Network Working GroupA. Brown
Internet-DraftG. Clemm
Intended status: InformationalIBM
Expires: July 16, 2010J. Reschke, Editor
greenbytes
January 12, 2010

Link Relations for Simple Version Navigation
draft-brown-versioning-link-relations-06

Note: a later version of this document has been published as RFC5829.

Abstract

This specification defines Atom link relations for navigation between a resource and its versions.

Editorial Note (To be removed by RFC Editor before publication)

Please send comments to the Atom Syntax mailing list (<http://www.imc.org/atom-syntax/>).

Note that although discussion takes place on the Atompub working group's mailing list, this is not a working group document.

XML versions, latest edits and the issues list for this document are available from <http://greenbytes.de/tech/webdav/#draft-brown-versioning-link-relations>.

Status of this Memo

This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress”.

The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-Draft will expire on July 16, 2010.

Copyright Notice

Copyright © 2010 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License.


Table of Contents

Issues list

IdTypeStatusDateRaised By
editeditclosed2009-11-19julian.reschke@greenbytes.de
expose-urlschangeclosed2010-01-03ekr@networkresonance.com
 I  edit   (type: edit, status: closed)
julian.reschke@greenbytes.de2009-11-19 Umbrella issue for editorial fixes/enhancements.
Associated changes in this document: A.1, B.

1. Introduction

This specification defines link relations that may be used on a resource that exists in a system that supports versioning to navigate among the different resources available, such as past versions.

These link relations are used in the AtomPub ([RFC5023]) bindings of the "Content Management Interoperability Services" (CMIS). See Section 3.4.3.1 of [CMIS] for further information.

2. Terminology

Versioned Resource

Version History

Predecessor, Successor

Working Copy

Checkout

Checkin

Note: the operations for putting a resource under version control, and for checking in and checking out depend on the protocol in use and are beyond the scope of this document; see [CMIS], [RFC3253] and [JSR-283] for examples.

3. Link Relations

The following link relations are defined:

3.1 version-history

When included on a versioned resource, this link points to a resource containing the version history for this resource.

3.2 latest-version

When included on a versioned resource, this link points to a resource containing the latest (e.g., current) version.

The latest version is defined by the system. For linear versioning systems, this is probably the latest version by timestamp. For systems that support branching, there will be multiple latest versions, one for each branch in the version history.

Some systems may allow multiple of these link relations.

3.3 working-copy

When included on a versioned resource, this link points to a working copy for this resource.

Some systems may allow multiple of these link relations.

3.4 working-copy-of

When included on a working copy, this link points to the versioned resource from which this working copy was obtained.

3.5 predecessor-version

When included on a versioned resource, this link points to a resource containing the predecessor version in the version history.

Some systems may allow multiple of these link relations in the case of a multiple branches merging.

3.6 successor-version

When included on a versioned resource, this link points to a resource containing the successor version in the version history.

Some systems may allow multiple of these link relations in order to support branching.

4. IANA Considerations

The link relations below are to be registered by IANA per Section 7.1 of [RFC4287]:

4.1 'version-history' Link Relation Registration

Attribute Value:

version-history

Description:

See Section 3.1.

Expected display characteristics:

Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value.

Security considerations:

See Section 5.

4.2 'latest-version' Link Relation Registration

Attribute Value:

latest-version

Description:

See Section 3.2.

Expected display characteristics:

Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value.

Security considerations:

See Section 5.

4.3 'working-copy' Link Relation Registration

Attribute Value:

working-copy

Description:

See Section 3.3.

Expected display characteristics:

Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value.

Security considerations:

See Section 5.

4.4 'working-copy-of' Link Relation Registration

Attribute Value:

working-copy-of

Description:

See Section 3.4.

Expected display characteristics:

Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value.

Security considerations:

See Section 5.

4.5 'predecessor-version' Link Relation Registration

Attribute Value:

predecessor-version

Description:

See Section 3.5.

Expected display characteristics:

Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value.

Security considerations:

See Section 5.

4.6 'successor-version' Link Relation Registration

Attribute Value:

successor-version

Description:

See Section 3.6.

Expected display characteristics:

Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value.

Security considerations:

See Section 5.

5. Security Considerations

 I  expose-urls   (type: change, status: closed)
ekr@networkresonance.com2010-01-03 In general this mechanism seems sound but I'm not sure that the security considerations are entirely adequate. This mechanism lets you learn information about other versions of a resource even if you potentially don't have permission to view them directly. Consider a limiting case where each version of the resource had a name that contained the change set for that resource. E.g.,
http://example.com/versions/filename/_@line_50_+_FOO;@line_60_+_BAR/;
In this case, seeing other parts of the version tree leaks information about those versions. I don't think that this is a problem for the draft, but it might be useful to mention that this feature has implications for name construction.
2010-01-06Resolution:Add that consideration.
Associated changes in this document: 5.

