouble to avoid this kind of element definition > violation in the versioning spec, but since it didn't bother the > authors of 2518, should I not let it bother me? As was pointed out > in an earlier thread, there are other reasons why WebDAV XML will be > rejected by validating parsers ... The use of a validating parser makes little sense in the context of WebDAV properties -- because it is intended to expose a storage mechnism for arbitrary element definitions (in the form of property values), which themselves may or may not have a defined DTD or schema somewhere. Is the versioning specification defining a similar mechanism whereby arbitrarily defined elements would need to be incorporated? If not, then indeed you should be sensitive to the requirements of validation. But if so, the same argument stated above for property values applies. -- Kaelin From w3c-dist-auth-request@w3.org Thu Jan 6 20:07:44 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA26240 for ; Thu, 6 Jan 2000 20:07:44 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id TAA19029; Thu, 6 Jan 2000 19:56:17 -0500 (EST) Resent-Date: Thu, 6 Jan 2000 19:56:17 -0500 (EST) Resent-Message-Id: <200001070056.TAA19029@www19.w3.org> Message-ID: <00a801bf58a9$f068caa0$9a114498@us.oracle.com> From: "Eric Sedlar" To: "Geoffrey M. Clemm" , Cc: , , "Vishu Krishnamurthy" , References: <10001062308.AA19169@tantalum> Date: Thu, 6 Jan 2000 16:55:49 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Subject: Re: Anomaly in the DAV:prop element usage Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3806 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit This is an interesting issue--how do specify some set of XML elements that you want out of a document not available to you. This is basically the XML equivalent of a SELECT list in SQL. I raised this issue in the database context with the W3C people a few months ago, to raise the issue of a simplified form of XPath for this purpose. I proposed basically using a list of XPath identifiers, omitting elements in the predicate that reference the value of any node. I'm copying this to some relevant XML & XPath people to highlight WebDAV PROPFIND requests as another application for this usage in addition to database data retrieval. It's kind of disturbing to me to see invalid XML used for this--I'd prefer a comma separated list of XPath specifications, omitting predicates, like: R:bigbox, R:author, D:supportedlock/lockentry/lockscope I think this will avoid confusion, since a list of XML element names shouldn't appear as empty elements. --Eric ----- Original Message ----- From: "Geoffrey M. Clemm" To: Sent: Thursday, January 06, 2000 3:08 PM Subject: Anomaly in the DAV:prop element usage > > In rfc2518, the example of propfind in 8.1.1 issues a PROPFIND > request with a DAV:prop element of the form: > > > > > > > > > It is very likely that this violates at least some of the element > definitions for R:bigbox, R:author, R:DingALing, and R:Random. > > I have gone to some trouble to avoid this kind of element definition > violation in the versioning spec, but since it didn't bother the > authors of 2518, should I not let it bother me? As was pointed out > in an earlier thread, there are other reasons why WebDAV XML will be > rejected by validating parsers ... > > Cheers, > Geoff > > From w3c-dist-auth-request@w3.org Thu Jan 6 22:54:11 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA29269 for ; Thu, 6 Jan 2000 22:54:10 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id WAA21756; Thu, 6 Jan 2000 22:42:17 -0500 (EST) Resent-Date: Thu, 6 Jan 2000 22:42:17 -0500 (EST) Resent-Message-Id: <200001070342.WAA21756@www19.w3.org> Date: Thu, 6 Jan 2000 22:42:08 -0500 Message-Id: <10001070342.AA19317@tantalum> From: "Geoffrey M. Clemm" To: esedlar@us.oracle.com Cc: geoffrey.clemm@rational.com, w3c-dist-auth@w3.org, anovosel@us.oracle.com, dbeech@us.oracle.com, vkrishna@us.oracle.com, jjc@jclark.com In-Reply-To: <00a801bf58a9$f068caa0$9a114498@us.oracle.com> (esedlar@us.oracle.com) Subject: Re: Anomaly in the DAV:prop element usage Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3807 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list From: "Eric Sedlar" This is an interesting issue--how do specify some set of XML elements that you want out of a document not available to you. This is basically the XML equivalent of a SELECT list in SQL. Yes! (It is comforting to know that at least one other person out there worries about this kind of thing :-). In the versioning context, it comes up in the REPORT method. An important report is a DAV:available-reports report (analagous to an OPTIONS call, but returning the reports available, rather than the methods applicable). I raised this issue in the database context with the W3C people a few months ago, to raise the issue of a simplified form of XPath for this purpose. I proposed basically using a list of XPath identifiers, omitting elements in the predicate that reference the value of any node. I'm copying this to some relevant XML & XPath people to highlight WebDAV PROPFIND requests as another application for this usage in addition to database data retrieval. It's kind of disturbing to me to see invalid XML used for this--I'd prefer a comma separated list of XPath specifications, omitting predicates, like: R:bigbox, R:author, D:supportedlock/lockentry/lockscope I think this will avoid confusion, since a list of XML element names shouldn't appear as empty elements. My concern with this approach is that the parser won't know that this identifier is an element name, so the application would have to do the processing itself (e.g. keeping track of the namespaces defined in that context, and replacing the namespace prefix with the appropriate URL). This is feasible, but does require the application to internally contain parsing knowledge. The alternative, using empty elements that violate the element definition avoids this problem, at the cost of being invalid XML. For the DAV:available-report REPORT, I have avoided the problem by defining DAV:xxx-report to be the element returned in the DAV:available-reports response, DAV:xxx-report-request be the element in the request body for that kind of report, and DAV:xxx-report-response be the element in the response body for that kind of report. But for the (recently added) DAV:property-report REPORT (which does a PROPFIND on the resources referenced by properties that are a list of href's), I can't avoid the "XML-select" problem. Cheers, Geoff From w3c-dist-auth-request@w3.org Thu Jan 6 23:05:09 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA29354 for ; Thu, 6 Jan 2000 23:05:08 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id WAA22117; Thu, 6 Jan 2000 22:53:51 -0500 (EST) Resent-Date: Thu, 6 Jan 2000 22:53:51 -0500 (EST) Resent-Message-Id: <200001070353.WAA22117@www19.w3.org> Date: Thu, 6 Jan 2000 22:53:44 -0500 Message-Id: <10001070353.AA19329@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <028a01bf58a1$a4f98c60$0201a8c0@everest.com> (kaelin@everest.com) Subject: Re: Anomaly in the DAV:prop element usage Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3808 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list From: "Kaelin Colclasure" The use of a validating parser makes little sense in the context of WebDAV properties -- because it is intended to expose a storage mechnism for arbitrary element definitions (in the form of property values), which themselves may or may not have a defined DTD or schema somewhere. Yes, that makes sense (although you do have to at least specify the namespace of those elements, even if you don't have the DTD's). But in those cases where you do have the DTD's available (such as for the DAV:xxx properties), it does provide some cognitive dissonance to see an element like in a PROPFIND request, when the DTD for creationdate is: Cheers, Geoff From w3c-dist-auth-request@w3.org Fri Jan 7 04:35:26 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA13431 for ; Fri, 7 Jan 2000 04:35:25 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id EAA27523; Fri, 7 Jan 2000 04:24:27 -0500 (EST) Resent-Date: Fri, 7 Jan 2000 04:24:27 -0500 (EST) Resent-Message-Id: <200001070924.EAA27523@www19.w3.org> Message-Id: <4.1.20000107085600.00b6ced0@pop.xs4all.nl> X-Sender: contact@pop.lanminds.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Fri, 07 Jan 2000 09:11:10 +0100 To: w3c-dist-auth@w3.org From: Jim Davis In-Reply-To: <10001070353.AA19329@tantalum> References: <028a01bf58a1$a4f98c60$0201a8c0@everest.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: Re: Anomaly in the DAV:prop element usage Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3809 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list At 10:53 PM 1/6/00 -0500, Geoffrey M. Clemm wrote: > > From: "Kaelin Colclasure" > > The use of a validating parser makes little sense in the context of > WebDAV properties -- because it is intended to expose a storage mechnism > for arbitrary element definitions (in the form of property values), > which themselves may or may not have a defined DTD or schema somewhere. > >Yes, that makes sense (although you do have to at least specify the >namespace of those elements, even if you don't have the DTD's). But >in those cases where you do have the DTD's available (such as for the >DAV:xxx properties), it does provide some cognitive dissonance to >see an element like in a PROPFIND request, I agree that it is dissonant. But there may be no better choice. Let me make a suggestion - let he who thinks WebDAv should validate create a DTD that will work. The constraint is that it has to work even if there is no DTD for some properties, and whatever mechanism you use should also not have the bad network effect of needing to fetch the DTD with each attempt to validate. otherwise performance would be bad. I am no XML expert, so I can't tell whether this is easy or even possible. I would certainly be willing to see changes to the DTD that would *allow* webDAV XMl to be validating, if I didn't have to give up on expressivity (ability to use properties without a DTD) All things being equal, this would be better for DASL as well. As one of the authors I can say that I did spend some time trying to write a DTD for DASL, mostly because I wanted to be able to check for dumb mistakes that *I made. Note also that RFC 2518 says that WebDAV's xml is not valid. (but only in passing in 17.7) i think, given the amount of discussion that this has brought up over history, it needs a passage in the WebDAV book of Why, if not in the next Specification. From w3c-dist-auth-request@w3.org Fri Jan 7 15:50:08 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA27026 for ; Fri, 7 Jan 2000 15:49:57 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id PAA19724; Fri, 7 Jan 2000 15:36:22 -0500 (EST) Resent-Date: Fri, 7 Jan 2000 15:36:22 -0500 (EST) Resent-Message-Id: <200001072036.PAA19724@www19.w3.org> From: ccjason@us.ibm.com X-Lotus-FromDomain: IBMUS To: w3c-dist-auth@w3.org Message-ID: <8525685F.00711A4B.00@D51MTA03.pok.ibm.com> Date: Fri, 7 Jan 2000 15:35:58 -0500 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Re: Locking URIs rather than Resources Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3810 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Just forwarding Eric's response below to the dist-authoring list since I suspect it's more relevant there and that's where the discussion was previously... ---------------------- Forwarded by Jason Crawford/Watson/IBM on 01/07/2000 03:34 PM --------------------------- "Eric Sedlar" on 01/07/2000 02:36:33 PM To: Jason Crawford/Watson/IBM@IBMUS cc: Subject: Re: Locking URIs rather than Resources More discussion of the model I propose for LOCKs. ----- Original Message ----- From: To: "Eric Sedlar" Sent: Tuesday, January 04, 2000 4:52 PM Subject: Re: Locking URIs rather than Resources > > Offline note. Feel free to reply on the list if you like... > > 1) are the list of names in a collection logically part of the > collection, > or do they live in some separate space outside the domain of resources? > To me the answer must be that they are a part of the collection. > > I think all recent proposals agree that the binding is part of the state of > the collection. You shouldn't get much debate about that. > > type of object that can be identified within this model is a resource. > You > are going to have (in a real system) access control on resources, and not > a > separate access control model for names. There are too many concepts in > the > world of the web to introduce another type of object other than a > resource. > Every filesystem in the world stores the list of filenames as a part of > the > directory, and locks & access control on the directory affects all names > within. Let's stick with current usage unless we have compelling reasons > to > deviate. > > > 2) what kind of locks are there? > > IMHO, there must be two kinds of locks--name locks and resource locks. > The > problem with just locking a collection resource is that it is to > coarse-grained--there are lots of applications that will want to just > lock a > single name in a collection, and resource locking every collection in a > path > will reduce concurrency too much. I think of this like table level and > row > level locks in a database--a lock on the collection is like a table > level > lock, locking all names (rows) in that collection. Another way to think > of > a name is like a fragment within the collection document. > > I agree with your taxonomy of requirements, but I don't agree that a name > lock has > to be a formal concept. We have talked about URI protection in previous > locking > models. UP also probably filfills the same need and isn't a new kind of > lock. > It's just a behavior. > > > > > Now that we understand that, what do we do about RFC 2518 LOCK's? (I'm > using a capitalized LOCK to distinguish the RFC 2518 protocol request > from > name locks and resource locks). > > The requirements are: > > * a LOCK on must prevent the resource from being moved, for > compatability > with existing applications. > Yup. We've seemed to settle on this. > > * a LOCK on must prevent any changes to that resource (updates, deletes, > etc.) if it exists > Yup, but FWIW, most of us consider DELETE to fall in the category of MOVE. > It's not a modification of the resource itself. > > * a LOCK token must be associated with the locked resource and URL > Umm? This doesn't sound like a requirement. At least not a fundamental > one. Feel free to explain what you mean if you think this is an important > point. > I had this as a requirement for compatability with RFC 2518. Are you suggesting that lock tokens are superfluous and should be removed? > > So, it seems like that the following solution is the right abstraction: > > 1) add the notion of name and resource locks. A name lock applies to a > single level name within a collection. A resource lock applies to the > data > identified by a particular URL. If that URL identifies a collection, a > resource lock locks ALL of the names in that collection, and is blocked > by > any name lock within, and vice versa. > > Understood. I'm uncomfortable speaking of name locks as a formal entity, > but I find them as an acceptable way of explaining URI protection. If we > do speak of name locks, I suspect we're also going to have to mention > things > like them being implicitly shared rather than exclusive. It wasn't clear to me in general if shared locks were the default rather than exclusive, but it seems natural that this should be the case for both name and resource locks. As far as treating name locks as a formal entity, that is a better way of describing what you are doing when you want a lock on a URL not associated with a resource--you're locking only that PART of the collection resource corresponding to that name in its set of bindings, you aren't locking some resource that that name will be associated with later. I think that people who have worked with locking before understand the difference between locking an aggregate object and an individual item in that aggregate, as there are many examples of that in software today (locking a file vs. locking a byte range in that file, table locks vs. row locks in a SQL database, etc.). I don't think people are comfortable with the idea of treating namespaces as lockable entities separate from the entities the names refer to, since that isn't generally done. Once you agree that the set of bindings are part of the state of a collection, you are treating the collection resource as an aggregate that can be locked, as well as one or more bindings it contains. The model I propose is simpler, in that only one kind of object WebDAV requests can refer to--the resource, without treating URLs as something separate. > > 2) we introduce the notion of a lock "set". A lock set is a group of > any > number of name and resource locks. > > I agree with the semantics, but I'm uncomfortable with creating a new > concept > called a "lock set". This also rings of "implementation". > Hopefully this can be avoided. Anyway... The lock set is just a group of locks associated with a single lock token. Given that the Depth: infinity header effectively gets many locks (rather than one big lock) and associates them with a single token, you were already doing this before, just without a name. It just seemed to me to be easier to understand if you have a term for describing what a lock token identifies. This is just a terminology issue. > > Each lock set as a single associated > lock token. An RFC 2518 LOCK request applied to an existing > non-collection > resource will grant name locks to each name in the path from the root > down > to the bottom, and a resource lock on the identified resource, create a > lock > set from this group, and grant an identifying LOCK token. > > Sounds fine. We'll have to go over details later. So far this is exactly > like > some of our other models... just explained differently. Perhaps folks will > find > this phrasing easier to approve. :-) > > > An RFC 2518 LOCK > request applied to a collection will work in the same way, except that > if > the depth header is specified, name and resource locks will be given > recursively for each contained resource. > > Hmmm. Or perhaps just resource locks. No, that won't work either. > Okay... > You're going to have to explain some of the > complications of this. Like, are all of these resources still locked if > you > remove the binding that put them under the influence of the original lock > request? No. The LOCK protocol request is a shorthand way of requesting a set of names and resources to lock. Deleting one of the names or resources you have locked removes the locks, since you have nothing there remaining to lock. The validity of the relationships between the set of names that are locked and the resources they apply to is not maintained. Here's a boundary case to illustrate the issue: Let's say I have resource ID 1 bound by foo.html, ID 2 bound by bar.html, and ID 3 bound by werf.html, all in the same collection. Now, I issue 3 LOCK requests on each URL, and get lock tokens T1, T2, & T3. Now (using a temporary URL) I MOVE everything around so that foo.html refers to resource ID 2, bar.html refers to ID 3, and werf.html refers to ID 1. LOCK token T1 still refers to foo.html and resource ID 1, even though foo.html now refers to resource ID 2, and if I UNLOCK with token T1, foo.html and resource ID 1 are unlocked. I have to provide token T2 to UNLOCK resource ID 1. > And does adding a resource to a depth locked collection, create a > resource and name lock for the newly bound resource? I would say that the default for this would be no, since again the relationships between the names and resources is not something that the server enforces--only clients can do that via use of locks. Since the collection is locked, you would have to provide the lock token to insert the new resource into the locked collection anyway. However, there may be some need for combining the PUT and LOCK into the same request to avoid race conditions. I can see this being an issue with a number of protocol requests (BIND & LOCK, etc.). There probably needs to be a way to add a lock as a part of any WebDAV request. > And do name locks remain > if a subtree is separated from the tree where the original LOCK request > was submitted. Yes. That is why each name in the path (logically) is locked separately, to simplify the task of tracking all of these types of issues. > If you delete a locked binding, is the name lock automatically deleted? > If you DELETE a locked resource, the resource lock is removed from the lock set, leaving only the name locks. I.e. I Lock /a/foo.html. Then I delete /a/foo.html. I still have the name lock, so nobody else can put something at /a/foo.html (I'm reserving the namespace like an LNR). I think this will be needed for doing certain types of tree manipulations as an atomic unit. > A LOCK request on a URL giving a > nonexistent name in a existing collection will issue only name locks on > the > path elements. If the URL minus the last path element does not refer to > an > existing collection, the LOCK request will fail. > > Thus we get the benefit of LNR's without having to create a pseudo resource > there. Presumably PROPFIND will not pretend there is a resource there > either. > This sounds very good. It's the main positive point I see in this > proposal. > Right. This is the main goal of my proposal, to create an abstraction that is general. > 3) the activelocks property displays all name locks active for this > collection as well as all resource locks. > > Hmm. I've been wondering. (This is actually a question for everyone else. > Especially Yaron.) Why do we even have the activelocks or lockdiscovery > property at all? Just so clients can figure out who has a lock > that is preventing them from doing something? > It would be nice to give an error message to people saying "sorry, you can't modify that--it is currently locked by Geoff" or whatever, so that they know who is blocking them. I think Windows does this in some cases. > BTW, Would activelocks on a collection would reveal name locks on > descendents > rather than the name locks of bindings to the collection? Hopefully. > Yes. The activelocks property (as a property of the collection) should only reveal state belonging to that collection. Since the list of bindings to descendants is the state of the collection, activelocks would list any locks on those names. > 4) the "locktype" property is used to distinguish between name and > resource > locks. If locktype "resource" is specified, only the specified resource > lock is granted in that lock set. If locktype "name" is specified, the > names from root to the resource are locked, if the Depth header is not > specified. > > > If the URL "/a/b/c.html" is given, negative depth values can be > given to lock fractions of the path. E.g. if Depth:0 is specified, the > name > "c.html" is reserved in collection /a/b, but no other locks are granted. > If > Depth:-1 is specified, the name "b" in "/a" is also reserved (etc.) > Only if > locktype is not specified does the LOCK request behave as it point #2 > (granting resource & name locks simoultaneously), basically for > compatability with existing applications. > > Is all this needed? I thought the point in locking the name was to insure > that > the locked resource remained accessable to the client at a known URI? "-1" > doesn't achieve that and may prevent trivial implementations on top of some > respositories. I'm also not sure I understand the motivation (at least > given our > current capabilities) of a client locking a resource without also locking > the > namespace. Currently it doesn't seem helpful to lock a resource if you > can't > get at it subsequently. > I can see the value of allowing a URL reference that is derived from a resource ID, like "/resources/1234" or something in some implementations (Oracle's implementation will have this). Resource ID is constant regardless of BINDings. I recommend adding something like this to the protocol. --Eric From w3c-dist-auth-request@w3.org Fri Jan 7 17:46:57 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA28738 for ; Fri, 7 Jan 2000 17:46:55 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id RAA23110; Fri, 7 Jan 2000 17:35:13 -0500 (EST) Resent-Date: Fri, 7 Jan 2000 17:35:13 -0500 (EST) Resent-Message-Id: <200001072235.RAA23110@www19.w3.org> From: ccjason@us.ibm.com X-Lotus-FromDomain: IBMUS To: "Eric Sedlar" cc: w3c-dist-auth@w3.org Message-ID: <8525685F.007BF688.00@D51MTA03.pok.ibm.com> Date: Fri, 7 Jan 2000 17:34:35 -0500 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Re: Locking URIs rather than Resources Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3811 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list > * a LOCK token must be associated with the locked resource and URL > Umm? This doesn't sound like a requirement. At least not a fundamental > one. Feel free to explain what you mean if you think this is an important > point. > I had this as a requirement for compatability with RFC 2518. Are you suggesting that lock tokens are superfluous and should be removed? No. Just that lock tokens are an implementation of a requirement, not a requirement in and of themselves. If the same can be achieved in some other way, that's fine. You seem to be shooting for compatibility in which case LT are the mechanism to use. -- I didn't actually understand the point of your statement either. That's fine though. What's most important is what you say below. It wasn't clear to me in general if shared locks were the default rather than exclusive, but it seems natural that this should be the case for both name and resource locks. I hadn't considered the possibility of name locks being exclusive. The need for this wasn't one of our requirements. We just wanted to protect a URI from having it's mapping change. This was purely for the sanity of the client. My initial vote for resource locks is that there be no default. One must specify what one wants. As far as treating name locks as a formal entity, that is a better way of describing what you are doing when you want a lock on a URL not associated with a resource--you're locking only that PART of the collection resource corresponding to that name in its set of bindings, you aren't locking some resource that that name will be associated with later. I'll just try harder to assimilate this view. I think that people who have worked with locking before understand the difference between locking an aggregate object and an individual item in that aggregate, as there are many examples of that in software today (locking a file vs. locking a byte range in that file, table locks vs. row locks in a SQL database, etc.). I don't think people are comfortable with the idea of treating namespaces as lockable entities separate from the entities the names refer to, since that isn't generally done. Actually, only Geoff's most recent proposal couched it that way. All others have tended to say that a predetermined set of bindings are "protected". The term "locked" wasn't used... and after it was set up, it wasn't based on namespace... just bindings. Once you agree that the set of bindings are part of the state of a collection, you are treating the collection resource as an aggregate that can be locked, as well as one or more bindings it contains. The model I propose is simpler, in that only one kind of object WebDAV requests can refer to--the resource, without treating URLs as something separate. A good thing. URL's are just a side effect. I forget the word Geoff used to use to refer to this. > I agree with the semantics, but I'm uncomfortable with creating a new > concept > called a "lock set". This also rings of "implementation". > Hopefully this can be avoided. Anyway... The lock set is just a group of locks associated with a single lock token. Given that the Depth: infinity header effectively gets many locks (rather than one big lock) and associates them with a single token, you were already doing this before, just without a name. It just seemed to me to be easier to understand if you have a term for describing what a lock token identifies. This is just a terminology issue. I am still uncomfortable speaking of sets of locks. Also, that's not what we had before except in one proposal that someone made (twice) but that proposal didn't last long. People liked the dynamic nature of this. That's not to say that it had to be based on namespace. Just parentage. Perhaps I shoudln't say this, but with the advent locking of collections, do we still need depth locks? I forget why this was important and what set of people felt it was important. I know Jim Whitehead was one of the people and I believed the others were document management folks that wanted to to lock composite entities. Anyway, I just wanted to check if we still need them. If so, I'd like to explicitly note this in the locking doc I'm doing. Re: Depth locking... > An RFC 2518 LOCK > request applied to a collection will work in the same way, except that > if > the depth header is specified, name and resource locks will be given > recursively for each contained resource. > > Hmmm. Or perhaps just resource locks. No, that won't work either. > Okay... > You're going to have to explain some of the > complications of this. Like, are all of these resources still locked if > you > remove the binding that put them under the influence of the original lock > request? No. The LOCK protocol request is a shorthand way of requesting a set of names and resources to lock. Deleting one of the names or resources you have locked removes the locks, since you have nothing there remaining to lock. The DELETE only removes the binding. The resource may still exist and be exposed at other URI's. More below. The validity of the relationships between the set of names that are locked and the resources they apply to is not maintained. Here's a boundary case to illustrate the issue: Let's say I have resource ID 1 bound by foo.html, ID 2 bound by bar.html, and ID 3 bound by werf.html, all in the same collection. Now, I issue 3 LOCK requests on each URL, and get lock tokens T1, T2, & T3. Now (using a temporary URL) I MOVE everything around so that foo.html refers to resource ID 2, bar.html refers to ID 3, and werf.html refers to ID 1. LOCK token T1 still refers to foo.html and resource ID 1, even though foo.html now refers to resource ID 2, and if I UNLOCK with token T1, foo.html and resource ID 1 are unlocked. Yucky! A very nice clean model, but it doesn't serve the client very well if the methods will act this way. Letting a LT's name locks get separated from it's resource locks seems like a bad idea and probably serves no purpose. In addition, the client can't release one type of locks (name) without releasing the other (resource)... unless the client creates two lock sets explicitly. > I have to provide token T2 to UNLOCK resource ID 1. I think you mean you have to use T1 to unlock ID 1, but you have to use T2 to unlock the name/binding/slot that currently maps to ID 1. > And does adding a resource to a depth locked collection, create a > resource and name lock for the newly bound resource? I would say that the default for this would be no, since again the relationships between the names and resources is not something that the server enforces--only clients can do that via use of locks. Since the collection is locked, you would have to provide the lock token to insert the new resource into the locked collection anyway. The thinking on the list has been that they want it automatically extended to the children. Folks have questioned this on occasion and the folks that value depth locks have always expressed a preference for the locks automatically being extended to children. In addition, they liked having the lock stop applying to any child resource that leaves the locked tree. However, there may be some need for combining the PUT and LOCK into the same request to avoid race conditions. I can see this being an issue with a number of protocol requests (BIND & LOCK, etc.). There probably needs to be a way to add a lock as a part of any WebDAV request. Perhaps folks would find this acceptable. That is, if a client is adding to a locked collection, the client can specify that the lock be extended to what it is adding to that collection. -- Or perhaps we'd make the default to extend any depth locks affecting the collection into which a resource is added. Noone has mentioned actually wanting it NOT to be added. > And do name locks remain > if a subtree is separated from the tree where the original LOCK request > was submitted. Yes. That is why each name in the path (logically) is locked separately, to simplify the task of tracking all of these types of issues. When stated as I did above, people have expressed a preference to having the inherited locks stop acting on the resources that move/delete away. But if it was the resource itself that was originally locked (not via inheritance) many folks like it to continue to affect the resource even after movement/unbinding. > If you delete a locked binding, is the name lock automatically deleted? If you DELETE a locked resource, the resource lock is removed from the lock set, leaving only the name locks. I.e. I Lock /a/foo.html. Then I delete /a/foo.html. I still have the name lock, so nobody else can put something at /a/foo.html (I'm reserving the namespace like an LNR). I think this will be needed for doing certain types of tree manipulations as an atomic unit. Reserving the namespace can be a good thing. As for unlocking the resource that was deleted... remember, DELETE just removes a binding, and does not necessarily destroy the resource. It may or may not having other bindings and mappings. I don't disagree that this might be the right thing to do, but if we do decide to unlock that resource, we have have to cross our fingers when we say the resource lock is on a resource. > Thus we get the benefit of LNR's without having to create a pseudo > resource > there. Presumably PROPFIND will not pretend there is a resource there > either. > This sounds very good. It's the main positive point I see in this > proposal. Right. This is the main goal of my proposal, to create an abstraction that is general. > 3) the activelocks property displays all name locks active for this > collection as well as all resource locks. > > BTW, Would activelocks on a collection would reveal name locks on > descendents > rather than the name locks of bindings to the collection? Hopefully. Yes. The activelocks property (as a property of the collection) should only reveal state belonging to that collection. Since the list of bindings to descendants is the state of the collection, activelocks would list any locks on those names. Yea! So "LNR"s will reject PROPFIND requests just like ordinary null resources. Good stuff. > 4) the "locktype" property is used to distinguish between name and > resource > locks. If locktype "resource" is specified, only the specified > resource > lock is granted in that lock set. If locktype "name" is specified, the > names from root to the resource are locked, if the Depth header is not > specified. > > > If the URL "/a/b/c.html" is given, negative depth values can be > given to lock fractions of the path. E.g. if Depth:0 is specified, the > name > "c.html" is reserved in collection /a/b, but no other locks are > granted. > If > Depth:-1 is specified, the name "b" in "/a" is also reserved (etc.) > Only if > locktype is not specified does the LOCK request behave as it point #2 > (granting resource & name locks simoultaneously), basically for > compatability with existing applications. > > Is all this needed? I thought the point in locking the name was to insure > that > the locked resource remained accessable to the client at a known URI? > "-1" > doesn't achieve that and may prevent trivial implementations on top of > some > respositories. I'm also not sure I understand the motivation (at least > given our > current capabilities) of a client locking a resource without also locking > the > namespace. Currently it doesn't seem helpful to lock a resource if you > can't > get at it subsequently. I can see the value of allowing a URL reference that is derived from a resource ID, like "/resources/1234" or something in some implementations (Oracle's implementation will have this). Resource ID is constant regardless of BINDings. I recommend adding something like this to the protocol. I can see the value in that too. It sounds like something that could neatly go in a separate proposal. It doesn't impact anything else. Still though... I have my doubts that all of the above concerning negative depths is worthwhile. And in fact for platforms like IIS that want to use native capabilities, I don't think they'll be albe to do anything other than lock all of the bindingss up to the root. From w3c-dist-auth-request@w3.org Fri Jan 7 18:49:13 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA29168 for ; Fri, 7 Jan 2000 18:49:13 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id SAA25035; Fri, 7 Jan 2000 18:37:52 -0500 (EST) Resent-Date: Fri, 7 Jan 2000 18:37:52 -0500 (EST) Resent-Message-Id: <200001072337.SAA25035@www19.w3.org> Message-ID: <38767A78.FC32B010@us.oracle.com> Date: Fri, 07 Jan 2000 15:44:56 -0800 From: Eric Sedlar Organization: Oracle Corporation X-Mailer: Mozilla 4.7 [en] (X11; I; SunOS 5.6 sun4u) X-Accept-Language: en MIME-Version: 1.0 To: ccjason@us.ibm.com CC: w3c-dist-auth@w3.org References: <8525685F.007BF688.00@D51MTA03.pok.ibm.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re: Locking URIs rather than Resources Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3812 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit You make a bunch of comments about lock sets and Depth locks, and you don't seem particularly comfortable with any of this stuff. This is all coming from Document Management requirements for compound documents. I think the correct solution to these issues comes from understanding that requirement. Here is a counterexample to your dynamic lock preference... Let's say that I have a "book" entity that I want to manifest as a collection resource (with some additional XML properties describing the book's state). In the collection is a set of HTML resources corresponding to each chapter of a book. Let's say that this book is a programmer's guide for a software product, and a couple of these chapters are about "Getting Started". Now we add an administration manual (another collection somewhere else) and I want to share the Getting Started (GS) info between books, so I want to move those chapters into a third collection containing shared resources between the manuals. I have the following collections now: /manuals/prguide /manuals/common /manuals/admin When I started working on the programmer's guide (PG), I depth:infinity lock the entire collection with a shared lock, to make sure nobody messes with the chapters while I am working. When I move the GS info out of the locked collection I want to retain these locks, since they are still part of the manual. The automatic assumptions Jason proposes regarding when locks are removed in the face of BINDs, MOVEs, etc. are not going to be correct in all cases. If I depth lock a collection, I have a perfectly valid example of when I want to retain the lock when members of a collection are moved out. There is no recourse in this situation, since reestablishing the lock introduces a race condition. Therefore, I think it is better that the client (i.e. the application) have specific control of the locking semantics, and that the server not try to do a lot of funny stuff with guessing what the client wants. --------- Other miscellaneous responses: * the negative depth proposal, along with a header to allow name locking separate from resource locking, are for the functional completeness of the model. The problem with locks is that you often want to get a bunch of them at once (and have the server handle any deadlock detection issues). Another way to handle this is to allow a list of URLs to be LOCKed to be attached to ANY request. * when I refer to DELETEing a resource in my proposal earlier, I mean a DELETE that removes the last binding, deleting the associated resource. --Eric ccjason@us.ibm.com wrote: > > * a LOCK token must be associated with the locked resource and URL > > Umm? This doesn't sound like a requirement. At least not a > fundamental > > one. Feel free to explain what you mean if you think this is an > important > > point. > > > > I had this as a requirement for compatability with RFC 2518. Are you > suggesting that lock tokens are superfluous and should be removed? > > No. Just that lock tokens are an implementation of a requirement, not > a requirement in and of themselves. If the same can be achieved in some > other way, that's fine. You seem to be shooting for compatibility in which > case LT are the mechanism to use. -- I didn't actually understand the > point of your statement either. That's fine though. What's most important > is what you say below. > > It wasn't clear to me in general if shared locks were the default rather > than exclusive, but it seems natural that this should be the case for > both > name and resource locks. > > I hadn't considered the possibility of name locks being exclusive. The > need > for this wasn't one of our requirements. We just wanted to protect a URI > from > having it's mapping change. This was purely for the sanity of the client. > > My initial vote for resource locks is that there be no default. One must > specify what one wants. > > As far as treating name locks as a formal entity, > that is a better way of describing what you are doing when you want a > lock > on a URL not associated with a resource--you're locking only that PART > of > the collection resource corresponding to that name in its set of > bindings, > you aren't locking some resource that that name will be associated with > later. > > I'll just try harder to assimilate this view. > > I think that people who have worked with locking before understand the > difference between locking an aggregate object and an individual item in > that aggregate, as there are many examples of that in software today > (locking a file vs. locking a byte range in that file, table locks vs. > row > locks in a SQL database, etc.). I don't think people are comfortable > with > the idea of treating namespaces as lockable entities separate from the > entities the names refer to, since that isn't generally done. > > Actually, only Geoff's most recent proposal couched it that way. All > others > have tended to say that a predetermined set of bindings are "protected". > The > term "locked" wasn't used... and after it was set up, it wasn't based on > namespace... just bindings. > > Once you > agree that the set of bindings are part of the state of a collection, you > are treating the collection resource as an aggregate that can be locked, > as > well as one or more bindings it contains. The model I propose is > simpler, > in that only one kind of object WebDAV requests can refer to--the > resource, > without treating URLs as something separate. > > A good thing. URL's are just a side effect. I forget the word Geoff used > to > use to refer to this. > > > I agree with the semantics, but I'm uncomfortable with creating a new > > concept > > called a "lock set". This also rings of "implementation". > > Hopefully this can be avoided. Anyway... > > The lock set is just a group of locks associated with a single lock > token. > Given that the Depth: infinity header effectively gets many locks (rather > than one big lock) and associates them with a single token, you were > already > doing this before, just without a name. It just seemed to me to be > easier > to understand if you have a term for describing what a lock token > identifies. This is just a terminology issue. > > I am still uncomfortable speaking of sets of locks. Also, that's not what > we had before except in one proposal that someone made (twice) but that > proposal didn't last long. People liked the dynamic nature of this. > That's > not to say that it had to be based on namespace. Just parentage. > > Perhaps I shoudln't say this, but with the advent locking of collections, > do > we still need depth locks? I forget why this was important and what set of > people felt it was important. I know Jim Whitehead was one of the people > and I believed the others were document management folks that wanted to > to lock composite entities. Anyway, I just wanted to check if we still > need them. If so, I'd like to explicitly note this in the locking doc I'm > doing. > > Re: Depth locking... > > > An RFC 2518 LOCK > > request applied to a collection will work in the same way, except > that > > if > > the depth header is specified, name and resource locks will be given > > recursively for each contained resource. > > > > Hmmm. Or perhaps just resource locks. No, that won't work either. > > Okay... > > You're going to have to explain some of the > > complications of this. Like, are all of these resources still locked > if > > you > > remove the binding that put them under the influence of the original > lock > > request? > > No. The LOCK protocol request is a shorthand way of requesting a set of > names and resources to lock. Deleting one of the names or resources you > have locked removes the locks, since you have nothing there remaining to > lock. > > The DELETE only removes the binding. The resource may still exist and > be exposed at other URI's. More below. > > The validity of the relationships between the set of names that are > locked and the resources they apply to is not maintained. Here's a > boundary > case to illustrate the issue: > > Let's say I have resource ID 1 bound by foo.html, ID 2 bound by bar.html, > and ID 3 bound by werf.html, all in the same collection. Now, I issue 3 > LOCK requests on each URL, and get lock tokens T1, T2, & T3. Now (using > a > temporary URL) I MOVE everything around so that foo.html refers to > resource > ID 2, bar.html refers to ID 3, and werf.html refers to ID 1. LOCK token > T1 > still refers to foo.html and resource ID 1, even though foo.html now > refers > to resource ID 2, and if I UNLOCK with token T1, foo.html and resource ID > 1 > are unlocked. > > Yucky! A very nice clean model, but it doesn't serve the client very > well if the methods will act this way. Letting a LT's name locks get > separated > from it's resource locks seems like a bad idea and probably serves no > purpose. > In addition, the client can't release one type of locks (name) without > releasing the > other (resource)... unless the client creates two lock sets explicitly. > > > I have to provide token T2 to UNLOCK resource ID 1. > > I think you mean you have to use T1 to unlock ID 1, but you have to use T2 > to > unlock the name/binding/slot that currently maps to ID 1. > > > And does adding a resource to a depth locked collection, create a > > resource and name lock for the newly bound resource? > > I would say that the default for this would be no, since again the > relationships between the names and resources is not something that the > server enforces--only clients can do that via use of locks. Since the > collection is locked, you would have to provide the lock token to insert > the > new resource into the locked collection anyway. > > The thinking on the list has been that they want it automatically extended > to > the children. Folks have questioned this on occasion and the folks that > value > depth locks have always expressed a preference for the locks automatically > being extended to children. In addition, they liked having the lock stop > applying to any child resource that leaves the locked tree. > > However, there may be some need for combining the PUT and LOCK into the > same > request to avoid race conditions. I can see this being an issue with a > number of protocol requests (BIND & LOCK, etc.). There probably needs to > be > a way to add a lock as a part of any WebDAV request. > > Perhaps folks would find this acceptable. That is, if a client is adding > to a > locked collection, the client can specify that the lock be extended to what > it is > adding to that collection. -- Or perhaps we'd make the default to extend > any > depth locks affecting the collection into which a resource is added. Noone > has mentioned actually wanting it NOT to be added. > > > And do name locks remain > > if a subtree is separated from the tree where the original LOCK request > > was submitted. > > Yes. That is why each name in the path (logically) is locked separately, > to > simplify the task of tracking all of these types of issues. > > When stated as I did above, people have expressed a preference to having > the > inherited locks stop acting on the resources that move/delete away. But > if it was the resource > itself that was originally locked (not via inheritance) many folks like it > to > continue to affect the resource even after movement/unbinding. > > > If you delete a locked binding, is the name lock automatically deleted? > > If you DELETE a locked resource, the resource lock is removed from the > lock > set, leaving only the name locks. I.e. I Lock /a/foo.html. Then I > delete > /a/foo.html. I still have the name lock, so nobody else can put > something > at /a/foo.html (I'm reserving the namespace like an LNR). > I think this will > be needed for doing certain types of tree manipulations as an atomic > unit. > > Reserving the namespace can be a good thing. > > As for unlocking the resource that was deleted... remember, DELETE just > removes a binding, and does not necessarily destroy the resource. It may > or may not having other bindings and mappings. I don't disagree that > this might be the right thing to do, but if we do decide to unlock that > resource, we have have to cross our fingers when we say the resource lock > is on a resource. > > > Thus we get the benefit of LNR's without having to create a pseudo > > resource > > there. Presumably PROPFIND will not pretend there is a resource there > > either. > > This sounds very good. It's the main positive point I see in this > > proposal. > > Right. This is the main goal of my proposal, to create an abstraction > that > is general. > > > 3) the activelocks property displays all name locks active for this > > collection as well as all resource locks. > > > > BTW, Would activelocks on a collection would reveal name locks on > > descendents > > rather than the name locks of bindings to the collection? Hopefully. > > Yes. The activelocks property (as a property of the collection) should > only > reveal state belonging to that collection. Since the list of bindings to > descendants is the state of the collection, activelocks would list any > locks > on those names. > > Yea! So "LNR"s will reject PROPFIND requests just like ordinary null > resources. > Good stuff. > > > 4) the "locktype" property is used to distinguish between name and > > resource > > locks. If locktype "resource" is specified, only the specified > > resource > > lock is granted in that lock set. If locktype "name" is specified, > the > > names from root to the resource are locked, if the Depth header is > not > > specified. > > > > > > If the URL "/a/b/c.html" is given, negative depth values can be > > given to lock fractions of the path. E.g. if Depth:0 is specified, > the > > name > > "c.html" is reserved in collection /a/b, but no other locks are > > granted. > > If > > Depth:-1 is specified, the name "b" in "/a" is also reserved (etc.) > > Only if > > locktype is not specified does the LOCK request behave as it point > #2 > > (granting resource & name locks simoultaneously), basically for > > compatability with existing applications. > > > > Is all this needed? I thought the point in locking the name was to > insure > > that > > the locked resource remained accessable to the client at a known URI? > > "-1" > > doesn't achieve that and may prevent trivial implementations on top of > > some > > respositories. I'm also not sure I understand the motivation (at least > > given our > > current capabilities) of a client locking a resource without also > locking > > the > > namespace. Currently it doesn't seem helpful to lock a resource if you > > can't > > get at it subsequently. > > I can see the value of allowing a URL reference that is derived from a > resource ID, like "/resources/1234" or something in some implementations > (Oracle's implementation will have this). Resource ID is constant > regardless of BINDings. I recommend adding something like this to the > protocol. > > I can see the value in that too. It sounds like something that could > neatly > go in a separate proposal. It doesn't impact anything else. > > Still though... I have my doubts that all of the above concerning negative > depths is worthwhile. And in fact for platforms like IIS that want to use > native capabilities, I don't think they'll be albe to do anything other > than > lock all of the bindingss up to the root. From w3c-dist-auth-request@w3.org Sat Jan 8 21:45:45 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA08953 for ; Sat, 8 Jan 2000 21:45:44 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id VAA11686; Sat, 8 Jan 2000 21:34:11 -0500 (EST) Resent-Date: Sat, 8 Jan 2000 21:34:11 -0500 (EST) Resent-Message-Id: <200001090234.VAA11686@www19.w3.org> From: ccjason@us.ibm.com X-Lotus-FromDomain: IBMUS To: Eric Sedlar cc: w3c-dist-auth@w3.org Message-ID: <85256861.000E114B.00@D51MTA03.pok.ibm.com> Date: Sat, 8 Jan 2000 21:33:14 -0500 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Re: Locking URIs rather than Resources Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3813 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Let's say that I have a "book" entity that I want to manifest as a collection resource (with some additional XML properties describing the book's state). In the collection is a set of HTML resources corresponding to each chapter of a book. Let's say that this book is a programmer's guide for a software product, and a couple of these chapters are about "Getting Started". Now we add an administration manual (another collection somewhere else) and I want to share the Getting Started (GS) info between books, so I want to move those chapters into a third collection containing shared resources between the manuals. I have the following collections now: /manuals/prguide /manuals/common /manuals/admin When I started working on the programmer's guide (PG), I depth:infinity lock the entire collection with a shared lock, to make sure nobody messes with the chapters while I am working. When I move the GS info out of the locked collection I want to retain these locks, since they are still part of the manual. The automatic assumptions Jason proposes regarding when locks are removed in the face of BINDs, MOVEs, etc. are not going to be correct in all cases. If I depth lock a collection, I have a perfectly valid example of when I want to retain the lock when members of a collection are moved out. There is no recourse in this situation, since reestablishing the lock introduces a race condition. Of course it sounds like you don't need to (or want to) move it out of the locked collection though. You just need to add a binding from the common collection. You get the right result that way. Even for exclusive locks. * when I refer to DELETEing a resource in my proposal earlier, I mean a DELETE that removes the last binding, deleting the associated resource. And if it is the last binding, whether the resource is locked or not is probably moot. If it isn't the last binding, then I take it you feel the resource remains locked? From w3c-dist-auth-request@w3.org Sun Jan 9 04:05:40 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA05689 for ; Sun, 9 Jan 2000 04:05:39 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id DAA14650; Sun, 9 Jan 2000 03:53:57 -0500 (EST) Resent-Date: Sun, 9 Jan 2000 03:53:57 -0500 (EST) Resent-Message-Id: <200001090853.DAA14650@www19.w3.org> Message-Id: <4.1.20000109085404.00b64a80@pop.xs4all.nl> X-Sender: contact@pop.lanminds.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Sun, 09 Jan 2000 09:08:13 +0100 To: w3c-dist-auth@w3.org From: Jim Davis In-Reply-To: <38767A78.FC32B010@us.oracle.com> References: <8525685F.007BF688.00@D51MTA03.pok.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: Re: Locking URIs rather than Resources Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3814 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list At 03:44 PM 1/7/00 -0800, Eric Sedlar wrote: >Let's say that I have a "book" entity that I want to manifest as a collection >resource ...Let's say that this book is a programmer's guide for a software >product, and a couple of these chapters are about "Getting Started". Now ... I want to move those >chapters into a third collection containing shared resources between the >manuals. I have the following collections now: > >/manuals/prguide >/manuals/common >/manuals/admin > >When I started working on the programmer's guide (PG), I depth:infinity lock >the entire collection with a shared lock, to make sure nobody messes with the >chapters while I am working. This is a good use case, thanks for contributing it. I think it's reasonable to require that something like this work. But I don't agree that it shows a problem. I think there are at least three ways to use WebDAV and meet your requirements. 1) lock the common collection with depth infinity. Then when you move the files, they are added to the lock. 2) Create a temp collection, depth lock it, move the files there. edit them until you are ready to release the lock, then move them to the common collection, where they will be seen by your co-workers. 3) For each file that you wish to move to common, lock a null resource in the common collection. then do the moves. the formerly locked-null resources will become locked "normal" resources. Is at least one of these acceptable? Note that I am talking about WebDAV as in RFC 2518, I am not completely sure these apply to the newer proposals for lock. >Therefore, I think it is better that the client (i.e. the application) have >specific control of the locking semantics, and that the server not try to do a >lot of funny stuff with guessing what the client wants. That's a good principle in general. From w3c-dist-auth-request@w3.org Tue Jan 11 17:28:25 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA22631 for ; Tue, 11 Jan 2000 17:28:24 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id RAA29668; Tue, 11 Jan 2000 17:16:45 -0500 (EST) Resent-Date: Tue, 11 Jan 2000 17:16:45 -0500 (EST) Resent-Message-Id: <200001112216.RAA29668@www19.w3.org> From: Jim Whitehead To: Fredy Ortiz , w3c-dist-auth@w3.org MMDF-Warning: Parse error in original version of preceding line at gremlin-relay.ics.uci.edu Date: Tue, 11 Jan 2000 14:13:08 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal Subject: RE: [Moderator Action] WEBDAV Mailing List Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3815 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit Hi Fredy, I have added you to the WebDAV mailing list -- welcome! As for implementing the specification, there are currently several people involved in this activity, some open source, some commercial. A complete list of projects can be found at http://www.webdav.org/projects/ and the open source projects especially are always looking for volunteers. If you were interested in doing commercial WebDAV implementation work, I could recommend some people to talk with... - Jim > -----Original Message----- > From: Fredy Ortiz [mailto:ortizf@prodigy.net] > Sent: Monday, January 10, 2000 4:44 AM > To: w3c-dist-auth@w3.org > Subject: [Moderator Action] WEBDAV Mailing List > > > Hello, > > I would like to be added to this mailing list and I am interested in be > involved in the WEBDAV specification implementation. Here's a copy of my > resume. Hope I can be of some assistant. > > Thanks, > > Fredy Ortiz > From w3c-dist-auth-request@w3.org Tue Jan 11 17:52:43 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA22947 for ; Tue, 11 Jan 2000 17:52:40 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id RAA00636; Tue, 11 Jan 2000 17:31:39 -0500 (EST) Resent-Date: Tue, 11 Jan 2000 17:31:39 -0500 (EST) Resent-Message-Id: <200001112231.RAA00636@www19.w3.org> From: Jim Whitehead To: w3c-dist-auth@w3.org MMDF-Warning: Parse error in original version of preceding line at gremlin-relay.ics.uci.edu Date: Tue, 11 Jan 2000 14:28:05 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal Subject: RE: [Moderator Action] WEBDAV Mailing List Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3816 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit D'oh -- pesky "reply to all" key! Sorry for sending this out to everyone on the list. :-( - Jim > I have added you to the WebDAV mailing list -- welcome! > > As for implementing the specification, there are currently several people > involved in this activity, some open source, some commercial. A complete > list of projects can be found at http://www.webdav.org/projects/ and the > open source projects especially are always looking for volunteers. If you > were interested in doing commercial WebDAV implementation work, I could > recommend some people to talk with... > > From w3c-dist-auth-request@w3.org Wed Jan 12 09:31:35 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA16829 for ; Wed, 12 Jan 2000 09:31:34 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id JAA25431; Wed, 12 Jan 2000 09:20:27 -0500 (EST) Resent-Date: Wed, 12 Jan 2000 09:20:27 -0500 (EST) Resent-Message-Id: <200001121420.JAA25431@www19.w3.org> Message-ID: <8E3CFBC709A8D21191A400805F15E0DBD2455F@crte147.wc.eso.mc.xerox.com> From: "Slein, Judith A" To: "'WebDAV'" Cc: "'Owen_Ambur@fws.gov'" Date: Wed, 12 Jan 2000 09:20:11 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Subject: FW: WebDAV & DoD 5015.2 Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3817 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list I haven't seen any discussion of DoD 5015.2, but I'm forwarding your note to the WebDAV mailing list, where implementers of WebDAV servers will see it. I'll also refer you to the web site http://www.webdav.org/projects/ for a list of implementations of both servers and clients. --Judy Judith A. Slein Xerox Corporation jslein@crt.xerox.com (716)422-5169 800 Phillips Road 105/50C Webster, NY 14580 -----Original Message----- From: Owen_Ambur@fws.gov [mailto:Owen_Ambur@fws.gov] Sent: Tuesday, January 11, 2000 6:07 PM To: jslein@crt.xerox.com Subject: WebDAV & DoD 5015.2 Judy, since your name is associated with the topic of "WebDAV Collections" at , can you tell me if Xerox or any of the other WebDAV vendors are planning to obtain direct or pair certification under DoD's 5015.2 standard for records management? See . Owen Ambur, Acting Chief Branch of Management Services Division of IRM, U.S. Fish & Wildlife Service From w3c-dist-auth-request@w3.org Wed Jan 12 18:24:22 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA26719 for ; Wed, 12 Jan 2000 18:24:22 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id SAA18449; Wed, 12 Jan 2000 18:12:54 -0500 (EST) Resent-Date: Wed, 12 Jan 2000 18:12:54 -0500 (EST) Resent-Message-Id: <200001122312.SAA18449@www19.w3.org> Date: Wed, 12 Jan 2000 18:12:43 -0500 Message-Id: <10001122312.AA22058@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org Subject: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3818 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Eric suggests that a URL-based locking model should be mapped into the underlying collection resources that implement the namespace. I agree with both this conclusion and the reasoning leading up to it. But I think it is simpler to model namespace protection and state protection as being two results of a single kind of lock, as opposed to the result of two different kinds of locks. This avoids the problem of describing how namespace locks and state locks interact. In an attempt to make the proposal both understandable and complete, I've broken it into two parts. The first part is a series of bullets, which largely correspond to the "URL-based locking" proposal I mailed out a while ago. The second part is the same series of bullets fleshed out with a more formal description of each bullet in terms of an underlying resource model and effects on the visible lock state of resources. ************************** GULP: Part I - A URL identifies a resource. - A LOCK request creates a lock on the request URL. - An UNLOCK request removes all locks with the specified lock token. - A lock on a URL protects which resource is identified by that URL. - A Depth:N lock on a URL locks any URL that extends the locked URL by no more than N segments. - A Depth:infinity lock on a URL locks all URL's that extend the locked URL. - If an exclusive lock identifies a resource, no other lock of that type can identify that resource. - A write-lock on a URL protects the body and dead properties of any resource identified by that URL. ************************** GULP: Part II - A URL identifies a resource. The URL "/" identifies a resource. A collection contains a set of bindings, where a binding is a mapping from a URL segment to a resource. If "/path" identifies a collection C, and C contains a binding that maps the segment "x" to resource R, then the URL "/path/x" identifies resource R. - A lock is on a URL. Every lock has a lock token and a lock owner. Every lock on a resource has a name which is a relative URL (i.e. a slash separated sequence of URL segments). Every LOCK request that succeeds results in a new globally unique lock token. Every lock token has an owner that is the principal of the LOCK request. - A LOCK request creates a lock on the request URL. When a request of the form "LOCK /pathX" succeeds, a lock named "pathY/." with a new lock token is added to the resource identified by "/", where "pathY" is the