Automated agents should take care when these relations cross administrative domains (e.g., the URI has a different authority than the current document). Such agents should also take care to detect circular references.

 I  

Care should be applied when versioned resources are subject to differing access policies. In this case, exposing links may leak information even if the linked resource itself is properly secured. In particular, the syntax of the link URI/IRI could expose sensitive information (see Section 16.2 of [RFC3253] for a similar consideration in WebDAV Versioning). Note that this applies to exposing link metadata in general, not only to links related to versioning.

6. Acknowledgments

Thanks to the members of Content Management Interoperability Services (CMIS) Technical Committee (TC) at OASIS for the initial proposal, and to Jan Algermissen for feedback during IETF review.

7. References

7.1 Normative References

[RFC4287]Nottingham, M. and R. Sayre, “The Atom Syndication Format”, RFC 4287, December 2005.

7.2 Informative References

[CMIS]Brown, A., Gur-Esh, E., McVeigh, R., and F. Muller, “Content Management Interoperability Services (CMIS) Version 1.0”, OASIS CMIS v1.0 Committee Draft 04, September 2009, <http://docs.oasis-open.org/cmis/CMIS/v1.0/cd04/cmis-spec-v1.0.html>.
[draft-nottingham-http-link-header]Nottingham, M., “Web Linking”, Internet-Draft draft-nottingham-http-link-header-06 (work in progress), July 2009.
[JSR-283]Day Software, Nuescheler, D., and P. Piegaze, “Content Repository API for Java(tm) Technology Specification”, Java Specification Request 283, August 2009, <http://www.day.com/specs/jcr/2.0/>.
[RFC3253]Clemm, G., Amsden, J., Ellison, T., Kaler, C., and J. Whitehead, “Versioning Extensions to WebDAV (Web Distributed Authoring and Versioning)”, RFC 3253, March 2002.
[RFC5023]Gregorio, J. and B. de hOra, “The Atom Publishing Protocol”, RFC 5023, October 2007.

A. Relationship to Java Content Repository (JCR) and WebDAV

The link relations defined in Section 3 correspond to various properties used in WebDAV Versioning [RFC3253] and JCR [JSR-283]:

version-history

latest-version

working-copy

working-copy-of

predecessor-version

successor-version

A.1 Example: Use of Link Relations in HTTP Link Header

The "Web Linking" specification ([draft-nottingham-http-link-header]) generalizes Atom link relations, and also re-introduces the HTTP "Link" header as a way to expose link relations in HTTP responses. This will make it possible to expose version links independently from a specific vocabulary, be it the Atom Feed Format ([RFC4287]) or WebDAV properties ([RFC3253]).

For instance, a response to an VERSION-CONTROL request ([RFC3253], Section 3.5) could expose newly created version-history and checked-in version as link relations:

>> Request:

VERSION-CONTROL /docs/test.txt HTTP/1.1
Host: example.net

>> Response:

HTTP/1.1  I 200 OK204 No Content
Link: </system/v/84345634/1>; rel=latest-version;
      anchor=</docs/test.txt>
Link: </system/vh/84345634>; rel=version-history;
      anchor=</docs/test.txt>

(Note that in this case, the anchor parameter is used, as the response to a VERSION-CONTROL request is not a representation of the resource at the Request-URI)

A subsequent HEAD request on that resource could expose the version-history and latest-version relations as well:

>> Request:

HEAD /docs/test.txt HTTP/1.1
Host: example.net

>> Response:

HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Content-Length: 12345
Link: </system/v/84345634/1>; rel=latest-version
Link: </system/vh/84345634>; rel=version-history

After creating more versions, following the latest-version would then expose predecessors of a version:

>> Request:

HEAD /system/v/84345634/3 HTTP/1.1
Host: example.net

>> Response:

HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Content-Length: 12323
Link: </system/v/84345634/2>; rel=predecessor-version

B. Change Log (to be removed by RFC Editor before publication)

B.1 Since draft-brown-link-relations-00

Added Geoff Clemm as author.

Renamed link relation "all-versions" to "version-history". Fixed description of "working-resource" relation to state that it appears on a version resource.

B.2 Since draft-brown-link-relations-01

Rewrite terminology and link relations using simpler definitions that can reflect versioning approaches different from WebDAV.

Add JCR/WebDAV property table. And reference to Web Linking draft (for now informative) and examples showing use of the Link header.

B.3 Since draft-brown-link-relations-02

Add and resolve issue "iana".

B.4 Since draft-brown-link-relations-03

Fix typo ("working-resource" instead of "working-copy"). Add and resolve issues "checked-out", "cmis" and "working-copy-of".

B.5 Since draft-brown-link-relations-04

Close issue "working-copy-of", which was really fixed in -04.

 I  

B.6 Since draft-brown-link-relations-05