result of applying standard URL path transformations to remove all segments named "." or ".." from "pathX". If a collection C has a binding from "segX" to resource R, and a request adds a lock named "segX/pathZ" with token "L" to C, then the request adds a lock named "pathZ" with token "L" to R. Similarly, if a collection C has a lock named "segX/pathZ" with token "L", and a request (e.g. PUT, COPY, MOVE, BIND) adds a binding in C from "segX" to resource R, then the request adds a lock named "pathZ" with token "L" to R. If the attempt to add the lock named "pathZ" to R fails, the request MUST fail. - An UNLOCK request removes all locks with the specified lock token. When a request of the form "UNLOCK /pathX; Lock-Token L" succeeds, then the lock with token "L" is removed from the resource identified by "/". If a collection C has a binding from "segX" to resource R, and a request removes a lock named "segX/pathZ" with token "L" from C, then the request removes a lock named "pathZ" with token "L" from R. Similarly, if a collection has a lock named "segX/pathZ" with token "L", and a request (e.g. DELETE, MOVE) removes a binding in C from "segX" to resource R, then a lock named "pathZ" with token "L" is removed from R. - A lock on a URL protects which resource is identified by that URL. If a collection identified by the URL "/colX" contains a lock named "pathZ" with token "L", if a request would change the resource identified by "/colX/pathZ", the request MUST specify token "L" in an IF header and the request principal MUST be the owner of token "L". - A Depth:N lock on a URL locks any URL that extends the locked URL by no more than N segments. If a collection C has a binding to resource R, and a request adds a Depth:N lock named "." with token "L" to C, then the request adds a Depth:N-1 lock named "." with token "L" to R. Similarly, if a collection C has a Depth:N lock named "." with token "L", and a request adds a binding in C to resource R, then the request adds a Depth:N-1 lock named "." with token "L" to R. If the attempt to add the lock named "." to R fails, the request MUST fail. Conversely, the Depth:N-1 lock is removed from R whenever a binding to R or the Depth:N lock is removed from C. - A Depth:infinity lock on a URL locks all URL's that extend the locked URL. If a collection C has a binding to resource R, and a request adds a Depth:infinity lock named "." with token "L" to C, and this is the first Depth:infinity lock named "." with token "L" on C, then the request adds a Depth:infinity lock named "." with token "L" to R. Similarly, if a collection C has a Depth:infinity lock named "." with token "L", and a request adds a binding in C to resource R, then the request adds a Depth:infinity lock named "." with token "L" to R. If the attempt to add the lock named "." to R fails, the request MUST fail. If a collection C has a binding to resource R, and a request removes the last Depth:infinity lock named "." with token "L" from C, then the request removes a Depth:infinity lock named "." with token "L" from R. Similarly, if a collection has a Depth:infinity lock named "." with token "L", and a request removes a binding in C to resource R, then a Depth:infinity lock named "." with token "L" is removed from R. Note that multiple Depth:infinity locks named "." with the same token can be placed on the same resource due to multiple bindings to that resource in a Depth:infinity locked collection. - If an exclusive lock identifies a resource, no other lock of that type can identify that resource. If a request attempts to add a lock named "pathZ" with token "L" and type T to resource R, and R already has an exclusive lock named "pathZ" with type "L" but with a different token, the request MUST fail. Similarly, if a request attempts to add an exclusive lock named "pathZ" with token "L" and type T to resource R, and R already has a lock named "pathZ" with type T but with a different token, the request MUST fail. - A write-lock on a URL protects the body and dead properties of any resource identified by that URL. If a resource has a write lock named "." with token "L", in order to modify the body or dead properties of that resource, a request MUST specify token "L" in an IF header and the request principal must be the principal that created the lock. ************************** OK, Jason, Yaron, Eric, et. al, what did I forget this time? (:-) Cheers, Geoff From w3c-dist-auth-request@w3.org Thu Jan 13 14:33:49 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA24285 for ; Thu, 13 Jan 2000 14:33:46 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id OAA12063; Thu, 13 Jan 2000 14:16:49 -0500 (EST) Resent-Date: Thu, 13 Jan 2000 14:16:49 -0500 (EST) Resent-Message-Id: <200001131916.OAA12063@www19.w3.org> From: ccjason@us.ibm.com X-Lotus-FromDomain: IBMUS To: "Geoffrey M. Clemm" cc: w3c-dist-auth@w3.org Message-ID: <85256865.0069D72C.00@D51MTA03.pok.ibm.com> Date: Thu, 13 Jan 2000 14:15:39 -0500 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3819 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Wow. This is dense. Here goes... GULP: Part II - A URL identifies a resource. Cool. I notice there is no mention of null resources. Perhaps that's intentional? - A lock is on a URL. Every lock has a lock token and a lock owner. Every lock on a resource has a name which is a relative URL (i.e. a slash separated sequence of URL segments). Every LOCK request that succeeds results in a new globally unique lock token. Every lock token has an owner that is the principal of the LOCK request. Just vocab. "Name" doesn't seem to be the right word. I'd expect a "name" to be unique and be equivalent to a token. -- Otherwise, A-OK. - A LOCK request creates a lock on the request URL. When a request of the form "LOCK /pathX" succeeds, a lock named "pathY/." with a new lock token is added to the resource identified by "/", where "pathY" is the result of applying standard URL path transformations to remove all segments named "." or ".." from "pathX". If a collection C has a binding from "segX" to resource R, and a request adds a lock named "segX/pathZ" with token "L" to C, then the request adds a lock named "pathZ" with token "L" to R. Similarly, if a collection C has a lock named "segX/pathZ" with token "L", and a request (e.g. PUT, COPY, MOVE, BIND) adds a binding in C from "segX" to resource R, then the request adds a lock named "pathZ" with token "L" to R. If the attempt to add the lock named "pathZ" to R fails, the request MUST fail. I'd prefer not to say the lock is on a URL, but hey, let's give it a shot.... Oh.. I think I understand what you mean by that. The phrase just threw me off. You are talking about what Eric calls namespace locks. All this does ring of implementation rather than model. You're basically describing how URI protection would have to be implemented to be efficient. For this reason, there is a lot of detail here. Mention and emphasis of the overall effect would be good: URI protection. - An UNLOCK request removes all locks with the specified lock token. When a request of the form "UNLOCK /pathX; Lock-Token L" succeeds, then the lock with token "L" is removed from the resource identified by "/". If a collection C has a binding from "segX" to resource R, and a request removes a lock named "segX/pathZ" with token "L" from C, then the request removes a lock named "pathZ" with token "L" from R. Hmm. Couldn't you just say that the lock with token L is removed everywhere it existed? At least as a summary statement? This rings of implemenation again. Similarly, if a collection has a lock named "segX/pathZ" with token "L", and a request (e.g. DELETE, MOVE) removes a binding in C from "segX" to resource R, then a lock named "pathZ" with token "L" is removed from R. This should be a different bullet. -- Also, we seem to talk of specific situations. If so, doesn't the above descriptions also cover the situation for descendents of R (assuming R is a collection)? - A lock on a URL protects which resource is identified by that URL. If a collection identified by the URL "/colX" contains a lock named "pathZ" with token "L", if a request would change the resource identified by "/colX/pathZ", the request MUST specify token "L" in an IF header and the request principal MUST be the owner of token "L". OK. The "lock on URL" phrase threw me off again, but the details sound right. Does this include null mapped resources? Or are we leaving that issue out for now? Note: this only protects the mapping of the resource explicitly locked. Not *necessarily* any of the bindings to the root. Just an observation. Later we might have to decide to allow servers to also protect those bindings if they wish. If this is the way we're going to describe the semantics we want, will we later need to use "If there exists..." type phrasing? You don't say what will happen if the request does include all the right tokens and the sumitter is the owner of all those tokens. That is the main area where recent proposals semantically distinguish themselves. - A Depth:N lock on a URL locks any URL that extends the locked URL by no more than N segments. If a collection C has a binding to resource R, and a request adds a Depth:N lock named "." with token "L" to C, then the request adds a Depth:N-1 lock named "." with token "L" to R. Similarly, if a collection C has a Depth:N lock named "." with token "L", and a request adds a binding in C to resource R, then the request adds a Depth:N-1 lock named "." with token "L" to R. If the attempt to add the lock named "." to R fails, the request MUST fail. Conversely, the Depth:N-1 lock is removed from R whenever a binding to R or the Depth:N lock is removed from C. Dynamic depth lccks. Okay. I guess technically you have declare what happens at depth 0. - A Depth:infinity lock on a URL locks all URL's that extend the locked URL. If a collection C has a binding to resource R, and a request adds a Depth:infinity lock named "." with token "L" to C, and this is the first Depth:infinity lock named "." with token "L" on C, then the request adds a Depth:infinity lock named "." with token "L" to R. Similarly, if a collection C has a Depth:infinity lock named "." with token "L", and a request adds a binding in C to resource R, then the request adds a Depth:infinity lock named "." with token "L" to R. If the attempt to add the lock named "." to R fails, the request MUST fail. If a collection C has a binding to resource R, and a request removes the last Depth:infinity lock named "." with token "L" from C, then the request removes a Depth:infinity lock named "." with token "L" from R. Similarly, if a collection has a Depth:infinity lock named "." with token "L", and a request removes a binding in C to resource R, then a Depth:infinity lock named "." with token "L" is removed from R. Sounds like this wording also handles the recursive removal of locks from the whole tree. Good. -- There is a bit of messiness dealing with loops I think. If didn't couch this all in detailed implementation based way, we might not have to mention that. BTW, you speak of the "*last* Depth:infinity lock". What is the significance of "last". (I also notice you mentioning "first" earlier.) Note that multiple Depth:infinity locks named "." with the same token can be placed on the same resource due to multiple bindings to that resource in a Depth:infinity locked collection. Right. IOW, "do the right thing". :-) - If an exclusive lock identifies a resource, no other lock of that type can identify that resource. If a request attempts to add a lock named "pathZ" with token "L" and type T to resource R, and R already has an exclusive lock named "pathZ" with type "L" but with a different token, the request MUST fail. Similarly, if a request attempts to add an exclusive lock named "pathZ" with token "L" and type T to resource R, and R already has a lock named "pathZ" with type T but with a different token, the request MUST fail. Hmmm. Exclusivenss of exclusive locks also apply to the name space aspect of the lock? This isn't good. It means only one exclusive lock can exist in the system at a time. I'd prefer the lock to be shared unless the resource is at a lock URI. (Resource Lock, not Namespace lock) - A write-lock on a URL protects the body and dead properties of any resource identified by that URL. If a resource has a write lock named "." with token "L", in order to modify the body or dead properties of that resource, a request MUST specify token "L" in an IF header and the request principal must be the principal that created the lock. So we now need to define "lock". Based on how you are using it in this document, a LOCK request can create many locks. And all of those locks will basically have the "same" (expanded) name. Except if it's a depth lock in which case there might be a lot of locks with "." as their name so their "expanded" names will differ. Anyway, my point here is that a LOCK request creates many "lock"s. If you couch it as you have, I think you're obligated to use Eric's "lock set" term. You haven't really said what happens in null mapped URI space. The actual document might not need to mention it, but since we've talked a lot about it, you probably should clarify that for us on the list. OK, Jason, Yaron, Eric, et. al, what did I forget this time? (:-) Well, overall my impression is that the semantics outlined here so far are good, but that the explanation is very dense and that it probably doesn't need to be. Although a few of the semantic details are differnt, Eric's way of describing it might be a LOT simplier. Perhaps starting with Eric's proposal and altering that match your semantics might work better. Jason. From w3c-dist-auth-request@w3.org Thu Jan 13 16:02:08 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA25187 for ; Thu, 13 Jan 2000 16:02:06 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id PAA15870; Thu, 13 Jan 2000 15:47:10 -0500 (EST) Resent-Date: Thu, 13 Jan 2000 15:47:10 -0500 (EST) Resent-Message-Id: <200001132047.PAA15870@www19.w3.org> Message-ID: <007401bf5e07$4771de10$9a114498@us.oracle.com> From: "Eric Sedlar" To: "Geoffrey M. Clemm" , References: <10001122312.AA22058@tantalum> Date: Thu, 13 Jan 2000 12:46:34 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3820 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit This is pretty dense, but let me see if I get the gist of how your proposal differs from mine: You want to avoid having name and resource locks as separate entities, so you basically say that a name lock (as in my proposal) locks the resource it is bound to, if any. If the lock is exclusive, you can't lock any other name applied to that resource. For example, if I have /a/foo.html and /b/foo.html both identifying the same resource, if I exclusive lock /a/foo.html, I can't protect the name "/b/foo.html" since I can't lock it. Since the LOCK protocol request currently doesn't distinguish between name and resource locks, you couldn't lock /b/foo.html anyway (which is why you are ok with the restriction above), since the protocol request would try to lock the resource identified by /b/foo.html as well as the name. However, it does seem like there will be reasons to protect the namespace in this way, and I think you are paying a price for reducing the number of locks. > - If an exclusive lock identifies a resource, no other lock of that type can > identify that resource. Here's a scenario: it seems like if application A has an exclusive lock on /a/foo.html (say because it is planning on updating the resource to create a new version, and it wants to prevent lost updates) and application B wants to only read /b/foo.html and protect the namespace so that it can find it again later, application B cannot create a shared lock on /b/foo.html, correct? The problem is that application A will not actually update the resource that app B is working with--it will just create a new revision. (Although this may affect the revision selected by app B). Is this an issue your versioned locks deal with? --Eric ----- Original Message ----- From: "Geoffrey M. Clemm" To: Sent: Wednesday, January 12, 2000 3:12 PM Subject: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) > > Eric suggests that a URL-based locking model should be mapped into the > underlying collection resources that implement the namespace. I agree > with both this conclusion and the reasoning leading up to it. > > But I think it is simpler to model namespace protection and state > protection as being two results of a single kind of lock, as opposed > to the result of two different kinds of locks. This avoids the > problem of describing how namespace locks and state locks interact. > > In an attempt to make the proposal both understandable and complete, > I've broken it into two parts. The first part is a series of bullets, > which largely correspond to the "URL-based locking" proposal I mailed out > a while ago. The second part is the same series of bullets fleshed out > with a more formal description of each bullet in terms of an underlying > resource model and effects on the visible lock state of resources. > > ************************** > > GULP: Part I > > - A URL identifies a resource. > - A LOCK request creates a lock on the request URL. > - An UNLOCK request removes all locks with the specified lock token. > - A lock on a URL protects which resource is identified by that URL. > - A Depth:N lock on a URL locks any URL that extends the locked URL by no > more than N segments. > - A Depth:infinity lock on a URL locks all URL's that extend the locked URL. > - If an exclusive lock identifies a resource, no other lock of that type can > identify that resource. > - A write-lock on a URL protects the body and dead properties of any > resource identified by that URL. > > ************************** > > GULP: Part II > > - A URL identifies a resource. > > The URL "/" identifies a resource. A collection contains a set of bindings, > where a binding is a mapping from a URL segment to a resource. If "/path" > identifies a collection C, and C contains a binding that maps the segment > "x" to resource R, then the URL "/path/x" identifies resource R. > > - A lock is on a URL. Every lock has a lock token and a lock owner. > > Every lock on a resource has a name which is a relative URL (i.e. a slash > separated sequence of URL segments). Every LOCK request that succeeds > results in a new globally unique lock token. Every lock token has an owner > that is the principal of the LOCK request. > > - A LOCK request creates a lock on the request URL. > > When a request of the form "LOCK /pathX" succeeds, a lock named "pathY/." > with a new lock token is added to the resource identified by "/", where > "pathY" is the result of applying standard URL path transformations to > remove all segments named "." or ".." from "pathX". If a collection C has a > binding from "segX" to resource R, and a request adds a lock named > "segX/pathZ" with token "L" to C, then the request adds a lock named "pathZ" > with token "L" to R. Similarly, if a collection C has a lock named > "segX/pathZ" with token "L", and a request (e.g. PUT, COPY, MOVE, BIND) adds > a binding in C from "segX" to resource R, then the request adds a lock named > "pathZ" with token "L" to R. If the attempt to add the lock named "pathZ" to > R fails, the request MUST fail. > > - An UNLOCK request removes all locks with the specified lock token. > > When a request of the form "UNLOCK /pathX; Lock-Token L" succeeds, then the > lock with token "L" is removed from the resource identified by "/". If a > collection C has a binding from "segX" to resource R, and a request removes > a lock named "segX/pathZ" with token "L" from C, then the request removes a > lock named "pathZ" with token "L" from R. Similarly, if a collection has a > lock named "segX/pathZ" with token "L", and a request (e.g. DELETE, MOVE) > removes a binding in C from "segX" to resource R, then a lock named "pathZ" > with token "L" is removed from R. > > - A lock on a URL protects which resource is identified by that URL. > > If a collection identified by the URL "/colX" contains a lock named "pathZ" > with token "L", if a request would change the resource identified by > "/colX/pathZ", the request MUST specify token "L" in an IF header and the > request principal MUST be the owner of token "L". > > - A Depth:N lock on a URL locks any URL that extends the locked URL by no > more than N segments. > > If a collection C has a binding to resource R, and a request adds a Depth:N > lock named "." with token "L" to C, then the request adds a Depth:N-1 lock > named "." with token "L" to R. Similarly, if a collection C has a Depth:N > lock named "." with token "L", and a request adds a binding in C to resource > R, then the request adds a Depth:N-1 lock named "." with token "L" to R. If > the attempt to add the lock named "." to R fails, the request MUST fail. > Conversely, the Depth:N-1 lock is removed from R whenever a binding to R or > the Depth:N lock is removed from C. > > - A Depth:infinity lock on a URL locks all URL's that extend the locked URL. > > If a collection C has a binding to resource R, and a request adds a > Depth:infinity lock named "." with token "L" to C, and this is the first > Depth:infinity lock named "." with token "L" on C, then the request adds a > Depth:infinity lock named "." with token "L" to R. Similarly, if a > collection C has a Depth:infinity lock named "." with token "L", and a > request adds a binding in C to resource R, then the request adds a > Depth:infinity lock named "." with token "L" to R. If the attempt to add the > lock named "." to R fails, the request MUST fail. If a collection C has a > binding to resource R, and a request removes the last Depth:infinity lock > named "." with token "L" from C, then the request removes a Depth:infinity > lock named "." with token "L" from R. Similarly, if a collection has a > Depth:infinity lock named "." with token "L", and a request removes a > binding in C to resource R, then a Depth:infinity lock named "." with token > "L" is removed from R. Note that multiple Depth:infinity locks named "." > with the same token can be placed on the same resource due to multiple > bindings to that resource in a Depth:infinity locked collection. > > - If an exclusive lock identifies a resource, no other lock of that type can > identify that resource. > > If a request attempts to add a lock named "pathZ" with token "L" and type T > to resource R, and R already has an exclusive lock named "pathZ" with type > "L" but with a different token, the request MUST fail. Similarly, if a > request attempts to add an exclusive lock named "pathZ" with token "L" and > type T to resource R, and R already has a lock named "pathZ" with type T but > with a different token, the request MUST fail. > > - A write-lock on a URL protects the body and dead properties of any > resource identified by that URL. > > If a resource has a write lock named "." with token "L", in order to modify > the body or dead properties of that resource, a request MUST specify token > "L" in an IF header and the request principal must be the principal that > created the lock. > > ************************** > > OK, Jason, Yaron, Eric, et. al, what did I forget this time? (:-) > > Cheers, > Geoff > > From w3c-dist-auth-request@w3.org Thu Jan 13 17:06:52 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA25824 for ; Thu, 13 Jan 2000 17:06:49 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id QAA17612; Thu, 13 Jan 2000 16:53:52 -0500 (EST) Resent-Date: Thu, 13 Jan 2000 16:53:52 -0500 (EST) Resent-Message-Id: <200001132153.QAA17612@www19.w3.org> From: Jim Whitehead To: WebDAV WG Date: Thu, 13 Jan 2000 13:50:11 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: Reminder: WG Last Call, Bindings Protocol Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3821 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit This is a reminder that we are about 2/3 of the way through a working group last call for comments period on the WebDAV Bindings Protocol specification: http://www.ics.uci.edu/pub/ietf/webdav/collection/draft-ietf-webdav-binding- protocol-02 The last call period ends January 24, 2000, at midnight, Pacific time. The intent of the last call period is to allow working group members to perform a final review of the specification before it is submitted to the IESG for approval as a Proposed Standard. For more details on the last call, please consult the original message announcing the start of the last call period: http://lists.w3.org/Archives/Public/w3c-dist-auth/1999OctDec/0337.html - Jim Whitehead Chair, IETF WebDAV Working Group From w3c-dist-auth-request@w3.org Thu Jan 13 17:44:14 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA26029 for ; Thu, 13 Jan 2000 17:44:14 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id RAA00037; Thu, 13 Jan 2000 17:33:33 -0500 (EST) Resent-Date: Thu, 13 Jan 2000 17:33:33 -0500 (EST) Resent-Message-Id: <200001132233.RAA00037@www19.w3.org> From: ccjason@us.ibm.com X-Lotus-FromDomain: IBMUS To: "Eric Sedlar" cc: "Geoffrey M. Clemm" , w3c-dist-auth@w3.org Message-ID: <85256865.007BDF15.00@D51MTA03.pok.ibm.com> Date: Thu, 13 Jan 2000 17:32:36 -0500 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3822 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Ah... Eric's note brings up another possibility. It might be a red herring, but as Geoff's proposal is currently written (and Eric's too I think) it still is a possibly unexpected behavior. User B locks /a/b/ exclusively. User D tries to do a shared lock on /a/b/c/d.html but fails because in the proposal that will also create a lock (or will it?) on /a/b/ which already has an exclusive lock on it. I'm not saying this is good or bad. I'm just pointing it out as what sounds like a difference in the recent proposals relative to what we were proposing a month or more ago. Jason. From w3c-dist-auth-request@w3.org Thu Jan 13 20:17:41 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA26971 for ; Thu, 13 Jan 2000 20:17:40 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA12878; Thu, 13 Jan 2000 20:06:29 -0500 (EST) Resent-Date: Thu, 13 Jan 2000 20:06:29 -0500 (EST) Resent-Message-Id: <200001140106.UAA12878@www19.w3.org> Date: Thu, 13 Jan 2000 20:06:23 -0500 Message-Id: <10001140106.AA22868@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <85256865.0069D72C.00@D51MTA03.pok.ibm.com> (ccjason@us.ibm.com) Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3823 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list First, thanks for the prompt review! Based on Jason's comments, I will rewrite the "headers", write a few key examples, and will give each of the "rules" a number, so that I can explain the example by reference to which rule produces the behavior in the example. I will make no changes to the actual rules, so there will be no semantic changes in this rewrite. And now for a few responses: From: ccjason@us.ibm.com GULP: Part II - A URL identifies a resource. Cool. I notice there is no mention of null resources. Perhaps that's intentional? I'll change this to say "A URL can identify a resource". I did not intend to imply that all URL's identify a resource. This model does not have the notion of a null resource. - A lock is on a URL. Every lock has a lock token and a lock owner. Every lock on a resource has a name which is a relative URL (i.e. a slash separated sequence of URL segments). Every LOCK request that succeeds results in a new globally unique lock token. Every lock token has an owner that is the principal of the LOCK request. Just vocab. "Name" doesn't seem to be the right word. I'd expect a "name" to be unique and be equivalent to a token. -- Otherwise, A-OK. I'm open to whatever term folks prefer. All that really matters is that it be a string which has relative URL syntax. - A LOCK request creates a lock on the request URL. When a request of the form "LOCK /pathX" succeeds, a lock named "pathY/." with a new lock token is added to the resource identified by "/", where "pathY" is the result of applying standard URL path transformations to remove all segments named "." or ".." from "pathX". If a collection C has a binding from "segX" to resource R, and a request adds a lock named "segX/pathZ" with token "L" to C, then the request adds a lock named "pathZ" with token "L" to R. Similarly, if a collection C has a lock named "segX/pathZ" with token "L", and a request (e.g. PUT, COPY, MOVE, BIND) adds a binding in C from "segX" to resource R, then the request adds a lock named "pathZ" with token "L" to R. If the attempt to add the lock named "pathZ" to R fails, the request MUST fail. I'd prefer not to say the lock is on a URL, but hey, let's give it a shot.... Oh.. I think I understand what you mean by that. The phrase just threw me off. You are talking about what Eric calls namespace locks. The only sense in which there are two kinds of locks in this model is that locks named "." have some additional properties, but the preceding paragraph applies to *all* locks, not just locks named "." All this does ring of implementation rather than model. You're basically describing how URI protection would have to be implemented to be efficient. How this is implemented is completely up to the server. This is intended to define the effect of locking in terms of resource properties visible via the protocol. These semantics describe both under what conditions a request MUST fail, and what the state on the server will be following a successful request. For this reason, there is a lot of detail here. Mention and emphasis of the overall effect would be good: URI protection. That comes later. This is just a detailed description of how the locking properties must appear on the server following various operations. This is modeled in terms of the underlying binding model instead of trying to enumerate all WebDAV methods, in order to provide guidance when new methods are defined. This way, you can just look at the effect of a new method on the binding model, and conclude what the locking effect will be, rather than having to reconvene the locking working group whenever a new method is added to HTTP. - An UNLOCK request removes all locks with the specified lock token. When a request of the form "UNLOCK /pathX; Lock-Token L" succeeds, then the lock with token "L" is removed from the resource identified by "/". If a collection C has a binding from "segX" to resource R, and a request removes a lock named "segX/pathZ" with token "L" from C, then the request removes a lock named "pathZ" with token "L" from R. Hmm. Couldn't you just say that the lock with token L is removed everywhere it existed? At least as a summary statement? This rings of implemenation again. That statement only applies to the UNLOCK request. The second sentence applies to all methods that result in a lock being removed, whether it is from an UNLOCK, a DELETE, a MOVE, or some new method not yet defined. Similarly, if a collection has a lock named "segX/pathZ" with token "L", and a request (e.g. DELETE, MOVE) removes a binding in C from "segX" to resource R, then a lock named "pathZ" with token "L" is removed from R. This should be a different bullet. I intended this bullet to be about lock removal in general, not just about the UNLOCK command. I'll retitle this section: "A lock can be removed from a resource by UNLOCK or by removing a resource from a locked collection." Also, we seem to talk of specific situations. If you can think of a situation this doesn't cover, please let me know. The wording here was intended to be the minimal number of rules that completely define the semantics. If so, doesn't the above descriptions also cover the situation for descendents of R (assuming R is a collection)? Yes, it does. (All of these rules are applied recursively). - A lock on a URL protects which resource is identified by that URL. If a collection identified by the URL "/colX" contains a lock named "pathZ" with token "L", if a request would change the resource identified by "/colX/pathZ", the request MUST specify token "L" in an IF header and the request principal MUST be the owner of token "L". OK. The "lock on URL" phrase threw me off again, but the details sound right. Does this include null mapped resources? Definitely yes! (That was one of the interesting challenges :-). Note: this only protects the mapping of the resource explicitly locked. Not *necessarily* any of the bindings to the root. Just an observation. Later we might have to decide to allow servers to also protect those bindings if they wish. It is designed to protect all the bindings from the resource to the root. Can you come up with an example of how a binding could be removed without violating one of the rules? If this is the way we're going to describe the semantics we want, will we later need to use "If there exists..." type phrasing? Shouldn't have to. Let me know if you have an example where you think the current semantics aren't sufficient. You don't say what will happen if the request does include all the right tokens and the sumitter is the owner of all those tokens. That is the main area where recent proposals semantically distinguish themselves. Actually, this proposal very carefully deals only with the lock state of properties, the two locking operations (LOCK and UNLOCK), and when a method will fail because of violating a lock. The semantics of non-locking methods is left undefined except where it results in a modification to the lock state of a resource. - A Depth:N lock on a URL locks any URL that extends the locked URL by no more than N segments. If a collection C has a binding to resource R, and a request adds a Depth:N lock named "." with token "L" to C, then the request adds a Depth:N-1 lock named "." with token "L" to R. Similarly, if a collection C has a Depth:N lock named "." with token "L", and a request adds a binding in C to resource R, then the request adds a Depth:N-1 lock named "." with token "L" to R. If the attempt to add the lock named "." to R fails, the request MUST fail. Conversely, the Depth:N-1 lock is removed from R whenever a binding to R or the Depth:N lock is removed from C. Dynamic depth lccks. Okay. I guess technically you have declare what happens at depth 0. Shouldn't have to. Just substitute "0" for N in the above paragraph, and you know what happens at depth 0. Only "infinity" is special. - A Depth:infinity lock on a URL locks all URL's that extend the locked URL. If a collection C has a binding to resource R, and a request adds a Depth:infinity lock named "." with token "L" to C, and this is the first Depth:infinity lock named "." with token "L" on C, then the request adds a Depth:infinity lock named "." with token "L" to R. Similarly, if a collection C has a Depth:infinity lock named "." with token "L", and a request adds a binding in C to resource R, then the request adds a Depth:infinity lock named "." with token "L" to R. If the attempt to add the lock named "." to R fails, the request MUST fail. If a collection C has a binding to resource R, and a request removes the last Depth:infinity lock named "." with token "L" from C, then the request removes a Depth:infinity lock named "." with token "L" from R. Similarly, if a collection has a Depth:infinity lock named "." with token "L", and a request removes a binding in C to resource R, then a Depth:infinity lock named "." with token "L" is removed from R. Sounds like this wording also handles the recursive removal of locks from the whole tree. Good. -- There is a bit of messiness dealing with loops I think. If didn't couch this all in detailed implementation based way, we might not have to mention that. I continue to maintain that this is pure semantics (albeit described in the form of state transition rules). Getting the semantics to handle loops was one of the hardest parts of this protocol. If I got it wrong, let me know. BTW, you speak of the "*last* Depth:infinity lock". What is the significance of "last". (I also notice you mentioning "first" earlier.) You can have multiple occurrences of the same lock on a resource. Certain state changes occur only on the first application of a given lock to a resource, and on the removal of the last occurrence of a given lock on a resource. Note that multiple Depth:infinity locks named "." with the same token can be placed on the same resource due to multiple bindings to that resource in a Depth:infinity locked collection. Right. IOW, "do the right thing". :-) Actually, this was intended to be a pre-emptive answer to the question you raised above (:-). In particular, it is wrong to not add a lock to a resource because one like it is already there (i.e. it is not a set). - If an exclusive lock identifies a resource, no other lock of that type can identify that resource. If a request attempts to add a lock named "pathZ" with token "L" and type T to resource R, and R already has an exclusive lock named "pathZ" with type "L" but with a different token, the request MUST fail. Similarly, if a request attempts to add an exclusive lock named "pathZ" with token "L" and type T to resource R, and R already has a lock named "pathZ" with type T but with a different token, the request MUST fail. Hmmm. Exclusivenss of exclusive locks also apply to the name space aspect of the lock? This isn't good. I'm not sure what you mean by this. In particular, what do you mean by the "name space aspect of a lock"? It means only one exclusive lock can exist in the system at a time. How so? You can get an exclusive lock conflict only if there are two locks on the same resource *and* they are of the same type *and* they have the same name *and* they have different tokens *and* one of them is exclusive. That leaves room for lots of exclusive locks. I'd prefer the lock to be shared unless the resource is at a lock URI. (Resource Lock, not Namespace lock) Just one kind of lock, but each lock has a "name" and exclusive locks don't conflict unless they have the same name. - A write-lock on a URL protects the body and dead properties of any resource identified by that URL. If a resource has a write lock named "." with token "L", in order to modify the body or dead properties of that resource, a request MUST specify token "L" in an IF header and the request principal must be the principal that created the lock. So we now need to define "lock". Based on how you are using it in this document, a LOCK request can create many locks. Yes. And all of those locks will basically have the "same" (expanded) name. There is no concept of an "expanded" lock name. A lock has exactly one name (just as it has one token and one type and one owner). Except if it's a depth lock in which case there might be a lot of locks with "." as their name so their "expanded" names will differ. Yes, there will be a lot of locks with "." as their name (for a given resource, locks will differ in their token, unless they are shared locks). Anyway, my point here is that a LOCK request creates many "lock"s. If you couch it as you have, I think you're obligated to use Eric's "lock set" term. I haven't found the need to do so. I can just say "all locks with the same token" if I need to refer to that set (and I only needed to do so for the UNLOCK definition). You haven't really said what happens in null mapped URI space. Actually, I have (:-). Run through the rules for a URL that does not (currently) identify a resource, and all should work. The actual document might not need to mention it, but since we've talked a lot about it, you probably should clarify that for us on the list. Yes, and example is clearly called for. OK, Jason, Yaron, Eric, et. al, what did I forget this time? (:-) Well, overall my impression is that the semantics outlined here so far are good, but that the explanation is very dense and that it probably doesn't need to be. I believe that you couldn't delete any of the rules without losing some key semantics. I'm always interested in seeing alternative formulations, though. (Then I can take the potshots :-). Although a few of the semantic details are differnt, Eric's way of describing it might be a LOT simplier. Eric's description did not handle cyclic bindings, some of the subtler cases of locks on URL's not bound to resources, or of the behavior of LOCK's when the state of collections are modified. That does make it simpler (:-). Perhaps starting with Eric's proposal and altering that match your semantics might work better. Anything that gets us to a complete and understandable set of semantics works for me! Cheers, Geoff From w3c-dist-auth-request@w3.org Thu Jan 13 20:17:45 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA26982 for ; Thu, 13 Jan 2000 20:17:45 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA12923; Thu, 13 Jan 2000 20:07:02 -0500 (EST) Resent-Date: Thu, 13 Jan 2000 20:07:02 -0500 (EST) Resent-Message-Id: <200001140107.UAA12923@www19.w3.org> From: Jim Whitehead To: "Geoffrey M. Clemm" , w3c-dist-auth@w3.org MMDF-Warning: Parse error in original version of preceding line at gremlin-relay.ics.uci.edu Date: Thu, 13 Jan 2000 17:03:15 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <10001122312.AA22058@tantalum> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: RE: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3824 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit A problem with this proposal (and, to be fair, the same problem is shared by RFC 2518) is it never defines what a lock *is*. That is, there is no sentence here that begins, "A lock is a ...". As a result, this makes it hard to assess whether statements such as the following make sense: "A lock is on a URL. Every lock has a lock token and a lock owner." Initially, a lock was a metaphor, extending the meaning of real-world locks into the realm of computer data. Real-world locks have several properties. They have mass and volume. That is, there is a physical lock mechanism that takes up space, and hence be located someplace. Examples are a lock set into a door, and a padlock, where the lock is separate from the thing being locked, and is connected by hooks, or a chain. Locks also have some way to open them, and provide access to the locked item, either via a key, or a combination. When locking a volume of space, such as a room, it is possible to simultaneously lock people out (prevent access), and lock people in (guarantee exclusive access). Ownership of a real world lock is separate from the ability to lock and unlock it. While typically the owner of a lock also has the ability to lock and unlock it, there are often others who have the same ability. Think of your office door -- you probably don't own the door, but you can unlock it. A WebDAV lock is an abstraction that arbitrates operations on resources. A WebDAV write lock simultaneously guarantees that only the lock owner (or owners, in the case of a shared lock), can write to the resource, and that non-lock-owners are prevented from writing to the resource. Lock ownership in WebDAV is synonymous having the ability to perform the lock-arbitrated operation and unlock the locked resource. WebDAV locks have state, the equivalent to mass and volume for real-world locks. The only description of the state of a lock in RFC 2518 can be found in the lock discovery property, which gives the state of a lock as containing: - lock type - lock scope - lock depth - lock timeout time - lock token - lock owner - lock URL (implicit) For any stateful abstraction, such as a lock, there are several meaningful questions. Is the abstraction a first-class object? That is, is its state and existence independent of other system objects, and does it have its own independent identity? Or is the abstraction a component of some other object. Following the real-world lock analogy, is the lock more akin to a padlock, independent of the items being locked, or a door lock, where the lock is a component of the door. So far in WebDAV, lock state has been part of a resource, since resources are the only stateful objects in HTTP. The GULP proposal, with statements like, "a LOCK request creates a lock on the request URL," seems to imply that lock state is part of a URL. This is a troubling assertion since URLs have not, to date, been stateful objects. But, a further examination of GULP (in the section "a LOCK request creates a lock on the request URL") shows that the lock state is kept on the locked resource's collection, and perhaps on the locked resource as well. Thus the lock is not "on" the URL at all, but is instead on the locked resource's parent collection, and on the resource. The lock certaintly affects the URL, but it isn't "on" the URL. Having the lock state as part of the collection is troublesome, since it implies that only WebDAV resources inside WebDAV collections may be locked. This is an additional (and unnecessary) restriction over anything specified in RFC 2518. Furthermore, duplicating the lock state in the resource and its parent collection seems unnecessary. So, before we proceed, I would like to see a definition of a lock that begins with "A lock is a ...", and I'd like to see a better description of what constitutes the state of a lock, and where this state is kept. Answering these questions will help clarify the rest of the semantics described in the GULP proposal. - Jim > -----Original Message----- > From: w3c-dist-auth-request@w3.org > [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Geoffrey M. Clemm > Sent: Wednesday, January 12, 2000 3:13 PM > To: w3c-dist-auth@w3.org > Subject: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) > > > > Eric suggests that a URL-based locking model should be mapped into the > underlying collection resources that implement the namespace. I agree > with both this conclusion and the reasoning leading up to it. > > But I think it is simpler to model namespace protection and state > protection as being two results of a single kind of lock, as opposed > to the result of two different kinds of locks. This avoids the > problem of describing how namespace locks and state locks interact. > > In an attempt to make the proposal both understandable and complete, > I've broken it into two parts. The first part is a series of bullets, > which largely correspond to the "URL-based locking" proposal I mailed out > a while ago. The second part is the same series of bullets fleshed out > with a more formal description of each bullet in terms of an underlying > resource model and effects on the visible lock state of resources. > > ************************** > > GULP: Part I > > - A URL identifies a resource. > - A LOCK request creates a lock on the request URL. > - An UNLOCK request removes all locks with the specified lock token. > - A lock on a URL protects which resource is identified by that URL. > - A Depth:N lock on a URL locks any URL that extends the locked URL by no > more than N segments. > - A Depth:infinity lock on a URL locks all URL's that extend the > locked URL. > - If an exclusive lock identifies a resource, no other lock of > that type can > identify that resource. > - A write-lock on a URL protects the body and dead properties of any > resource identified by that URL. > > ************************** > > GULP: Part II > > - A URL identifies a resource. > > The URL "/" identifies a resource. A collection contains a set of > bindings, > where a binding is a mapping from a URL segment to a resource. If "/path" > identifies a collection C, and C contains a binding that maps the segment > "x" to resource R, then the URL "/path/x" identifies resource R. > > - A lock is on a URL. Every lock has a lock token and a lock owner. > > Every lock on a resource has a name which is a relative URL (i.e. a slash > separated sequence of URL segments). Every LOCK request that succeeds > results in a new globally unique lock token. Every lock token has an owner > that is the principal of the LOCK request. > > - A LOCK request creates a lock on the request URL. > > When a request of the form "LOCK /pathX" succeeds, a lock named "pathY/." > with a new lock token is added to the resource identified by "/", where > "pathY" is the result of applying standard URL path transformations to > remove all segments named "." or ".." from "pathX". If a > collection C has a > binding from "segX" to resource R, and a request adds a lock named > "segX/pathZ" with token "L" to C, then the request adds a lock > named "pathZ" > with token "L" to R. Similarly, if a collection C has a lock named > "segX/pathZ" with token "L", and a request (e.g. PUT, COPY, MOVE, > BIND) adds > a binding in C from "segX" to resource R, then the request adds a > lock named > "pathZ" with token "L" to R. If the attempt to add the lock named > "pathZ" to > R fails, the request MUST fail. > > - An UNLOCK request removes all locks with the specified lock token. > > When a request of the form "UNLOCK /pathX; Lock-Token L" > succeeds, then the > lock with token "L" is removed from the resource identified by "/". If a > collection C has a binding from "segX" to resource R, and a > request removes > a lock named "segX/pathZ" with token "L" from C, then the request > removes a > lock named "pathZ" with token "L" from R. Similarly, if a collection has a > lock named "segX/pathZ" with token "L", and a request (e.g. DELETE, MOVE) > removes a binding in C from "segX" to resource R, then a lock > named "pathZ" > with token "L" is removed from R. > > - A lock on a URL protects which resource is identified by that URL. > > If a collection identified by the URL "/colX" contains a lock > named "pathZ" > with token "L", if a request would change the resource identified by > "/colX/pathZ", the request MUST specify token "L" in an IF header and the > request principal MUST be the owner of token "L". > > - A Depth:N lock on a URL locks any URL that extends the locked URL by no > more than N segments. > > If a collection C has a binding to resource R, and a request adds > a Depth:N > lock named "." with token "L" to C, then the request adds a Depth:N-1 lock > named "." with token "L" to R. Similarly, if a collection C has a Depth:N > lock named "." with token "L", and a request adds a binding in C > to resource > R, then the request adds a Depth:N-1 lock named "." with token > "L" to R. If > the attempt to add the lock named "." to R fails, the request MUST fail. > Conversely, the Depth:N-1 lock is removed from R whenever a > binding to R or > the Depth:N lock is removed from C. > > - A Depth:infinity lock on a URL locks all URL's that extend the > locked URL. > > If a collection C has a binding to resource R, and a request adds a > Depth:infinity lock named "." with token "L" to C, and this is the first > Depth:infinity lock named "." with token "L" on C, then the request adds a > Depth:infinity lock named "." with token "L" to R. Similarly, if a > collection C has a Depth:infinity lock named "." with token "L", and a > request adds a binding in C to resource R, then the request adds a > Depth:infinity lock named "." with token "L" to R. If the attempt > to add the > lock named "." to R fails, the request MUST fail. If a collection C has a > binding to resource R, and a request removes the last Depth:infinity lock > named "." with token "L" from C, then the request removes a Depth:infinity > lock named "." with token "L" from R. Similarly, if a collection has a > Depth:infinity lock named "." with token "L", and a request removes a > binding in C to resource R, then a Depth:infinity lock named "." > with token > "L" is removed from R. Note that multiple Depth:infinity locks named "." > with the same token can be placed on the same resource due to multiple > bindings to that resource in a Depth:infinity locked collection. > > - If an exclusive lock identifies a resource, no other lock of > that type can > identify that resource. > > If a request attempts to add a lock named "pathZ" with token "L" > and type T > to resource R, and R already has an exclusive lock named "pathZ" with type > "L" but with a different token, the request MUST fail. Similarly, if a > request attempts to add an exclusive lock named "pathZ" with token "L" and > type T to resource R, and R already has a lock named "pathZ" with > type T but > with a different token, the request MUST fail. > > - A write-lock on a URL protects the body and dead properties of any > resource identified by that URL. > > If a resource has a write lock named "." with token "L", in order > to modify > the body or dead properties of that resource, a request MUST specify token > "L" in an IF header and the request principal must be the principal that > created the lock. > > ************************** > > OK, Jason, Yaron, Eric, et. al, what did I forget this time? (:-) > > Cheers, > Geoff > From w3c-dist-auth-request@w3.org Thu Jan 13 20:43:21 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA27118 for ; Thu, 13 Jan 2000 20:43:20 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA14051; Thu, 13 Jan 2000 20:32:29 -0500 (EST) Resent-Date: Thu, 13 Jan 2000 20:32:29 -0500 (EST) Resent-Message-Id: <200001140132.UAA14051@www19.w3.org> From: Jim Whitehead To: WebDAV WG Date: Thu, 13 Jan 2000 17:28:48 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: Adelaide/IETF-47 Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3825 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit At present, it is my intention to *not* hold a WebDAV working group meeting in Adelaide, Australia, at IETF-47. I could potentially be convinced otherwise, but at present I don't think many WebDAV WG members are intending on going, due to the expense, and hence I don't think we would get much work done. - Jim From w3c-dist-auth-request@w3.org Thu Jan 13 20:47:18 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA27152 for ; Thu, 13 Jan 2000 20:47:18 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA14254; Thu, 13 Jan 2000 20:36:33 -0500 (EST) Resent-Date: Thu, 13 Jan 2000 20:36:33 -0500 (EST) Resent-Message-Id: <200001140136.UAA14254@www19.w3.org> Date: Thu, 13 Jan 2000 20:36:25 -0500 Message-Id: <10001140136.AA22895@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: (message from Jim Whitehead on Thu, 13 Jan 2000 17:03:15 -0800) Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3826 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Basically, I agree with all of Jim's points. In particular, I'll try out the "lock is on the resource" approach in the next draft of GULP. As Jim noted, in GULP the locking semantics *are* in fact all defined in terms of affect on the states of resources, so the "lock is on a URL" is at best a metaphor. So I'll leave the semantics alone, and just change the metaphor. I'll also modify the way I refer to a lock in the semantics so that it always is in the form of a tuple (e.g. [x, y, z]) so it is clearer when a "lock" appears in the rules. Finally, I believe it is sufficient to say that "lock discovery only displays the locks on WebDAV resources", so that the locks on non-WebDAV collections above the WebDAV are logically there, but you just can't inspect them with PROPFIND. (Jim et. al, does this work for you? Or maybe you can't really say, until you see it written up.) Cheers, Geoff From: Jim Whitehead A problem with this proposal (and, to be fair, the same problem is shared by RFC 2518) is it never defines what a lock *is*. That is, there is no sentence here that begins, "A lock is a ...". As a result, this makes it hard to assess whether statements such as the following make sense: "A lock is on a URL. Every lock has a lock token and a lock owner." Good point. I'll add such a statement in the next rev. A WebDAV lock is an abstraction that arbitrates operations on resources. A WebDAV write lock simultaneously guarantees that only the lock owner (or owners, in the case of a shared lock), can write to the resource, and that non-lock-owners are prevented from writing to the resource. Lock ownership in WebDAV is synonymous having the ability to perform the lock-arbitrated operation and unlock the locked resource. WebDAV locks have state, the equivalent to mass and volume for real-world locks. The only description of the state of a lock in RFC 2518 can be found in the lock discovery property, which gives the state of a lock as containing: - lock type - lock scope - lock depth - lock timeout time - lock token - lock owner - lock URL (implicit) For any stateful abstraction, such as a lock, there are several meaningful questions. Is the abstraction a first-class object? That is, is its state and existence independent of other system objects, and does it have its own independent identity? Or is the abstraction a component of some other object. Following the real-world lock analogy, is the lock more akin to a padlock, independent of the items being locked, or a door lock, where the lock is a component of the door. So far in WebDAV, lock state has been part of a resource, since resources are the only stateful objects in HTTP. The GULP proposal, with statements like, "a LOCK request creates a lock on the request URL," seems to imply that lock state is part of a URL. This is a troubling assertion since URLs have not, to date, been stateful objects. But, a further examination of GULP (in the section "a LOCK request creates a lock on the request URL") shows that the lock state is kept on the locked resource's collection, and perhaps on the locked resource as well. Thus the lock is not "on" the URL at all, but is instead on the locked resource's parent collection, and on the resource. The lock certaintly affects the URL, but it isn't "on" the URL. Having the lock state as part of the collection is troublesome, since it implies that only WebDAV resources inside WebDAV collections may be locked. This is an additional (and unnecessary) restriction over anything specified in RFC 2518. Furthermore, duplicating the lock state in the resource and its parent collection seems unnecessary. So, before we proceed, I would like to see a definition of a lock that begins with "A lock is a ...", and I'd like to see a better description of what constitutes the state of a lock, and where this state is kept. Answering these questions will help clarify the rest of the semantics described in the GULP proposal. - Jim From w3c-dist-auth-request@w3.org Thu Jan 13 21:05:26 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA27288 for ; Thu, 13 Jan 2000 21:05:26 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA15019; Thu, 13 Jan 2000 20:53:29 -0500 (EST) Resent-Date: Thu, 13 Jan 2000 20:53:29 -0500 (EST) Resent-Message-Id: <200001140153.UAA15019@www19.w3.org> From: Jim Whitehead To: "Geoffrey M. Clemm" , w3c-dist-auth@w3.org MMDF-Warning: Parse error in original version of preceding line at gremlin-relay.ics.uci.edu Date: Thu, 13 Jan 2000 17:49:47 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <10001070353.AA19329@tantalum> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: RE: Anomaly in the DAV:prop element usage Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3827 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit Geoff Clemm writes: > But > in those cases where you do have the DTD's available (such as for the > DAV:xxx properties), it does provide some cognitive dissonance to > see an element like in a PROPFIND request, > when the DTD for creationdate is: > Actually, in this specific case the XML is valid. The construction is defined to be the same as (an element with no contents). Since an empty element is consistent with the *DTD* for creationdate, is valid. But, your point still holds for properties like lockdiscovery, which have a list of subelements as part of their DTD specification, so my objection is to your example, not to your general point. That said, I still think using a list of empty elements is fine within prop. - Jim From w3c-dist-auth-request@w3.org Fri Jan 14 01:22:55 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA02051 for ; Fri, 14 Jan 2000 01:22:55 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id BAA19490; Fri, 14 Jan 2000 01:12:02 -0500 (EST) Resent-Date: Fri, 14 Jan 2000 01:12:02 -0500 (EST) Resent-Message-Id: <200001140612.BAA19490@www19.w3.org> Date: Fri, 14 Jan 2000 01:11:54 -0500 Message-Id: <10001140611.AA22980@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: (message from Jim Whitehead on Thu, 13 Jan 2000 17:03:15 -0800) Subject: GULP, version 2 Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3828 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Here is a second version of the GULP. I've updated the descriptive text based on the feedback from Jason, Jim, and Eric (not that I've successfully addressed their issues, but it was based on it :-). Jason: I'm now using "target" instead of "name" ... let me know if you think that works better. The only semantic change has been the deletion of Depth:N behavior, for N other than 0 and infinity (this brings it more in line with 2518). I need some more examples, and I still need to address the use cases raised by Eric and Jason ... I believe they are handled properly by the proposal, but I probably should get some sleep first before working them through (:-). Cheers, Geoff ************************** GULP: Part I - A URL is a string that can identify a resource. - A collection is a resource that contains a set of named members. - A lock is 7-tuple, consisting of a target, token, type, scope, depth, timeout, and owner. - Locking a resource means to add a lock to the state of that resource. - Unlocking a resource means to remove a lock from the state of that resource. - A lock will cause certain requests to fail with a 423 (Locked) status code, where that request would have succeeded if the lock had not been present. - A resource can be locked by multiple locks concurrently. - One or more resources can be locked with a LOCK request. - Locking a collection can lock one or more members of that collection. - Adding a resource to a locked collectin can lock that resource. - One or more resources can be unlocked with an UNLOCK request. - Unlocking a collection can unlock one or more members of that collection. - Removing a resource from a locked collection can unlock that resource. - The depth of a lock can be a 0 or infinity. If a collection has a depth infinity lock, all members of that collection are also locked. - If a member is added to a depth:infinity locked collection, that member is locked by that depth:infinity lock. - A lock protects which resource is identified by that lock. - If a resource has an exclusive lock, that resource cannot be locked with another lock with the same type and target but a different token. - If a resource has a write lock with target ".", the body and properties of that resource are protected from unauthorized modification. ************************** GULP: Part II - A URL is a string that can identify a resource. A server initially defines what resource (if any) is identified by a URL. Most URL's do not identify a resource, but a client can cause a URL to identify a resource, and later change which resource is identified by that URL. Examples of methods that can cause a URL to identify a resource (or change the resource identified by a URL) are PUT, MKRESOURCE, MKCOL, BIND, MOVE, and COPY. Examples of methods that can cause a URL to no longer identify a resource are DELETE and MOVE. - A lock is 7-tuple, consisting of a target, token, type, scope, depth, timeout, and owner. The "target" is an extension to locks as defined in rfc2518. This new field is defined to distinguish the implicit locks on the state of a collection implied by the locking semantics of rfc2518, from the explicit locks that are defined by rfc2518. The explicit locks in rfc2518 correspond to locks with target "." in this proposal. Since all locks with the same token will share the same type, scope, depth, timeout, and owner, a lock will be represented in this proposal as a string of the form "[target, token]". For example, ["x/.", "K"] defines a lock with target "x/." and token "K". - A collection is a resource that contains a set of named members. A collection contains a set of bindings, where a binding is a mapping from a URL segment to a resource. If a URL identifies a collection, that URL extended by the URL segment will identify the bound resource. For example, If "/path" identifies a collection C, and C contains a binding that binds the segment "x" to resource R, then the URL "/path/x" identifies resource R. - Locking a resource means to add a lock to the state of that resource. The lock is added to the DAV:lockdiscovery property of the resource. - Unlocking a resource means to remove a lock from the state of that resource. The lock is deleted from the DAV:lockdiscovery property of the resource. - A lock will cause certain requests to fail with a 423 (Locked) status code, where that request would have succeeded if the lock had not been present. Whether a particular request will fail can depends on the target, token, type, scope, and owner of the lock. - A resource can be locked by multiple locks concurrently. A lock can be locked by multiple locks with different values or multiple identical locks. Some lock combinations will be disallowed based on information such as the the scope of the lock. - One or more resources can be locked with a LOCK request. When a LOCK request succeeds, a lock is added to the resource identified by shortest sequence of initial segments of the request URL that identifies a WebDAV resource. The lock target is the relative URL formed by using standard URL transformations to remove all segments of the request-URL named "." or "..", then removing the prefix that identifies the locked resource, and then appending a segment named ".". For example, if "LOCK /seg1/seg2/seg3/.../segN" succeeds, and if /seg1 does not identify a WebDAV resource but /seg1/seg2 does, then a lock with target "seg3/.../segN/." is added to the resource identified by "/seg1/seg2". The type and scope, and owner of the lock is specified in the LOCK request body. The depth and timeout of the lock is specified in the LOCK request headers. The token of the lock is a unique string allocated for that LOCK request by the server. The principal that issued the LOCK request is called the "owner" of the lock. - Locking a collection can lock one or more members of that collection. If a collection C has a binding from "segX" to resource R, and a request adds a ["segX/pathZ", "K"] lock to C, then the request adds a ["pathZ", "K"] lock to R. - Adding a resource to a locked collectin can lock that resource. If a collection C has a ["segX/pathZ", "K"] lock, and a request adds a binding in C from "segX" to resource R, then the request adds a ["pathZ", "K"] lock to R. If the attempt to add this lock to R fails, the request MUST fail. - One or more resources can be unlocked with an UNLOCK request. When a request of the form "UNLOCK /pathX; Lock-Token K" succeeds, then all locks with token "K" are removed. - Unlocking a collection can unlock one or more members of that collection. If a collection C has a binding from "segX" to resource R, and a request removes a ["segX/pathZ", "K"] lock from C, then the request removes a ["pathZ", "K"] lock from R. - Removing a resource from a locked collection can unlock that resource. If a collection has a ["segX/pathZ", "K"] lock, and a request removes a binding in C from "segX" to resource R, then a ["pathZ", "K"] lock is removed from R. - The depth of a lock can be a 0 or infinity. If a collection has a depth infinity lock, all members of that collection are also locked. If a collection C has a binding to resource R, and a request adds a Depth:infinity [".", "K"] lock to C, and this is the first [".", "K"] lock on C, then the request adds a [".", "K"] lock to R. Conversely, if a collection C has a binding to resource R, and a request removes the last Depth:infinity [".", "K"] lock from C, then the request removes a [".", "K"] lock from R. Note that multiple Depth:infinity locks with target "." and with the same token can be placed on the same resource due to multiple bindings to that resource in a Depth:infinity locked collection. Only the first such lock on a particular collection adds locks to the members of that collection to avoid generating an infinite number of locks for cyclic bindings. - If a member is added to a depth:infinity locked collection, that member is locked by that depth:infinity lock. If a collection C has a Depth:infinity [".", "K"] lock, and a request adds a binding in C to resource R, then the request adds a [".","K"] lock to R. If the attempt to add this lock to R fails, the request MUST fail. Conversely, if a collection has a Depth:infinity [".", "K"] lock, and a request removes a binding in C to resource R, then a [".", "K"] lock removed from R. - A lock protects which resource is identified by that lock. More precisely, if a collection has a ["X/....", "K"] lock, a request cannot delete the member named X from that collection unless the principal of the request owns all locks with target "X/..." and the tokens of all those locks are specified in an IF header. - If a resource has an exclusive lock, that resource cannot be locked with another locks with the same type and target but a different token. If a request attempts to add a type T ["pathZ", "K"] lock to resource R, and R already has an exclusive lock with target "pathZ" and type T but with a different token, the request MUST fail. Similarly, if a request attempts to add an exclusive type T ["pathZ", "K"] lock to resource R, and R already has a lock with target "pathZ" and type T but with a different token, the request MUST fail. - If a resource has a write lock with target ".", the body and properties of that resource are protected from unauthorized modification. If a resource has a write lock with target ".", a request cannot modify the body or dead properties of that resource unless the principal of the request owns a write lock with target "." on that resource and the token of that write lock is specified in an IF header. ************************** From w3c-dist-auth-request@w3.org Fri Jan 14 05:10:40 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA14028 for ; Fri, 14 Jan 2000 05:10:36 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id EAA22611; Fri, 14 Jan 2000 04:59:17 -0500 (EST) Resent-Date: Fri, 14 Jan 2000 04:59:17 -0500 (EST) Resent-Message-Id: <200001140959.EAA22611@www19.w3.org> Message-ID: <002101bf5e75$ee294590$9a114498@us.oracle.com> From: "Eric Sedlar" To: Cc: "Geoffrey M. Clemm" , References: <85256865.007BDF15.00@D51MTA03.pok.ibm.com> Date: Fri, 14 Jan 2000 01:58:38 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3829 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit This is what is supposed to happen when you lock a collection--you lock all of the names within it, probably given that you are going to do a reorganization. For you to demonstrate that this is a problem, give a scenario where a versioning-unaware application is going to lock a collection. --Eric ----- Original Message ----- From: To: "Eric Sedlar" Cc: "Geoffrey M. Clemm" ; Sent: Thursday, January 13, 2000 2:32 PM Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) > > Ah... Eric's note brings up another possibility. It might be a red > herring, but as Geoff's > proposal is currently written (and Eric's too I think) it still is a > possibly unexpected behavior. > > User B locks /a/b/ exclusively. > > User D tries to do a shared lock on /a/b/c/d.html but fails because in the > proposal that > will also create a lock (or will it?) on /a/b/ which already has an > exclusive lock on it. > > I'm not saying this is good or bad. I'm just pointing it out as what > sounds like a difference > in the recent proposals relative to what we were proposing a month or more > ago. > > Jason. > > > From w3c-dist-auth-request@w3.org Fri Jan 14 09:05:40 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA16948 for ; Fri, 14 Jan 2000 09:05:39 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id IAA28204; Fri, 14 Jan 2000 08:52:29 -0500 (EST) Resent-Date: Fri, 14 Jan 2000 08:52:29 -0500 (EST) Resent-Message-Id: <200001141352.IAA28204@www19.w3.org> Date: Fri, 14 Jan 2000 08:52:21 -0500 Message-Id: <10001141352.AA23127@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <007401bf5e07$4771de10$9a114498@us.oracle.com> (esedlar@us.oracle.com) Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3830 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list From: "Eric Sedlar" You want to avoid having name and resource locks as separate entities, so you basically say that a name lock (as in my proposal) locks the resource it is bound to, if any. Yes. If the lock is exclusive, you can't lock any other name applied to that resource. For example, if I have /a/foo.html and /b/foo.html both identifying the same resource, if I exclusive lock /a/foo.html, I can't protect the name "/b/foo.html" since I can't lock it. You cannot apply an exclusive lock of the same type to /b/foo.html, but if you just wanted to protect the name /b/foo.html, you could request a lock of a different type on /b/foo.html (exclusivity is lock-type specific). Alternatively, if your server only supports one kind of lock type, you could lock /b/foo.html/dummy-namespace-lock, which would have a similar effect (and does not conflict with the exclusive lock already on /b/foo.html. Since the LOCK protocol request currently doesn't distinguish between name and resource locks, you couldn't lock /b/foo.html anyway (which is why you are ok with the restriction above), since the protocol request would try to lock the resource identified by /b/foo.html as well as the name. GULP does not distinguish between "locking the resource" and "locking the name", although it does distinguish "a lock whose target is X/." and "a lock whose target is ." However, it does seem like there will be reasons to protect the namespace in this way, and I think you are paying a price for reducing the number of locks. If you wanted to introduce a "namespace lock", you could do so with the standard lock extension mechanism (i.e. allow both "write" and "namespace" locks), but that is different from saying there are two different kinds of locks in the underlying locking model. > - If an exclusive lock identifies a resource, no other lock of that type can > identify that resource. Note that I have modified this statement to read: - If a resource has an exclusive lock, that resource cannot be locked with another locks with the same type and target but a different token. This ties the semantics to the lock state of a single resource, rather than using the vaguer concept of "the resource identified by a lock". Here's a scenario: it seems like if application A has an exclusive lock on /a/foo.html (say because it is planning on updating the resource to create a new version, and it wants to prevent lost updates) and application B wants to only read /b/foo.html and protect the namespace so that it can find it again later, application B cannot create a shared lock on /b/foo.html, correct? They can add a lock with a different type from the exclusive lock, or if there are no other lock types available, they can do the "dummy lock" approach of locking "/b/foo.html/dummy-namespace-lock". The problem is that application A will not actually update the resource that app B is working with--it will just create a new revision. (Although this may affect the revision selected by app B). Is this an issue your versioned locks deal with? Versioning is (of course :-) somewhat trickier. A lock in the presence of versioning isn't so much concerned with locking the state of a resource (the majority of the visible resources will be checked-in revisions, and couldn't be modified even if you wanted to), but rather is concerned with locking the target selection (so that you don't end up effectively getting a namespace or state change because new revisions are selected). This issue (as you suggest) is addressed with the "revision selection freezing" I've proposed for the versioning protocol. Cheers, Geoff From w3c-dist-auth-request@w3.org Fri Jan 14 09:20:40 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA17263 for ; Fri, 14 Jan 2000 09:20:39 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id JAA28990; Fri, 14 Jan 2000 09:09:43 -0500 (EST) Resent-Date: Fri, 14 Jan 2000 09:09:43 -0500 (EST) Resent-Message-Id: <200001141409.JAA28990@www19.w3.org> Date: Fri, 14 Jan 2000 09:09:33 -0500 Message-Id: <10001141409.AA23145@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <85256865.007BDF15.00@D51MTA03.pok.ibm.com> (ccjason@us.ibm.com) Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3831 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list I'll flesh out Jason's example with the resulting lock state (as defined by GULP). From: ccjason@us.ibm.com Ah... Eric's note brings up another possibility. It might be a red herring, but as Geoff's proposal is currently written (and Eric's too I think) it still is a possibly unexpected behavior. User B locks /a/b/ exclusively. Suppose / does not identify a WebDAV resource, but /a does. Suppose that /a/b/c identifies a resource, but /a/b/c/d.html does not. Then the user B lock results in a ["b/.", "tok153"] lock on /a and a [".", "tok153"] lock on /a/b. All locks with token "tok153" have exclusive scope. Although according to 2518, a lock is by default depth:infinity (which I believe is broken, and should be replaced by a default depth of zero), I believe Jason intended a depth:0 lock, so we'll postulate that all locks with token "tok153" are depth:0. User D tries to do a shared lock on /a/b/c/d.html but fails because in the proposal that will also create a lock (or will it?) on /a/b/ which already has an exclusive lock on it. If user D's request succeeded, it would add a ["b/c/d.html/.", "tok192"] lock to /a and a ["c/d.html/.", "tok192"] lock on /a/b and a ["d.html/.", "tok192"] lock on /a/b/c. Since none of these locks conflict with any of the existing locks, user D's request succeeds. In particular, the ["b/c/d.html/.", "tok192"] lock on /a has a different target from the ["b/.", "tok153"] lock on /a, so there is no conflict there. I'm not saying this is good or bad. I'm just pointing it out as what sounds like a difference in the recent proposals relative to what we were proposing a month or more ago. I don't think it is acceptable for the exclusive lock on /a/b to conflict with an exclusive lock on /a/b/c/d.html (so it's a good thing GULP allows it :-). Cheers, Geoff From w3c-dist-auth-request@w3.org Fri Jan 14 09:39:42 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA17776 for ; Fri, 14 Jan 2000 09:39:40 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id JAA29548; Fri, 14 Jan 2000 09:28:39 -0500 (EST) Resent-Date: Fri, 14 Jan 2000 09:28:39 -0500 (EST) Resent-Message-Id: <200001141428.JAA29548@www19.w3.org> Date: Fri, 14 Jan 2000 09:28:32 -0500 Message-Id: <10001141428.AA23157@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <002101bf5e75$ee294590$9a114498@us.oracle.com> (esedlar@us.oracle.com) Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3832 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list From: "Eric Sedlar" This is what is supposed to happen when you lock a collection--you lock all of the names within it, probably given that you are going to do a reorganization. Here I believe Eric is assuming the lock on /a/b was a depth:infinity lock (correct default 2518 behavior), in which case one would expect a conflict between an exclusive depth:infinity lock on /a/b and an exclusive lock on /a/b/c/d.html (in my response, I postulated a depth:0 lock on /a/b). Currently, GULP would not detect this conflict until someone tried to create a resource named /a/b/c/d.html, at which point the exclusive lock conflict would prevent the creation of that resource. We could either just say that it is OK to defer the conflict detection until resource creation time, or we could make GULP smarter about detecting exclusive lock conflicts on resources that do not yet exist. The downside of doing so is that it adds complexity to the specification. I could go either way ... does anyone have a strong preference? I'll go ahead and add clause to the exclusive lock conflict rule to handle this, and we can always rip it out if it doesn't seem worth the added complexity. Cheers, Geoff ----- Original Message ----- From: To: "Eric Sedlar" Cc: "Geoffrey M. Clemm" ; Sent: Thursday, January 13, 2000 2:32 PM Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) > > Ah... Eric's note brings up another possibility. It might be a red > herring, but as Geoff's > proposal is currently written (and Eric's too I think) it still is a > possibly unexpected behavior. > > User B locks /a/b/ exclusively. > > User D tries to do a shared lock on /a/b/c/d.html but fails because in the > proposal that > will also create a lock (or will it?) on /a/b/ which already has an > exclusive lock on it. > > I'm not saying this is good or bad. I'm just pointing it out as what > sounds like a difference > in the recent proposals relative to what we were proposing a month or more > ago. From w3c-dist-auth-request@w3.org Fri Jan 14 10:14:30 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA18216 for ; Fri, 14 Jan 2000 10:14:27 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id KAA00790; Fri, 14 Jan 2000 10:03:28 -0500 (EST) Resent-Date: Fri, 14 Jan 2000 10:03:28 -0500 (EST) Resent-Message-Id: <200001141503.KAA00790@www19.w3.org> Date: Fri, 14 Jan 2000 10:03:22 -0500 Message-Id: <10001141503.AA23191@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org Subject: GULP: revised exclusive locking rule Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3833 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list The revised rule is as follows: ************ Two locks are said to "overlap" if the targets of those locks are equal or if one of the locks is a depth:infinity lock and the target of that lock is a prefix of the target of the other lock. If a request attempts to add a type T lock to a resource that has an overlapping exclusive type T lock with a different token, the request MUST fail. Similarly, if a request attempts to add an exclusive type T lock to resource that already has an overlapping type T lock with a different token, the request MUST fail. ************ This will then cause the desired failure when: - /a/b/c exists but /a/b/c/d.html does not - /a/b has a depth:infinity exclusive lock - an attempt is made to place a depth:infinity exclusive lock on /a/b/c/d.html Cheers, Geoff From w3c-dist-auth-request@w3.org Fri Jan 14 13:48:08 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA21144 for ; Fri, 14 Jan 2000 13:48:08 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id NAA06750; Fri, 14 Jan 2000 13:36:37 -0500 (EST) Resent-Date: Fri, 14 Jan 2000 13:36:37 -0500 (EST) Resent-Message-Id: <200001141836.NAA06750@www19.w3.org> Message-ID: <00a401bf5ebe$72ba1c60$79442382@us.oracle.com> From: "Eric Sedlar" To: "Geoffrey M. Clemm" , References: <10001141352.AA23127@tantalum> Date: Fri, 14 Jan 2000 10:37:44 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3834 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit Why are you still allowing the "lock-null" approach (now renamed as the dummy namespace lock)? I thought one of the goals of GULP was to get rid of that horrible concept. --Eric ----- Original Message ----- From: Geoffrey M. Clemm To: Sent: Friday, January 14, 2000 5:52 AM Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) > From: "Eric Sedlar" > > You want to avoid having name and resource locks as separate entities, so > you basically say that a name lock (as in my proposal) locks the resource it > is bound to, if any. > > Yes. > > If the lock is exclusive, you can't lock any other > name applied to that resource. For example, if I have /a/foo.html and > /b/foo.html both identifying the same resource, if I exclusive lock > /a/foo.html, I can't protect the name "/b/foo.html" since I can't lock it. > > You cannot apply an exclusive lock of the same type to /b/foo.html, > but if you just wanted to protect the name /b/foo.html, you could > request a lock of a different type on /b/foo.html (exclusivity is > lock-type specific). > > Alternatively, if your server only supports one kind of lock type, you > could lock /b/foo.html/dummy-namespace-lock, which would have a similar effect > (and does not conflict with the exclusive lock already on /b/foo.html. > > Since the LOCK protocol request currently doesn't distinguish between name > and resource locks, you couldn't lock /b/foo.html anyway (which is why you > are ok with the restriction above), since the protocol request would try to > lock the resource identified by /b/foo.html as well as the name. > > GULP does not distinguish between "locking the resource" and "locking the > name", although it does distinguish "a lock whose target is X/." and > "a lock whose target is ." > > However, it does seem like there will be reasons to protect the namespace in > this way, and I think you are paying a price for reducing the number of > locks. > > If you wanted to introduce a "namespace lock", you could do so with the > standard lock extension mechanism (i.e. allow both "write" and "namespace" > locks), but that is different from saying there are two different kinds > of locks in the underlying locking model. > > > - If an exclusive lock identifies a resource, no other lock of that type > can > > identify that resource. > > Note that I have modified this statement to read: > > - If a resource has an exclusive lock, that resource cannot be locked > with another locks with the same type and target but a different > token. > > This ties the semantics to the lock state of a single resource, rather > than using the vaguer concept of "the resource identified by a lock". > > Here's a scenario: it seems like if application A has an exclusive lock on > /a/foo.html (say because it is planning on updating the resource to create a > new version, and it wants to prevent lost updates) and application B wants > to only read /b/foo.html and protect the namespace so that it can find it > again later, application B cannot create a shared lock on /b/foo.html, > correct? > > They can add a lock with a different type from the exclusive lock, > or if there are no other lock types available, they can do the "dummy lock" > approach of locking "/b/foo.html/dummy-namespace-lock". > > The problem is that application A will not actually update the > resource that app B is working with--it will just create a new revision. > (Although this may affect the revision selected by app B). Is this an issue > your versioned locks deal with? > > Versioning is (of course :-) somewhat trickier. A lock in the presence of > versioning isn't so much concerned with locking the state of a resource > (the majority of the visible resources will be checked-in revisions, and > couldn't be modified even if you wanted to), but rather is concerned with > locking the target selection (so that you don't end up effectively getting > a namespace or state change because new revisions are selected). This > issue (as you suggest) is addressed with the "revision selection freezing" > I've proposed for the versioning protocol. > > Cheers, > Geoff > > From w3c-dist-auth-request@w3.org Sat Jan 15 01:29:58 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA29869 for ; Sat, 15 Jan 2000 01:29:57 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id BAA20424; Sat, 15 Jan 2000 01:15:39 -0500 (EST) Resent-Date: Sat, 15 Jan 2000 01:15:39 -0500 (EST) Resent-Message-Id: <200001150615.BAA20424@www19.w3.org> Date: Sat, 15 Jan 2000 01:15:24 -0500 Message-Id: <10001150615.AA23572@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org Subject: GULP, version 3 Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3835 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Jason just pointed out that the "ref-counting" lock token approach in GULP fails in the presence of cycles (an embarassing mistake :-). So here is GULP version 3. ************************** GULP: Part I - A URL is a string that can identify a resource. - A collection is a resource that contains a set of named members. - A lock is 7-tuple, consisting of a target, token, type, scope, depth, timeout, and owner. - Locking a resource means to add a lock to that resource. - When a resource is locked, certain requests will fail with a 423 (Locked) status code, where that request would have succeeded if the lock had not been present. - A resource can be locked by multiple locks concurrently. - A LOCK request locks one or more resources. - Locking a collection can lock one or more members of the collection. - The depth of a lock can be a 0 or infinity. If a collection is the target of a depth infinity lock, all members of that collection are also locked. - An UNLOCK request unlocks one or more resources. - Adding or removing members from a locked collection can add or remove locks on those members. - A lock protects which resource is identified by that lock. - If a resource has an exclusive lock, that resource cannot be locked with another lock with the same type and target but a different token. - If a resource has a write lock with target ".", the body and properties of that resource are protected from unauthorized modification. ************************** GULP: Part II - A URL is a string that can identify a resource. A server initially defines what resource (if any) is identified by a URL. Most URL's do not identify a resource, but a client can cause a URL to identify a resource, and later change which resource is identified by that URL. Examples of methods that can cause a URL to identify a resource (or change the resource identified by a URL) are PUT, MKRESOURCE, MKCOL, BIND, MOVE, and COPY. Examples of methods that can cause a URL to no longer identify a resource are DELETE and MOVE. - A collection is a resource that contains a set of named members. A collection contains a set of bindings, where a binding is a mapping from a URL segment to a resource. If a URL identifies a collection, that URL extended by the URL segment will identify the bound resource. For example, If "/path" identifies a collection C, and C contains a binding that binds the segment "x" to resource R, then the URL "/path/x" identifies resource R. - A lock is 7-tuple, consisting of a target, token, type, scope, depth, timeout, and owner. The "target" is an extension to locks as defined in rfc2518. This new field is defined to distinguish the implicit locks on the state of a collection implied by the locking semantics of rfc2518, from the explicit locks that are defined by rfc2518. The explicit locks in rfc2518 correspond to locks with target "." in this proposal. Since all locks with the same token will share the same type, scope, depth, timeout, and owner, a lock will be represented in this proposal as a string of the form "[target, token]". For example, ["x/.", "K"] defines a lock with target "x/." and token "K". - Locking a resource means to add a lock to that resource. The current set of locks on a resource can be obtained from the DAV:lockdiscovery property of the resource. - When a resource is locked, certain requests will fail with a 423 (Locked) status code, where that request would have succeeded if the lock had not been present. Whether a particular request will fail can depends on the target, token, type, scope, and owner of the lock. - A resource can be locked by multiple locks concurrently. Some lock combinations will be disallowed based on information such as the the scope of the lock. - A LOCK request locks one or more resources. R1: When a LOCK request succeeds, a lock is added to the resource identified by shortest sequence of initial segments of the request URL that identifies a WebDAV resource. For example, if "LOCK /seg1/seg2/seg3/.../segN" succeeds, and if /seg1 does not identify a WebDAV resource but /seg1/seg2 does, then a lock is added to the resource identified by "/seg1/seg2". The lock target is the relative URL formed by using standard URL transformations to remove all segments of the request-URL named "." or "..", then removing the prefix that identifies the locked resource, and then appending a segment named ".". For example, if "LOCK /seg1/seg2/../seg3/./seg4" succeeds, and if "/" does not identify a WebDAV resource but "/seg1" does, then a lock with target "seg3/seg4/." is added to the resource identified by "/seg1". The type and scope, and owner of the lock is specified in the LOCK request body. The depth and timeout of the lock is specified in the LOCK request headers. The token of the lock is a unique string allocated for that LOCK request by the server. The principal that issued the LOCK request is called the "owner" of the lock. - Locking a collection can lock one or more members of the collection. R2: If a collection C has a binding from "segX" to resource R, and a request adds a ["segX/pathZ", "K"] lock to C, then the request adds a ["pathZ", "K"] lock to R. This rule is applied recursively. - The depth of a lock can be a 0 or infinity. If a collection is the target of a depth infinity lock, all members of that collection are also locked. R3: If a collection C has a binding to resource R, and a request adds a Depth:infinity [".", "K"] lock to C, and there is no [".", "K"] lock on R, then the request adds a [".", "K"] lock to R. This rule is applied recursively. If the lock cannot be added to R, the request fails. - An UNLOCK request unlocks one or more resources. R4: When a request of the form "UNLOCK /pathX; Lock-Token K" succeeds, then all locks with token "K" are removed. - Adding or removing members from a locked collection can add or remove locks on those members. R5: If a collection C has a lock with token "K" and a request adds or removes a member from C, all locks with token "K" are removed except for those that would result from re-executing the LOCK command that created the token "K" locks. If any of these locks cannot be added, the request MUST fail. - A lock protects which resource is identified by that lock. R6: If a collection has a ["X/....", "K"] lock, a request cannot delete the member named X from that collection unless the principal of the request owns all locks with target "X/..." and the tokens of all those locks are specified in an IF header. - If a resource has an exclusive lock, that resource cannot be locked with another locks with the same type and target but a different token. R7: Two locks are said to "overlap" if the targets of those locks are equal or if one of the locks is a depth:infinity lock and the target of that lock is a prefix of the target of the other lock. If a request attempts to add a type T lock to a resource that has an overlapping exclusive type T lock with a different token, the request MUST fail. Similarly, if a request attempts to add an exclusive type T lock to resource that already has an overlapping type T lock with a different token, the request MUST fail. - If a resource has a write lock with target ".", the body and properties of that resource are protected from unauthorized modification. R8: If a resource has a write lock with target ".", a request cannot modify the body or dead properties of that resource unless the principal of the request owns a write lock with target "." on that resource and the token of that write lock is specified in an IF header. ************************** From w3c-dist-auth-request@w3.org Sat Jan 15 01:41:23 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA00561 for ; Sat, 15 Jan 2000 01:41:22 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id BAA21000; Sat, 15 Jan 2000 01:27:21 -0500 (EST) Resent-Date: Sat, 15 Jan 2000 01:27:21 -0500 (EST) Resent-Message-Id: <200001150627.BAA21000@www19.w3.org> Date: Sat, 15 Jan 2000 01:27:15 -0500 Message-Id: <10001150627.AA23587@tantalum> From: "Geoffrey M. Clemm" To: w3c-dist-auth@w3.org In-Reply-To: <00a401bf5ebe$72ba1c60$79442382@us.oracle.com> (esedlar@us.oracle.com) Subject: Re: a Grand Unified Locking Proposal (GULP, or perhaps, GULP! :-) Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3836 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list From: "Eric Sedlar" Why are you still allowing the "lock-null" approach (now renamed as the dummy namespace lock)? I thought one of the goals of GULP was to get rid of that horrible concept. Actually, it is the "lock null resource" concept that I strenuously object to, not the concept that a lock can be on a target that does not yet exist. I believe being able to create a lock on a target that does not yet exist is no worse/harder than namespace protection, so I would include it in any proposal that includes namespace protection. Also, the "grand unified" aspect of GULP was intended to allow us to model everything that folks have been asking for, and then with that in hand, we can decide which parts to defer (possibly indefinitely). Cheers, Geoff From w3c-dist-auth-request@w3.org Sun Jan 16 20:37:17 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12330 for ; Sun, 16 Jan 2000 20:37:16 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA05933; Sun, 16 Jan 2000 20:26:34 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:26:34 -0500 (EST) Resent-Message-Id: <200001170126.UAA05933@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E1F@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:25:35 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF6089.DAA94298" Subject: WebDAV Bindings - Issue Yaron.ApplePie3 Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3838 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF6089.DAA94298 Content-Type: text/plain; charset="iso-8859-1" Section 11 of the BIND spec states: "A PROPFIND requesting DAV:bindings MUST return only those bindings that the client is authorized to see." This brings up a couple of questions. The first question is "How do I ever know if I have the definitive list of bindings?" I suspect the answer is "you don't" since there may be bindings you aren't authorized to see. This then brings us to another sentence in section 11 which reads "If the DAV:bindings property exists on a given resource, it MUST contain a complete list of all bindings to that resource." However this means that the dav:bindings property must always return a complete list of bindings which the sentence following it (given at the start of this letter) contradicts. One should never have two MUST level requirements that are in direct contradiction. The reason for the contradiction is that we have raised the bar too high on the contents of the dav:bindings property value. We have already specified that due to security concerns it is absolutely impossible for you to ever be sure that you necessarily have the complete list of bindings. Therefore requiring that the complete list be returned, even as the default in the absence of security concerns, is self defeating. Therefore I move that the language in section 11 be changed to read that the dav:bindings property may contain zero or more of the bindings available on a resource rather than the definitive set since it is impossible to meaningfully require that the definitive set be returned. ------_=_NextPart_001_01BF6089.DAA94298 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.ApplePie3

Section 11 of the BIND spec states: = "A PROPFIND requesting DAV:bindings MUST return only those = bindings that the client is authorized to see."

This brings up a couple of questions. = The first question is "How do I ever know if I have the definitive = list of bindings?" I suspect the answer is "you don't" = since there may be bindings you aren't authorized to see.

This then brings us to another = sentence in section 11 which reads "If the DAV:bindings property = exists on a given resource, it MUST contain a complete list of all = bindings to that resource."

However this means that the = dav:bindings property must always return a complete list of bindings = which the sentence following it (given at the start of this letter) = contradicts.

One should never have two MUST level = requirements that are in direct contradiction. The reason for the = contradiction is that we have raised the bar too high on the contents = of the dav:bindings property value. We have already specified that due = to security concerns it is absolutely impossible for you to ever be = sure that you necessarily have the complete list of bindings. Therefore = requiring that the complete list be returned, even as the default in = the absence of security concerns, is self defeating.

Therefore I move that the language in = section 11 be changed to read that the dav:bindings property may = contain zero or more of the bindings available on a resource rather = than the definitive set since it is impossible to meaningfully require = that the definitive set be returned.

------_=_NextPart_001_01BF6089.DAA94298-- From w3c-dist-auth-request@w3.org Sun Jan 16 20:38:03 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12342 for ; Sun, 16 Jan 2000 20:38:03 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA05705; Sun, 16 Jan 2000 20:25:13 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:25:13 -0500 (EST) Resent-Message-Id: <200001170125.UAA05705@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E14@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:24:14 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF6089.A9AC7160" Subject: Review of Bindings Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3837 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF6089.A9AC7160 Content-Type: text/plain; charset="iso-8859-1" I have just finished a detailed review of the bindings spec. After having given it a lot of thought I have come to agree with the conclusions given in the bind spec, the WebDAV collection model is broken and needs to be fixed. I further agree that the proposed model in BIND is a definite improvement. While I'm still not convinced of some of the mostly philosophical details (is a bind recorded in the collection or on the resource?, for example), none of these details are sufficiently weighty to merit holding up the spec. If we find that some of the niggling issues aren't correct then we will fix it later. After reviewing the draft I find that I have 17 issues. I have identified each issue with a name. Following WebDAV mailing list tradition each issue is addressed in its own letter. The complete list of issues I am raising, in no particular order, are: Yaron.PublishBind Yaron.WeScrewedUp Yaron.4Huh? Yaron.5.3Huh? Yaron.5.4Huh? Yaron.507 Yaron.Insulting2616 Yaron.AtomicMove Yaron.AtomicDelete Yaron.NoSlash Yaron.BindSyntax Yaron.403 Yaron.ApplePie Yaron.MrIntegrity Yaron.ApplePie3 Yaron.BindingsProperty Yaron.ApplePieToo ------_=_NextPart_001_01BF6089.A9AC7160 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Review of Bindings

I have just finished a detailed review = of the bindings spec.

After having given it a lot of thought = I have come to agree with the conclusions given in the bind spec, the = WebDAV collection model is broken and needs to be fixed. I further = agree that the proposed model in BIND is a definite improvement. While = I'm still not convinced of some of the mostly philosophical details (is = a bind recorded in the collection or on the resource?, for example), = none of these details are sufficiently weighty to merit holding up the = spec. If we find that some of the niggling issues aren't correct then = we will fix it later.

After reviewing the draft I find that = I have 17 issues. I have identified each issue with a name. Following = WebDAV mailing list tradition each issue is addressed in its own = letter.

The complete list of issues I am = raising, in no particular order, are:

Yaron.PublishBind
Yaron.WeScrewedUp
Yaron.4Huh?
Yaron.5.3Huh?
Yaron.5.4Huh?
Yaron.507
Yaron.Insulting2616
Yaron.AtomicMove
Yaron.AtomicDelete
Yaron.NoSlash
Yaron.BindSyntax
Yaron.403
Yaron.ApplePie
Yaron.MrIntegrity
Yaron.ApplePie3
Yaron.BindingsProperty
Yaron.ApplePieToo

------_=_NextPart_001_01BF6089.A9AC7160-- From w3c-dist-auth-request@w3.org Sun Jan 16 20:38:10 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12353 for ; Sun, 16 Jan 2000 20:38:09 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA06139; Sun, 16 Jan 2000 20:27:28 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:27:28 -0500 (EST) Resent-Message-Id: <200001170127.UAA06139@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E1E@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:26:30 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF6089.FB719818" Subject: WebDAV Bindings - Issue Yaron.BindingsProperty Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3839 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF6089.FB719818 Content-Type: text/plain; charset="iso-8859-1" Section 11 of the BIND specification defines the dav:bindings property. What is not clear to me from the text in this section is if it is possible to have the dav:bindings property accessible through one binding but not another? One could imagine that two servers share access to the same disk drive and hence are able to map names to the same "resource" (as they understand the term). In order to keep things consistent both servers agree to record all the names they use to refer to the same resource. However only one of the servers actually supports the BIND method and the dav:bindings property and the other doesn't. I can still do a GET on each server and the result will be from the same resource but only one of the servers will be able to serve up the dav:bindings property. Unfortunately the language in section 11 speaks of the dav:bindings property being on a resource so the presumption is that if I can get the dav:bindings property through one binding then I MUST be able to get it through the other. I believe this is too strict a requirement. As such I move that the language in section 11 be clarified so as to specify that the dav:bindings property may not necessarily be available through all bindings on the resource. ------_=_NextPart_001_01BF6089.FB719818 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.BindingsProperty

Section 11 of the BIND specification = defines the dav:bindings property. What is not clear to me from the = text in this section is if it is possible to have the dav:bindings = property accessible through one binding but not another?

One could imagine that two servers = share access to the same disk drive and hence are able to map names to = the same "resource" (as they understand the term). In order = to keep things consistent both servers agree to record all the names = they use to refer to the same resource. However only one of the servers = actually supports the BIND method and the dav:bindings property and the = other doesn't. I can still do a GET on each server and the result will = be from the same resource but only one of the servers will be able to = serve up the dav:bindings property. Unfortunately the language in = section 11 speaks of the dav:bindings property being on a resource so = the presumption is that if I can get the dav:bindings property through = one binding then I MUST be able to get it through the other. I believe = this is too strict a requirement.

As such I move that the language in = section 11 be clarified so as to specify that the dav:bindings property = may not necessarily be available through all bindings on the = resource.

------_=_NextPart_001_01BF6089.FB719818-- From w3c-dist-auth-request@w3.org Sun Jan 16 20:39:36 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12364 for ; Sun, 16 Jan 2000 20:39:36 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA06348; Sun, 16 Jan 2000 20:28:53 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:28:53 -0500 (EST) Resent-Message-Id: <200001170128.UAA06348@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E1D@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:27:55 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608A.2E251A00" Subject: WebDAV Bindings - Issue Yaron.ApplePieToo Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3840 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608A.2E251A00 Content-Type: text/plain; charset="iso-8859-1" Section 9 of the draft attempts to tackle the problem of how to differentiate the behavior of a resource based on its bindings. It attempts to discuss the difference between a static and non-static resource. However the difference between these two types of resources is so unbelievably arbitrary that I fail to see how attempting to differentiate between them enhances interoperability. For example, let us pretend we have the CurrentURI property. The value of the property will be the Request-URI of the PROPFIND method used to retrieve the value of the CurrentURI property. Now let us pretend we have two servers, A and B. A runs a version of WebDAV that automatically generates the CurrentURI property on top of whatever resources it supports. What this means is that even if the underlying data store where the resource is recorded doesn't know about the CurrentURI property, I can still get the CurrentURI property through PROPFIND because A's server will intercept the PROPFIND and insert the data itself. Server B doesn't support CurrentURI at all. I now have a resource R that has bindings into A and B. This means that if I ask for the CurrentURI property through the binding on A, I will get a result with the URI on A. If I ask for the CurrentURI property through the binding on B, I will not even see the property at all. So the question is - Well is this a dynamic resource? Is it not? Can I have the same resourceID on both URIs in this example? How does the language in section 9 help me deal with this? Does it actually clarify anything in a useful way? As far as I can tell the language in section 9 is just motherhood and apple pie language and that always makes for bad standard language. Therefore I move that all the paragraphs in section 9 but the first paragraph be stricken from the BIND spec. ------_=_NextPart_001_01BF608A.2E251A00 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.ApplePieToo

Section 9 of the draft attempts to = tackle the problem of how to differentiate the behavior of a resource = based on its bindings. It attempts to discuss the difference between a = static and non-static resource. However the difference between these = two types of resources is so unbelievably arbitrary that I fail to see = how attempting to differentiate between them enhances = interoperability.

For example, let us pretend we have = the CurrentURI property. The value of the property will be the = Request-URI of the PROPFIND method used to retrieve the value of the = CurrentURI property. Now let us pretend we have two servers, A and B. A = runs a version of WebDAV that automatically generates the CurrentURI = property on top of whatever resources it supports. What this means is = that even if the underlying data store where the resource is recorded = doesn't know about the CurrentURI property, I can still get the = CurrentURI property through PROPFIND because A's server will intercept = the PROPFIND and insert the data itself. Server B doesn't support = CurrentURI at all. I now have a resource R that has bindings into A and = B. This means that if I ask for the CurrentURI property through the = binding on A, I will get a result with the URI on A. If I ask for the = CurrentURI property through the binding on B, I will not even see the = property at all.

So the question is - Well is this a = dynamic resource? Is it not? Can I have the same resourceID on both = URIs in this example? How does the language in section 9 help me deal = with this? Does it actually clarify anything in a useful = way?

As far as I can tell the language in = section 9 is just motherhood and apple pie language and that always = makes for bad standard language.

Therefore I move that all the = paragraphs in section 9 but the first paragraph be stricken from the = BIND spec.

------_=_NextPart_001_01BF608A.2E251A00-- From w3c-dist-auth-request@w3.org Sun Jan 16 20:48:22 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12399 for ; Sun, 16 Jan 2000 20:48:22 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA08099; Sun, 16 Jan 2000 20:37:35 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:37:35 -0500 (EST) Resent-Message-Id: <200001170137.UAA08099@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E1B@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:36:39 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608B.6556491C" Subject: WebDAV Bindings - Issue Yaron.AtomicDelete Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3841 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608B.6556491C Content-Type: text/plain; charset="iso-8859-1" The second to last paragraph in section 6 reads: "Although [WebDAV] allows a DELETE to be a non-atomic operation, the DELETE operation defined here is atomic. In particular, a DELETE on a hierarchy of resources is simply the removal of a binding to the collection identified by the Request-URI, and so is a single (and therefore atomic) operation." Because BIND redefines how collections work the effect of this paragraph is to directly amend the behavior of RFC 2518 in a manner that is not compliant with how RFC 2518 is currently written. Things brings up the first issue. Redefining DELETE to be atomic without using the mandatory mechanism to prevent confusion on the part of clients and servers will destroy interoperability with RFC 2518 systems. A BIND enhanced client issuing a DELETE against a RFC 2518 server will expect atomic behavior and probably won't get it. This is a failure of interoperability. There are too many deployed RFC 2518 systems for us to simply hide our heads in the sand and say "Well gee, BIND redefines RFC 2518 so everyone should change their functionality.". There are cases where it is worth creating incompatibilities, for example, if you find out that their is a serious flaw in the protocol. However no one has demonstrated that the non-atomic behavior of DELETE is a flaw. It is a pain, that is true. It certainly makes it difficult to write clients. But as evidenced by the number of WebDAV clients it is clear that the requirement is one that can be met. Heck, as evidenced by the number of file system clients written in the last 30 years, it is clear that the requirement to handle non-atomic behavior can be met. Changing DELETE to atomic is especially egregious given that WebDAV does not prevent a server from implementing DELETE atomically. Rather it puts the client in the unfortunate situation of having to deal with systems that can't necessarily support atomic DELETE. There are, I freely admit, circumstances in which a client MUST be able to ensure that a DELETE is issued atomically. Clients in those cases will have to choose to not interoperate with many WebDAV servers in order to gain atomic delete. The proper way for them to express their requirement that a delete be atomic is either to issue DELETE with a MAN extension or to create a new method. But the behavior of the DELETE method is well defined by RFC 2518 and given that there is no evidence that this behavior is broken in any way. In fact, given that their is over whelming evidence that non-atomic DELETE works just fine and leads to interoperable implementations. Let me clarify that DELETE was defined to not be atomic with malice of fore thought. The non-atomic delete language was the result of nearly three years of negotiations and represented a deep and broad consensus built up amongst a huge community. Might I respectfully suggest to the BIND authors that they should not be so ready to overthrow years of careful consensus building. Do not imagine that the lack of screaming on this issue reflects consensus. Rather it reflects the fact that most of the WebDAV community is too busy implementing RFC 2518 to pay much attention to BIND. The BIND functionality, while I believe it will be important to WebDAV, is a bit ahead of the majority of implementers so they just aren't reading or reviewing it, yet. The key reason DELETE was not allowed to be atomic (which certainly would have been a nice thing to be able to do) has to do with the way file systems work. Most file systems do not support depth operations atomically. So, for example, when you delete a directory what actually happens is that the program does a depth first walk of the directory tree and deletes all the individual files, walking backwards up the tree until finally deleting the parent directory. This brings us to our second issue, the argument has been made that a file system could simulate an atomic DELETE by issuing a MOVE command against a directory and ensuring that nothing exists at the destination. This would make it appear that all the files have been deleted. The file system could then later delete the files at its convenience. In addition this sort of implementation would allow the type of functionality you see today in the Windows GUI where deleted files are first placed into the waste basket before actually being deleted. This theory has several problems in practice. Problem #1 - There exists a write ACL (which covers MOVE) and a delete ACL (which covers DELETE). It is possible, therefore, to have the right to delete a file but not the right to move it. As such if a user is running a WebDAV server under their own authentication then the server will have to fail the DELETE command, even if they have the right access settings for delete, because the server can't move the file first in order to simulate the atomic DELETE behavior. The prevents file system based servers from implementing the "MOVE is an atomic DELETE" hack. Problem #2 - The required mechanism could actually form a denial of service attack. Imagine a server gives a space allocation to all of their users. A user then shows up and knows that the server is running low on space. Therefore the user decides to fill up their allocation with junk, delete it, fill it up again, delete it, etc. Each time the server will have to move all the user's junk to some temp space in order to simulate the atomic delete. If the server can't delete the temp files fast enough then the server's disk space will be overrun. One could attempt to counter this attack by specifying that one can only DELETE something if one has enough space left in one's space allocation for the MOVE. Of course this means that if one has filled up one's allocation and wants to delete some files to get more space the delete will fail because there is no room to do the move. Of course, if there was room to do the move then one wouldn't have wanted to delete the files since one would still have space. Catch-22. Problem #3 - File system servers are now getting smart enough to add eventing support to their file systems. The idea is that you can register to be told when a file is deleted or moved. However the delete and move events are different. Forcing WebDAV file system servers to simulate a DELETE as a move would cause the wrong event to get triggered. This means that one can never be sure if that MOVE event was received because the user intended to MOVE a file or because it was part of a DELETE operation. This is especially important when one has a store that is accessible through multiple means, say WebDAV and FTP. The events are registered directly on the file system, not in the WebDAV or FTP implementation. So there is no way for the WebDAV implementation to say "I know I'm doing a MOVE but you really should just trigger the delete event." There is then the third and final issue, WebDAV begins with a "D" for a reason. It's goal is to be distributed. Requiring atomic DELETEs would essentially hinder all but the most expensive of systems from being able to implement distributed namespaces across multiple physical servers. The reason being that the atomic requirement means that these systems will have to establish transactioning systems between themselves in order to issue DELETEs if they share namespace. As such I move that the atomic DELETE language be struck from the BIND spec on the grounds that it destroys interoperability, requires behavior that would preclude file system based systems from supporting WebDAV and significantly increases the cost of implementing WebDAV in a distributed manner. ------_=_NextPart_001_01BF608B.6556491C Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.AtomicDelete

The second to last paragraph in = section 6 reads: "Although [WebDAV] allows a DELETE to be a = non-atomic operation, the DELETE operation defined here is = atomic. In particular, a DELETE on a hierarchy of resources is = simply the removal of a binding to the collection identified by the = Request-URI, and so is a single (and therefore atomic) = operation."

Because BIND redefines how collections = work the effect of this paragraph is to directly amend the behavior of = RFC 2518 in a manner that is not compliant with how RFC 2518 is = currently written.

Things brings up the first issue. = Redefining DELETE to be atomic without using the mandatory mechanism to = prevent confusion on the part of clients and servers will destroy = interoperability with RFC 2518 systems. A BIND enhanced client issuing = a DELETE against a RFC 2518 server will expect atomic behavior and = probably won't get it. This is a failure of interoperability. There are = too many deployed RFC 2518 systems for us to simply hide our heads in = the sand and say "Well gee, BIND redefines RFC 2518 so everyone = should change their functionality.".

There are cases where it is worth = creating incompatibilities, for example, if you find out that their is = a serious flaw in the protocol. However no one has demonstrated that = the non-atomic behavior of DELETE is a flaw. It is a pain, that is = true. It certainly makes it difficult to write clients. But as = evidenced by the number of WebDAV clients it is clear that the = requirement is one that can be met. Heck, as evidenced by the number of = file system clients written in the last 30 years, it is clear that the = requirement to handle non-atomic behavior can be met.

Changing DELETE to atomic is = especially egregious given that WebDAV does not prevent a server from = implementing DELETE atomically. Rather it puts the client in the = unfortunate situation of having to deal with systems that can't = necessarily support atomic DELETE. There are, I freely admit, = circumstances in which a client MUST be able to ensure that a DELETE is = issued atomically. Clients in those cases will have to choose to not = interoperate with many WebDAV servers in order to gain atomic delete. = The proper way for them to express their requirement that a delete be = atomic is either to issue DELETE with a MAN extension or to create a = new method. But the behavior of the DELETE method is well defined by = RFC 2518 and given that there is no evidence that this behavior is = broken in any way. In fact, given that their is over whelming evidence = that non-atomic DELETE works just fine and leads to interoperable = implementations.

Let me clarify that DELETE was defined = to not be atomic with malice of fore thought. The non-atomic delete = language was the result of nearly three years of negotiations and = represented a deep and broad consensus built up amongst a huge = community. Might I respectfully suggest to the BIND authors that they = should not be so ready to overthrow years of careful consensus = building.

Do not imagine that the lack of = screaming on this issue reflects consensus. Rather it reflects the fact = that most of the WebDAV community is too busy implementing RFC 2518 to = pay much attention to BIND. The BIND functionality, while I believe it = will be important to WebDAV, is a bit ahead of the majority of = implementers so they just aren't reading or reviewing it, yet.

The key reason DELETE was not allowed = to be atomic (which certainly would have been a nice thing to be able = to do) has to do with the way file systems work. Most file systems do = not support depth operations atomically. So, for example, when you = delete a directory what actually happens is that the program does a = depth first walk of the directory tree and deletes all the individual = files, walking backwards up the tree until finally deleting the parent = directory.

This brings us to our second issue, = the argument has been made that a file system could simulate an atomic = DELETE by issuing a MOVE command against a directory and ensuring that = nothing exists at the destination. This would make it appear that all = the files have been deleted. The file system could then later delete = the files at its convenience. In addition this sort of implementation = would allow the type of functionality you see today in the Windows GUI = where deleted files are first placed into the waste basket before = actually being deleted.

This theory has several problems in = practice.

Problem #1 - There exists a write ACL = (which covers MOVE) and a delete ACL (which covers DELETE). It is = possible, therefore, to have the right to delete a file but not the = right to move it. As such if a user is running a WebDAV server under = their own authentication then the server will have to fail the DELETE = command, even if they have the right access settings for delete, = because the server can't move the file first in order to simulate the = atomic DELETE behavior. The prevents file system based servers from = implementing the "MOVE is an atomic DELETE" hack.

Problem #2 - The required mechanism = could actually form a denial of service attack. Imagine a server gives = a space allocation to all of their users. A user then shows up and = knows that the server is running low on space. Therefore the user = decides to fill up their allocation with junk, delete it, fill it up = again, delete it, etc. Each time the server will have to move all the = user's junk to some temp space in order to simulate the atomic delete. = If the server can't delete the temp files fast enough then the server's = disk space will be overrun. One could attempt to counter this attack by = specifying that one can only DELETE something if one has enough space = left in one's space allocation for the MOVE. Of course this means that = if one has filled up one's allocation and wants to delete some files to = get more space the delete will fail because there is no room to do the = move. Of course, if there was room to do the move then one wouldn't = have wanted to delete the files since one would still have space. = Catch-22.

Problem #3 - File system servers are = now getting smart enough to add eventing support to their file systems. = The idea is that you can register to be told when a file is deleted or = moved. However the delete and move events are different. Forcing WebDAV = file system servers to simulate a DELETE as a move would cause the = wrong event to get triggered. This means that one can never be sure if = that MOVE event was received because the user intended to MOVE a file = or because it was part of a DELETE operation. This is especially = important when one has a store that is accessible through multiple = means, say WebDAV and FTP. The events are registered directly on the = file system, not in the WebDAV or FTP implementation. So there is no = way for the WebDAV implementation to say "I know I'm doing a MOVE = but you really should just trigger the delete event."

There is then the third and final = issue, WebDAV begins with a "D" for a reason. It's goal is to = be distributed. Requiring atomic DELETEs would essentially hinder all = but the most expensive of systems from being able to implement = distributed namespaces across multiple physical servers. The reason = being that the atomic requirement means that these systems will have to = establish transactioning systems between themselves in order to issue = DELETEs if they share namespace.

As such I move that the atomic DELETE = language be struck from the BIND spec on the grounds that it destroys = interoperability, requires behavior that would preclude file system = based systems from supporting WebDAV and significantly increases the = cost of implementing WebDAV in a distributed manner.

------_=_NextPart_001_01BF608B.6556491C-- From w3c-dist-auth-request@w3.org Sun Jan 16 20:54:54 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12471 for ; Sun, 16 Jan 2000 20:54:53 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA08683; Sun, 16 Jan 2000 20:44:11 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:44:11 -0500 (EST) Resent-Message-Id: <200001170144.UAA08683@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E1C@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:43:14 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608C.50FAF458" Subject: WebDAV Bindings - Issue Yaron.AtomicMove Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3842 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608C.50FAF458 Content-Type: text/plain; charset="iso-8859-1" The last paragraph of section 8 reads: "Although [WebDAV] allows a MOVE on a collection to be a non-atomic operation, the MOVE operation defined here MUST be atomic. Even when the Request-URI identifies a collection, the MOVE operation involves only removing one binding to that collection and adding another. There are no operations on bindings to any of its children, so the case of MOVE on a collection is the same as the case of MOVE on a non-collection resource. Both are atomic." As there is no way to tell the difference between a URI that was mapped through a BIND method and a URI that was mapped through a MKCOL the effect of this paragraph is to re-write RFC 2518 to make MOVE atomic. The issue here is largely a repeat of the issues addressed in Yaron.AtomicDelete. An additional issue, beyond Yaron.AtomicDelete, is that MOVE in most file systems is actually implemented as a copy followed by a delete, at least in the case of directories. Hence file systems can not implement atomic moves. Hence requiring atomic moves means that file systems can not implement WebDAV. Furthermore even though some of the more advanced file systems can handle atomic MOVEs, they can only do so within a single volume. This would mean that a server which had more than one file volume would have to refuse user requests to move files across the volumes solely because it could not do so atomically. Finally, the title of DAV begins with a D for a very specific reason. Requiring atomic behavior on MOVEs will prevent all but the highest end systems from being able to MOVE files between systems because the cooperating systems would have to implement a transactioning system between themselves. As such I move that the atomic MOVE language be struck from the BIND spec on the grounds that it reduces interoperability, requires behavior that would preclude file system based systems from supporting WebDAV and significantly hinders WebDAV's ability to act in a distributed manner. ------_=_NextPart_001_01BF608C.50FAF458 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.AtomicMove

The last paragraph of section 8 reads: = "Although [WebDAV] allows a MOVE on a collection to be a = non-atomic operation, the MOVE operation defined here MUST be = atomic. Even when the Request-URI identifies a collection, the = MOVE operation involves only removing one binding to that collection = and adding another. There are no operations on bindings to any of = its children, so the case of MOVE on a collection is the same as the = case of MOVE on a non-collection resource. Both are = atomic."

As there is no way to tell the = difference between a URI that was mapped through a BIND method and a = URI that was mapped through a MKCOL the effect of this paragraph is to = re-write RFC 2518 to make MOVE atomic. The issue here is largely a = repeat of the issues addressed in Yaron.AtomicDelete.

An additional issue, beyond = Yaron.AtomicDelete, is that MOVE in most file systems is actually = implemented as a copy followed by a delete, at least in the case of = directories. Hence file systems can not implement atomic moves. Hence = requiring atomic moves means that file systems can not implement = WebDAV.

Furthermore even though some of the = more advanced file systems can handle atomic MOVEs, they can only do so = within a single volume. This would mean that a server which had more = than one file volume would have to refuse user requests to move files = across the volumes solely because it could not do so = atomically.

Finally, the title of DAV begins with = a D for a very specific reason. Requiring atomic behavior on MOVEs will = prevent all but the highest end systems from being able to MOVE files = between systems because the cooperating systems would have to implement = a transactioning system between themselves.

As such I move that the atomic MOVE = language be struck from the BIND spec on the grounds that it reduces = interoperability, requires behavior that would preclude file system = based systems from supporting WebDAV and significantly hinders WebDAV's = ability to act in a distributed manner.

------_=_NextPart_001_01BF608C.50FAF458-- From w3c-dist-auth-request@w3.org Sun Jan 16 20:57:20 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12489 for ; Sun, 16 Jan 2000 20:57:19 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA09505; Sun, 16 Jan 2000 20:46:25 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:46:25 -0500 (EST) Resent-Message-Id: <200001170146.UAA09505@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E16@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:45:30 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608C.A1476784" Subject: WebDAV Bindings - Issue Yaron.NoSlash Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3843 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608C.A1476784 Content-Type: text/plain; charset="iso-8859-1" The first sentence of section 5.1 reads: The BIND method creates a new binding between the resource identified by the Request-URI and the final segment of the Destination header (minus any trailing slash)." This requirement makes it impossible to directly address a collection in the manner allowed by section 5.2 of RFC 2518. For example, if a user wishes to bind the resource pointed to by http://foo/bar/blah to the name http://icky/bicky/boo/ then the result of the bind method will be, due to the removal of the trailing slash, a binding to "boo" instead of "boo/". The second to last paragraph of section 5.2 of RFC 2518 states that http://icky/bicky/boo/ and http://icky/bicky/boo SHOULD be the same resource but are not required to be the same resource. Therefore the result of the BIND method would be to cause a binding to http://icky/bicky/boo which may be a completely different resource from the resource specified by the user, http://ficky/bicky/boo/. It would appear that the essential problem is that HTTP URLs can end in a "/". In an ideal world this would not have been allowed. We would only use "/" as a separator and therefore having it at the end of the a HTTP URL wouldn't make any sense as there would be nothing to separate. This would solve a lot of problems for WebDAV. Unfortunately the cat is already out of the bag. RFC 2616 allows a "/" at the end of a URI. Implementers of RFC 2616 already use the "/" to mean a different resource from the slash less version. Even RFC 2518 explicitly recognizes that the trailing slash and non-trailing slash version of a HTTP URL may be different resources. Therefore the BIND spec is directly violating RFC 2518. You absolutely can not do this without at least pointing out, explicitly, that you are doing this. That having been said, what the hell? The trailing slash issue has been dogging us forever. I would LOVE to upgrade the SHOULD in RFC 2518 to a MUST. This, essentially, is what the BIND spec has done. But the onus is on the BIND authors to prove that upgrading the requirement from a SHOULD to a MUST won't cause an interoperability issue. Therefore the BIND authors have, in my opinion, two options: Option 1 - Change the BIND spec to allow a trailing slash and watch your model get shredded as you attempt to deal with the semantics of a trailing slash. Option 2 - Keep the current language but add a note specifically stating that you are violating RFC 2518 and, on the mailing list, provide a listing of existing WebDAV client/server implementations and see if any of them actually differentiate resources based on the trailing slash. If the answer (as I suspect) is that no one differentiates based on the trailing "/" then I think we have the basis for declaring consensus on the change. However, if the authors fail to perform this analysis then I believe the chair MUST strike down the BIND draft by declaring that in the absence of such an analysis it is impossible to declare a consensus on the issue of upgrading the SHOULD to a MUST. We can't use silence as a sign of assent on such a serious change. I move that we force the authors with threats of jeering and paying for every IETF dinner from here to eternity to adopt Option 2 and free us from the nonsense of the trailing slash. Yaron P.S. The requirement that http://foo/blah/ and http://foo/blah point to the same resource would ONLY apply to WebDAV compliant resources. So we are not changing 2616. We are only saying "If you voluntarily choose to support WebDAV THEN you must follow this rule." That way the only spec that needs to change is 2518, NOT 2616. That having been said, I would LOVE to get 2616 changed to say this as well but I don't have enough free time on my hands to push for this change to 2616. P.P.S. Normally I would ante up under the rule of "put your money where your mouth is" and do the analysis myself but I have to fly to Israel on the 19th to make the last day of my Grand Father's Shiva. Unfortunately my schedule is already completely filled and now I have to fly off to Israel at the last second to attend to family duties. So I'm completely swamped until February. So unless we want to hold up the spec until sometime in late February someone else is going to have to perform the analysis. As it is I am sending in my comments on the BIND spec during the weekend because I am so swamped. ------_=_NextPart_001_01BF608C.A1476784 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.NoSlash

The first sentence of section 5.1 = reads: The BIND method creates a new binding between the resource = identified by the Request-URI and the final segment of the Destination = header (minus any trailing slash)."

This requirement makes it impossible = to directly address a collection in the manner allowed by section 5.2 = of RFC 2518. For example, if a user wishes to bind the resource pointed = to by http://foo/bar/blah to the name http://icky/bicky/boo/ then the result of the = bind method will be, due to the removal of the trailing slash, a = binding to "boo" instead of "boo/". The second to = last paragraph of section 5.2 of RFC 2518 states that http://icky/bicky/boo/ and http://icky/bicky/boo SHOULD be the same resource = but are not required to be the same resource. Therefore the result of = the BIND method would be to cause a binding to http://icky/bicky/boo which may be a completely = different resource from the resource specified by the user, http://ficky/bicky/boo/.

It would appear that the essential = problem is that HTTP URLs can end in a "/". In an ideal world = this would not have been allowed. We would only use "/" as a = separator and therefore having it at the end of the a HTTP URL wouldn't = make any sense as there would be nothing to separate. This would solve = a lot of problems for WebDAV. Unfortunately the cat is already out of = the bag. RFC 2616 allows a "/" at the end of a URI. = Implementers of RFC 2616 already use the "/" to mean a = different resource from the slash less version. Even RFC 2518 = explicitly recognizes that the trailing slash and non-trailing slash = version of a HTTP URL may be different resources. Therefore the BIND = spec is directly violating RFC 2518. You absolutely can not do this = without at least pointing out, explicitly, that you are doing = this.

That having been said, what the hell? = The trailing slash issue has been dogging us forever. I would LOVE to = upgrade the SHOULD in RFC 2518 to a MUST. This, essentially, is what = the BIND spec has done. But the onus is on the BIND authors to prove = that upgrading the requirement from a SHOULD to a MUST won't cause an = interoperability issue.

Therefore the BIND authors have, in my = opinion, two options:

Option 1 - Change the BIND spec to = allow a trailing slash and watch your model get shredded as you attempt = to deal with the semantics of a trailing slash.

Option 2 - Keep the current language = but add a note specifically stating that you are violating RFC 2518 = and, on the mailing list, provide a listing of existing WebDAV = client/server implementations and see if any of them actually = differentiate resources based on the trailing slash. If the answer (as = I suspect) is that no one differentiates based on the trailing = "/" then I think we have the basis for declaring consensus on = the change. However, if the authors fail to perform this analysis then = I believe the chair MUST strike down the BIND draft by declaring that = in the absence of such an analysis it is impossible to declare a = consensus on the issue of upgrading the SHOULD to a MUST. We can't use = silence as a sign of assent on such a serious change.

I move that we force the authors with = threats of jeering and paying for every IETF dinner from here to = eternity to adopt Option 2 and free us from the nonsense of the = trailing slash.

= = Yaron

P.S. The requirement that http://foo/blah/ and http://foo/blah point to = the same resource would ONLY apply to WebDAV compliant resources. So we = are not changing 2616. We are only saying "If you voluntarily = choose to support WebDAV THEN you must follow this rule." That way = the only spec that needs to change is 2518, NOT 2616. That having been = said, I would LOVE to get 2616 changed to say this as well but I don't = have enough free time on my hands to push for this change to = 2616.

P.P.S. Normally I would ante up under = the rule of "put your money where your mouth is" and do the = analysis myself but I have to fly to Israel on the 19th to make the = last day of my Grand Father's Shiva. Unfortunately my schedule is = already completely filled and now I have to fly off to Israel at the = last second to attend to family duties. So I'm completely swamped until = February. So unless we want to hold up the spec until sometime in late = February someone else is going to have to perform the analysis. As it = is I am sending in my comments on the BIND spec during the weekend = because I am so swamped.

------_=_NextPart_001_01BF608C.A1476784-- From w3c-dist-auth-request@w3.org Sun Jan 16 20:58:45 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12514 for ; Sun, 16 Jan 2000 20:58:45 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA09711; Sun, 16 Jan 2000 20:47:58 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:47:58 -0500 (EST) Resent-Message-Id: <200001170147.UAA09711@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E1A@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:47:00 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608C.D89BDA26" Subject: WebDAV Bindings - Issue Yaron.BindSyntax Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3844 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608C.D89BDA26 Content-Type: text/plain; charset="iso-8859-1" The BIND spec defines that a binding is created by sending a message to the source and instructing it to create a binding at the destination. This is completely consistent with how WebDAV normally operates in methods such as COPY/MOVE where the source is instructed to make changes at the destination. Unfortunately, in the case of BIND, it introduces a very serious problem when (not if, but when) we introduce weak bindings. The problem is that the current bind syntax requires the active participation of the source to create a bind at the destination. In the case of a weak binding it is expected that the source may not even be aware of the binding. This is one of the main benefits of introducing weak bindings, it allows for bind like behavior without requiring the participation of the source. This enables many resources to have weak bindings against a resource without overloading the resource. An example may help here. Imagine a user wants to create a weak binding to http://www.yahoo.com/foo/bar. Currently, to create this weak binding, the user would have to issue the bind method to http://www.yahoo.com/foo/bar and ask the Yahoo server to somehow communicate with the destination server and create a weak binding. This is like telling people that before they can add a hyperlink to their HTML document they have to first get the resource pointed to by the hyperlink to somehow participate in the process. The ability to link to resources without the knowledge of the source (as the term is used in the BIND method) has been one of the key aspects of the scalability of the Web. In my mind the proper solution is to introduce a source header that, when used on a BIND method, would mean that the request-URI specifies the destination rather than the source. That having been said I really have no desire to prolong the agony of the BIND authors by asking them to add a new header and deal with all the complexities it would introduce. As such I am happy to settle for the following paragraph being added to section 5.1: "The BIND method MUST fail if it does not include a destination header. Note, however, that future specifications MAY introduce additional headers that resources could honor in the place of the destination header and so allow the BIND method to succeed in the absence of a destination header." This would allow us, in the future, to introduce a weak binding spec that could still use the BIND method without forcing us to use MAN or introduce a new method. ------_=_NextPart_001_01BF608C.D89BDA26 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.BindSyntax

The BIND spec defines that a binding = is created by sending a message to the source and instructing it to = create a binding at the destination. This is completely consistent with = how WebDAV normally operates in methods such as COPY/MOVE where the = source is instructed to make changes at the destination. Unfortunately, = in the case of BIND, it introduces a very serious problem when (not if, = but when) we introduce weak bindings. The problem is that the current = bind syntax requires the active participation of the source to create a = bind at the destination. In the case of a weak binding it is expected = that the source may not even be aware of the binding. This is one of = the main benefits of introducing weak bindings, it allows for bind like = behavior without requiring the participation of the source. This = enables many resources to have weak bindings against a resource without = overloading the resource.

An example may help here. Imagine a = user wants to create a weak binding to http://www.yahoo.com/foo/bar. Currently, to = create this weak binding, the user would have to issue the bind method = to http://www.yahoo.com/foo/bar and ask the Yahoo = server to somehow communicate with the destination server and create a = weak binding. This is like telling people that before they can add a = hyperlink to their HTML document they have to first get the resource = pointed to by the hyperlink to somehow participate in the process. The = ability to link to resources without the knowledge of the source (as = the term is used in the BIND method) has been one of the key aspects of = the scalability of the Web.

In my mind the proper solution is to = introduce a source header that, when used on a BIND method, would mean = that the request-URI specifies the destination rather than the = source.

That having been said I really have no = desire to prolong the agony of the BIND authors by asking them to add a = new header and deal with all the complexities it would introduce. As = such I am happy to settle for the following paragraph being added to = section 5.1: "The BIND method MUST fail if it does not include a = destination header. Note, however, that future specifications MAY = introduce additional headers that resources could honor in the place of = the destination header and so allow the BIND method to succeed in the = absence of a destination header."

This would allow us, in the future, to = introduce a weak binding spec that could still use the BIND method = without forcing us to use MAN or introduce a new method.

------_=_NextPart_001_01BF608C.D89BDA26-- From w3c-dist-auth-request@w3.org Sun Jan 16 20:59:31 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12525 for ; Sun, 16 Jan 2000 20:59:31 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA10033; Sun, 16 Jan 2000 20:48:50 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:48:50 -0500 (EST) Resent-Message-Id: <200001170148.UAA10033@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E19@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:47:55 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608C.F7CC7D88" Subject: WebDAV Bindings - Issue Yaron.403 Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3845 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608C.F7CC7D88 Content-Type: text/plain; charset="iso-8859-1" Section 5.2 of the Bind spec instructs the reader that if a server wishes to reject a BIND request because it would cause a loop then the server should return a 403 (Forbidden). However 403 is overloaded as it is. For example, a 403 could mean that the method is banned at the moment for some reason even though it is normally supported. This means that someone trying to write an API to issue a BIND never really knows what a 403 means and so doesn't know if they should tell the user that the server is currently just not going to let the user perform this action or if the problem is that the action would result in a loop. Therefore the use of 403 introduces a vagueness into the response. Therefore I move that a new 4xx error code be introduced to cover the case when a server refuses a BIND because it would cause a loop. Yaron P.S. I think that the introduction of all these new error codes is a mistake. A new error code should only be, in my opinion, introduced when it provides a very high level error description that could be reasonably used by members of the HTTP infrastructure, meaning firewalls and proxies. Otherwise only the x00 errors should be used for everything and either new headers or a body should be introduced to give detailed error information. But I'm way too busy to try and push for this change so for the moment let's just throw another error code on the barbie until people go insane with them. It will be interesting to see how bad things have to become before we can get this fixed. ------_=_NextPart_001_01BF608C.F7CC7D88 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.403

Section 5.2 of the Bind spec instructs = the reader that if a server wishes to reject a BIND request because it = would cause a loop then the server should return a 403 (Forbidden). = However 403 is overloaded as it is. For example, a 403 could mean that = the method is banned at the moment for some reason even though it is = normally supported. This means that someone trying to write an API to = issue a BIND never really knows what a 403 means and so doesn't know if = they should tell the user that the server is currently just not going = to let the user perform this action or if the problem is that the = action would result in a loop. Therefore the use of 403 introduces a = vagueness into the response.

Therefore I move that a new 4xx error code be introduced = to cover the case when a server refuses a BIND because it would cause a = loop.

= Yaron

P.S. I think that the introduction of = all these new error codes is a mistake. A new error code should only = be, in my opinion, introduced when it provides a very high level error = description that could be reasonably used by members of the HTTP = infrastructure, meaning firewalls and proxies. Otherwise only the x00 = errors should be used for everything and either new headers or a body = should be introduced to give detailed error information. But I'm way = too busy to try and push for this change so for the moment let's just = throw another error code on the barbie until people go insane with = them. It will be interesting to see how bad things have to become = before we can get this fixed.

------_=_NextPart_001_01BF608C.F7CC7D88-- From w3c-dist-auth-request@w3.org Sun Jan 16 21:00:08 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA12544 for ; Sun, 16 Jan 2000 21:00:08 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA10250; Sun, 16 Jan 2000 20:49:25 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:49:25 -0500 (EST) Resent-Message-Id: <200001170149.UAA10250@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E17@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:48:28 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608D.0CC0E88C" Subject: WebDAV Bindings - Issue Yaron.ApplePie Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3846 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608D.0CC0E88C Content-Type: text/plain; charset="iso-8859-1" The second to last paragraph of section 5.1 reads "After successful processing of a BIND request, it MUST be possible for clients to use the URI in the Destination header to submit requests to the resource identified by the Request-URI." This is a motherhood and apple pie requirement. It sounds good but in practice it doesn't enhance interoperability. What does it mean to "submit requests"? What period of time is covered by "After"? For example, if user A successfully issues a BIND and then user B using FTP deletes the mapped in resource and when user A tries to "submit requests" to the resource the requests fail, is the system in non-compliance? There is no way to tell the difference between the previous scenario and a scenario in which the system accepted the BIND and decided to do nothing with it. This is called being a sucky server but such behavior has absolutely no effect on interoperability because it is indistinguishable from the original example I provided about User A & B. As such I move that this paragraph be removed from the draft. ------_=_NextPart_001_01BF608D.0CC0E88C Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.ApplePie

The second to last paragraph of = section 5.1 reads "After successful processing of a BIND request, = it MUST be possible for clients to use the URI in the Destination = header to submit requests to the resource identified by the = Request-URI." This is a motherhood and apple pie requirement. It = sounds good but in practice it doesn't enhance interoperability. What = does it mean to "submit requests"? What period of time is = covered by "After"? For example, if user A successfully = issues a BIND and then user B using FTP deletes the mapped in resource = and when user A tries to "submit requests" to the resource = the requests fail, is the system in non-compliance? There is no way to = tell the difference between the previous scenario and a scenario in = which the system accepted the BIND and decided to do nothing with it. = This is called being a sucky server but such behavior has absolutely no = effect on interoperability because it is indistinguishable from the = original example I provided about User A & B.

As such I move that this paragraph be = removed from the draft.

------_=_NextPart_001_01BF608D.0CC0E88C-- From w3c-dist-auth-request@w3.org Sun Jan 16 21:00:57 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA12564 for ; Sun, 16 Jan 2000 21:00:57 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA10582; Sun, 16 Jan 2000 20:50:13 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:50:13 -0500 (EST) Resent-Message-Id: <200001170150.UAA10582@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E15@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:49:15 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608D.291A5EB4" Subject: WebDAV Bindings - Issue Yaron.MrIntegrity Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3847 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608D.291A5EB4 Content-Type: text/plain; charset="iso-8859-1" The last sentence of the last paragraph of section 4 reads "Implementations MUST ensure the integrity of bindings." Similar language is used in the second paragraph of section 5.1. However the term "integrity" was never well defined inside of the specification. As such it is impossible to comply with this requirement in an interoperable way. I would strongly caution against attempting to specify the definition for integrity, English is much too inexact a language for such an attempt to be successful. As such, I move that both sentences be removed and be replaced with a series of statements that define, in exact language, the requirements that are to be represented by the term "integrity", each sentence properly qualified with a MUST. ------_=_NextPart_001_01BF608D.291A5EB4 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.MrIntegrity

The last sentence of the last = paragraph of section 4 reads "Implementations MUST ensure the = integrity of bindings." Similar language is used in the second = paragraph of section 5.1. However the term "integrity" was = never well defined inside of the specification. As such it is = impossible to comply with this requirement in an interoperable way. I = would strongly caution against attempting to specify the definition for = integrity, English is much too inexact a language for such an attempt = to be successful.

As such, I move that both sentences be removed and be = replaced with a series of statements that define, in exact language, = the requirements that are to be represented by the term = "integrity", each sentence properly qualified with a = MUST.

------_=_NextPart_001_01BF608D.291A5EB4-- From w3c-dist-auth-request@w3.org Sun Jan 16 21:02:04 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA12630 for ; Sun, 16 Jan 2000 21:02:04 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA10824; Sun, 16 Jan 2000 20:50:59 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:50:59 -0500 (EST) Resent-Message-Id: <200001170150.UAA10824@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E20@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:50:00 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608D.43EA70DA" Subject: WebDAV Bindings - Issue Yaron.PublishBind Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3848 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608D.43EA70DA Content-Type: text/plain; charset="iso-8859-1" The spec refers to the redirect resource draft, even attempting to refer to its RFC number. This means that the bind spec can not be published as an RFC until the redirect resource draft is approved. While it is nice to point out that the redirect resource draft exists I can find no compelling reason to mention it when doing so restricts the schedule for the Bind draft's standardization. Therefore I move that all references to the redirect resource draft be stricken from the Bind spec, specifically the removal of the last paragraph of the abstract, the 2nd, 4th and 5th to last paragraphs of the Introduction and the reference [RR]. ------_=_NextPart_001_01BF608D.43EA70DA Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.PublishBind

The spec refers to the redirect = resource draft, even attempting to refer to its RFC number. This means = that the bind spec can not be published as an RFC until the redirect = resource draft is approved. While it is nice to point out that the = redirect resource draft exists I can find no compelling reason to = mention it when doing so restricts the schedule for the Bind draft's = standardization. Therefore I move that all references to the redirect = resource draft be stricken from the Bind spec, specifically the removal = of the last paragraph of the abstract, the 2nd, 4th and 5th to last = paragraphs of the Introduction and the reference [RR].

------_=_NextPart_001_01BF608D.43EA70DA-- From w3c-dist-auth-request@w3.org Sun Jan 16 21:02:31 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA12641 for ; Sun, 16 Jan 2000 21:02:31 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA11042; Sun, 16 Jan 2000 20:51:46 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:51:46 -0500 (EST) Resent-Message-Id: <200001170151.UAA11042@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E21@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:50:48 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608D.602C0F7E" Subject: WebDAV Bindings - Issue Yaron.WeScrewedUp Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3849 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608D.602C0F7E Content-Type: text/plain; charset="iso-8859-1" The bind draft makes a heroic attempt to map its philosophy of the naming relationships of collections and resources to the statements made in the WebDAV spec. The end result are sections like the "Internal Member URI" section. Unfortunately the attempts to try and reverse engineer the WebDAV language into something sensible only makes the draft significantly more confusing to the reader. I think the optimal solution would be to remove the language attempting to explain how one could make some sense out of WebDAV and instead say "WebDAV was wrong, we are right, just read this." For the truly dedicated we can add the "internal member URI" section to the appendix where it, along with WebDAV's mistakes, will hopefully be soon forgotten. BTW, we should obviously fix the WebDAV draft but that will take a while and I can't think of a good reason to hold the bind draft up until that happens. Therefore the bind draft should introduce the new language and we will roll that language into WebDAV at the appropriate time. As such I propose that ALL mentions of "Internal Member URIs" be stricken from the main body of the spec and only be mentioned, if at all, in an appendix. ------_=_NextPart_001_01BF608D.602C0F7E Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.WeScrewedUp

The bind draft makes a heroic attempt = to map its philosophy of the naming relationships of collections and = resources to the statements made in the WebDAV spec. The end result are = sections like the "Internal Member URI" section. = Unfortunately the attempts to try and reverse engineer the WebDAV = language into something sensible only makes the draft significantly = more confusing to the reader. I think the optimal solution would be to = remove the language attempting to explain how one could make some sense = out of WebDAV and instead say "WebDAV was wrong, we are right, = just read this." For the truly dedicated we can add the = "internal member URI" section to the appendix where it, along = with WebDAV's mistakes, will hopefully be soon forgotten.

BTW, we should obviously fix the WebDAV draft but that = will take a while and I can't think of a good reason to hold the bind = draft up until that happens. Therefore the bind draft should introduce = the new language and we will roll that language into WebDAV at the = appropriate time.

As such I propose that ALL mentions of "Internal = Member URIs" be stricken from the main body of the spec and only = be mentioned, if at all, in an appendix.

------_=_NextPart_001_01BF608D.602C0F7E-- From w3c-dist-auth-request@w3.org Sun Jan 16 21:02:44 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA12652 for ; Sun, 16 Jan 2000 21:02:43 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA11270; Sun, 16 Jan 2000 20:52:00 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:52:00 -0500 (EST) Resent-Message-Id: <200001170152.UAA11270@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E22@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:51:01 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608D.6848AFB4" Subject: WebDAV Bindings - Issue Yaron.4Huh? Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3850 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608D.6848AFB4 Content-Type: text/plain; charset="iso-8859-1" I have read the following sentence three times from section 4 and I still can't figure out what it means - "The URI segment associated with a resource by one of a collection's bindings is also the final segment of one or more of the collection's internal member URIs." This is probably because it mentions 'internal member URI'. If we adopt Yaron:WeScrewedUp then this issue becomes irrelevant. Otherwise I move that this sentence be re-written. ------_=_NextPart_001_01BF608D.6848AFB4 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.4Huh?

I have read the following sentence = three times from section 4 and I still can't figure out what it means - = "The URI segment associated with a resource by one of a = collection's bindings is also the final segment of one or more of the = collection's internal member URIs." This is probably because it = mentions 'internal member URI'. If we adopt Yaron:WeScrewedUp then this = issue becomes irrelevant. Otherwise I move that this sentence be = re-written.

------_=_NextPart_001_01BF608D.6848AFB4-- From w3c-dist-auth-request@w3.org Sun Jan 16 21:03:30 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA12663 for ; Sun, 16 Jan 2000 21:03:30 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA11738; Sun, 16 Jan 2000 20:52:49 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:52:49 -0500 (EST) Resent-Message-Id: <200001170152.UAA11738@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E23@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:51:50 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608D.859EDF20" Subject: WebDAV Bindings - Issue Yaron.5.3Huh? Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3851 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608D.859EDF20 Content-Type: text/plain; charset="iso-8859-1" The first paragraph of section 5.3 reads "Suppose a BIND request causes a binding from "Binding-Name" to resource R to be added to a collection, C. Then if C-MAP is the set of URI's that were mapped to C before the BIND request, then for each URI "C-URI" in C-MAP, the URI "C-URI/Binding-Name" is mapped to resource R following the BIND request." I have a B.S. in CS & EE and got A's in my classes on set theory and I still can't read this paragraph. I tried over and over again and I just couldn't figure it out. If you are going to try to write set theory in English you should at least translate it faithfully using the appropriate terms such as "for all" and "there is an instance of". Personally I would recommend just using an ASCII version of set code notation. Whatever you do, the current paragraph MUST go. It is unfathomable. In fact here is the best translation I have been able to come up with: Imagine I have a collection http://icky/bop which contains http://icky/bop/blah. Imagine I now want to map http://zizbang/rocky to http://icky/bop/rack. According to this language it would seem I would have to create a bind to http://icky/bop/blah/rack. I know this makes no sense but I swear that is what the sentence seemed to mean when I tried to read it four or five times. As such I move that the paragraph be rewritten. ------_=_NextPart_001_01BF608D.859EDF20 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.5.3Huh?

The first paragraph of section 5.3 = reads "Suppose a BIND request causes a binding from = "Binding-Name" to resource R to be added to a collection, = C. Then if C-MAP is the set of URI's that were mapped to C before = the BIND request, then for each URI "C-URI" in C-MAP, the URI = "C-URI/Binding-Name" is mapped to resource R following the = BIND request."

I have a B.S. in CS & EE and got A's in my classes = on set theory and I still can't read this paragraph. I tried over and = over again and I just couldn't figure it out. If you are going to try = to write set theory in English you should at least translate it = faithfully using the appropriate terms such as "for all" and = "there is an instance of". Personally I would recommend just = using an ASCII version of set code notation. Whatever you do, the = current paragraph MUST go. It is unfathomable. In fact here is the best = translation I have been able to come up with: Imagine I have a = collection http://icky/bop which contains http://icky/bop/blah. Imagine I now want to map = http://zizbang/rocky to http://icky/bop/rack. According to this language = it would seem I would have to create a bind to http://icky/bop/blah/rack. I know this makes no = sense but I swear that is what the sentence seemed to mean when I tried = to read it four or five times. As such I move that the paragraph be = rewritten.

------_=_NextPart_001_01BF608D.859EDF20-- From w3c-dist-auth-request@w3.org Sun Jan 16 21:04:00 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA12674 for ; Sun, 16 Jan 2000 21:04:00 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA12063; Sun, 16 Jan 2000 20:53:18 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:53:18 -0500 (EST) Resent-Message-Id: <200001170153.UAA12063@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E24@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:52:20 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608D.9763E5E8" Subject: WebDAV Bindings - Issue Yaron.5.4Huh? Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3852 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608D.9763E5E8 Content-Type: text/plain; charset="iso-8859-1" I had to read the example in section 5.4 a bunch of times before I finally, slowly, started to understand what it said. It is written in such an obscure manner that it was really difficult to follow what it was saying. Please, please, please, re-write it! I will try to find time to do a rewrite myself but right now I need to focus in on getting out these comments in order to make sure the issue is on the table. As such I move that the paragraph be rewritten. ------_=_NextPart_001_01BF608D.9763E5E8 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.5.4Huh?

I had to read the example in section = 5.4 a bunch of times before I finally, slowly, started to understand = what it said. It is written in such an obscure manner that it was = really difficult to follow what it was saying. Please, please, please, = re-write it! I will try to find time to do a rewrite myself but right = now I need to focus in on getting out these comments in order to make = sure the issue is on the table. As such I move that the paragraph be = rewritten.

------_=_NextPart_001_01BF608D.9763E5E8-- From w3c-dist-auth-request@w3.org Sun Jan 16 21:04:53 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA12685 for ; Sun, 16 Jan 2000 21:04:52 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id UAA12386; Sun, 16 Jan 2000 20:54:11 -0500 (EST) Resent-Date: Sun, 16 Jan 2000 20:54:11 -0500 (EST) Resent-Message-Id: <200001170154.UAA12386@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E25@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Sun, 16 Jan 2000 17:53:14 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF608D.B670C604" Subject: WebDAV Bindings - Issue Yaron.507 Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3853 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF608D.B670C604 Content-Type: text/plain; charset="iso-8859-1" In section 5.5 the 507 error code is written as "507 (Cross-Server Binding Forbidden): The server is unable to create the requested binding because it would bind a segment in a collection on one server to a resource on a different server." What does a server have to do with anything? If you try to bind two resources in different volumes on a FrontPage server the server will have to fail the BIND even though the resources are on the same server. In general bringing in the server is almost always a bad idea since resources can be spread out all over the place and the reasons for various failures may or may not have anything to do with how those resources are laid out on the servers. As such I move that the language for the 507 error code be altered to read that the resource was unable to create a binding to a destination and to leave the matter at that. All mentions of the word server should be stricken. ------_=_NextPart_001_01BF608D.B670C604 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.507

In section 5.5 the 507 error code is = written as "507 (Cross-Server Binding Forbidden): The server is = unable to create the requested binding because it would bind a segment = in a collection on one server to a resource on a different = server."

What does a server have to do with anything? If you try = to bind two resources in different volumes on a FrontPage server the = server will have to fail the BIND even though the resources are on the = same server. In general bringing in the server is almost always a bad = idea since resources can be spread out all over the place and the = reasons for various failures may or may not have anything to do with = how those resources are laid out on the servers. As such I move that = the language for the 507 error code be altered to read that the = resource was unable to create a binding to a destination and to leave = the matter at that. All mentions of the word server should be = stricken.

------_=_NextPart_001_01BF608D.B670C604-- From w3c-dist-auth-request@w3.org Mon Jan 17 13:03:00 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA04927 for ; Mon, 17 Jan 2000 13:03:00 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id MAA10993; Mon, 17 Jan 2000 12:50:12 -0500 (EST) Resent-Date: Mon, 17 Jan 2000 12:50:12 -0500 (EST) Resent-Message-Id: <200001171750.MAA10993@www19.w3.org> Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E26@BEG.platinum.corp.microsoft.com> From: Yaron Goland To: w3c-dist-auth@w3.org Date: Mon, 17 Jan 2000 09:43:06 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BF6113.3C34726A" Subject: WebDAV Bindings - Issue Yaron.Insulting2616 Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3854 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BF6113.3C34726A Content-Type: text/plain; charset="iso-8859-1" The language used in the first paragraph of section 6 makes certain assertions regarding the intentions of the authors of RFC 2616 that I believe may not necessarily be accurate. As such I move that the authors of the BIND spec send an e-mail to all the authors of RFC 2616 and ask them to validate the accuracy of the proposed language. ------_=_NextPart_001_01BF6113.3C34726A Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.Insulting2616

The language used in the first = paragraph of section 6 makes certain assertions regarding the = intentions of the authors of RFC 2616 that I believe may not = necessarily be accurate. As such I move that the authors of the BIND = spec send an e-mail to all the authors of RFC 2616 and ask them to = validate the accuracy of the proposed language.

------_=_NextPart_001_01BF6113.3C34726A-- From w3c-dist-auth-request@w3.org Mon Jan 17 14:43:36 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA07250 for ; Mon, 17 Jan 2000 14:43:36 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id OAA15875; Mon, 17 Jan 2000 14:30:18 -0500 (EST) Resent-Date: Mon, 17 Jan 2000 14:30:18 -0500 (EST) Resent-Message-Id: <200001171930.OAA15875@www19.w3.org> From: Jim Whitehead To: w3c-dist-auth@w3.org MMDF-Warning: Parse error in original version of preceding line at gremlin-relay.ics.uci.edu Cc: Roy Fielding Date: Mon, 17 Jan 2000 11:26:29 -0800 Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0004_01BF60DD.B2ED5380" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal In-Reply-To: <7DE119D3D0E15543874F7561EECBDBED02619E26@BEG.platinum.corp.microsoft.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: RE: WebDAV Bindings - Issue Yaron.Insulting2616 Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3855 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This is a multi-part message in MIME format. ------=_NextPart_000_0004_01BF60DD.B2ED5380 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit WebDAV Bindings - Issue Yaron.Insulting2616I currently have an email pending with Roy Fielding asking him about this issue. - Jim -----Original Message----- From: w3c-dist-auth-request@w3.org [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Yaron Goland Sent: Monday, January 17, 2000 9:43 AM To: w3c-dist-auth@w3.org Subject: WebDAV Bindings - Issue Yaron.Insulting2616 The language used in the first paragraph of section 6 makes certain assertions regarding the intentions of the authors of RFC 2616 that I believe may not necessarily be accurate. As such I move that the authors of the BIND spec send an e-mail to all the authors of RFC 2616 and ask them to validate the accuracy of the proposed language. ------=_NextPart_000_0004_01BF60DD.B2ED5380 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.Insulting2616

I=20 currently have an email pending with Roy Fielding asking him about = this=20 issue.

-=20 Jim

-----Original Message-----
From: = w3c-dist-auth-request@w3.org=20 [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Yaron=20 Goland
Sent: Monday, January 17, 2000 9:43 AM
To:=20 w3c-dist-auth@w3.org
Subject: WebDAV Bindings - Issue=20 Yaron.Insulting2616

The language used in the first = paragraph of section=20 6 makes certain assertions regarding the intentions of the authors of = RFC 2616=20 that I believe may not necessarily be accurate. As such I move that = the=20 authors of the BIND spec send an e-mail to all the authors of RFC 2616 = and ask=20 them to validate the accuracy of the proposed=20 language.

------=_NextPart_000_0004_01BF60DD.B2ED5380-- From w3c-dist-auth-request@w3.org Mon Jan 17 14:48:35 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA07389 for ; Mon, 17 Jan 2000 14:48:34 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id OAA16889; Mon, 17 Jan 2000 14:37:07 -0500 (EST) Resent-Date: Mon, 17 Jan 2000 14:37:07 -0500 (EST) Resent-Message-Id: <200001171937.OAA16889@www19.w3.org> From: Jim Whitehead To: w3c-dist-auth@w3.org MMDF-Warning: Parse error in original version of preceding line at gremlin-relay.ics.uci.edu Date: Mon, 17 Jan 2000 11:33:18 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal In-Reply-To: <7DE119D3D0E15543874F7561EECBDBED02619E21@BEG.platinum.corp.microsoft.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: RE: WebDAV Bindings - Issue Yaron.WeScrewedUp Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3856 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list Content-Transfer-Encoding: 7bit I'm comfortable with moving this section to an appendix. This section is only needed for reconciling the collection terminology of RFC 2518 with the terminology in the binding specification, not for understanding the spec. itself, and hence the reconciliation langugage could easily be moved to an appendix. - Jim -----Original Message----- From: w3c-dist-auth-request@w3.org [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Yaron Goland Sent: Sunday, January 16, 2000 5:51 PM To: w3c-dist-auth@w3.org Subject: WebDAV Bindings - Issue Yaron.WeScrewedUp The bind draft makes a heroic attempt to map its philosophy of the naming relationships of collections and resources to the statements made in the WebDAV spec. The end result are sections like the "Internal Member URI" section. Unfortunately the attempts to try and reverse engineer the WebDAV language into something sensible only makes the draft significantly more confusing to the reader. I think the optimal solution would be to remove the language attempting to explain how one could make some sense out of WebDAV and instead say "WebDAV was wrong, we are right, just read this." For the truly dedicated we can add the "internal member URI" section to the appendix where it, along with WebDAV's mistakes, will hopefully be soon forgotten. BTW, we should obviously fix the WebDAV draft but that will take a while and I can't think of a good reason to hold the bind draft up until that happens. Therefore the bind draft should introduce the new language and we will roll that language into WebDAV at the appropriate time. As such I propose that ALL mentions of "Internal Member URIs" be stricken from the main body of the spec and only be mentioned, if at all, in an appendix. From w3c-dist-auth-request@w3.org Mon Jan 17 14:48:42 2000 Received: from www19.w3.org (www19.w3.org [18.29.0.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA07401 for ; Mon, 17 Jan 2000 14:48:41 -0500 (EST) Received: (from daemon@localhost) by www19.w3.org (8.9.0/8.9.0) id OAA17030; Mon, 17 Jan 2000 14:37:44 -0500 (EST) Resent-Date: Mon, 17 Jan 2000 14:37:44 -0500 (EST) Resent-Message-Id: <200001171937.OAA17030@www19.w3.org> Message-ID: <018001bf6122$77087ad0$79442382@us.oracle.com> From: "Eric Sedlar" To: "Yaron Goland" , References: <7DE119D3D0E15543874F7561EECBDBED02619E1A@BEG.platinum.corp.microsoft.com> Date: Mon, 17 Jan 2000 11:38:44 -0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_017D_01BF60DF.68BD8E90" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Subject: Re: WebDAV Bindings - Issue Yaron.BindSyntax Resent-From: w3c-dist-auth@w3.org X-Mailing-List: archive/latest/3857 X-Loop: w3c-dist-auth@w3.org Sender: w3c-dist-auth-request@w3.org Resent-Sender: w3c-dist-auth-request@w3.org Precedence: list This is a multi-part message in MIME format. ------=_NextPart_000_017D_01BF60DF.68BD8E90 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable WebDAV Bindings - Issue Yaron.BindSyntaxIt depends on the kind of weak = binding you want. If it's something like a symbolic link, redirect = references work reasonably well for that. If you want a weak binding = (weak, in that it is not affecting the persistence of the item being = bound) that doesn't dangle, you have to notify the source, so that it = can send the destination an event when the source is deleted. --Eric ----- Original Message -----=20 From: Yaron Goland=20 To: w3c-dist-auth@w3.org=20 Sent: Sunday, January 16, 2000 5:47 PM Subject: WebDAV Bindings - Issue Yaron.BindSyntax The BIND spec defines that a binding is created by sending a message = to the source and instructing it to create a binding at the destination. = This is completely consistent with how WebDAV normally operates in = methods such as COPY/MOVE where the source is instructed to make changes = at the destination. Unfortunately, in the case of BIND, it introduces a = very serious problem when (not if, but when) we introduce weak bindings. = The problem is that the current bind syntax requires the active = participation of the source to create a bind at the destination. In the = case of a weak binding it is expected that the source may not even be = aware of the binding. This is one of the main benefits of introducing = weak bindings, it allows for bind like behavior without requiring the = participation of the source. This enables many resources to have weak = bindings against a resource without overloading the resource. An example may help here. Imagine a user wants to create a weak = binding to http://www.yahoo.com/foo/bar. Currently, to create this weak = binding, the user would have to issue the bind method to = http://www.yahoo.com/foo/bar and ask the Yahoo server to somehow = communicate with the destination server and create a weak binding. This = is like telling people that before they can add a hyperlink to their = HTML document they have to first get the resource pointed to by the = hyperlink to somehow participate in the process. The ability to link to = resources without the knowledge of the source (as the term is used in = the BIND method) has been one of the key aspects of the scalability of = the Web. In my mind the proper solution is to introduce a source header that, = when used on a BIND method, would mean that the request-URI specifies = the destination rather than the source. That having been said I really have no desire to prolong the agony of = the BIND authors by asking them to add a new header and deal with all = the complexities it would introduce. As such I am happy to settle for = the following paragraph being added to section 5.1: "The BIND method = MUST fail if it does not include a destination header. Note, however, = that future specifications MAY introduce additional headers that = resources could honor in the place of the destination header and so = allow the BIND method to succeed in the absence of a destination = header." This would allow us, in the future, to introduce a weak binding spec = that could still use the BIND method without forcing us to use MAN or = introduce a new method. ------=_NextPart_000_017D_01BF60DF.68BD8E90 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable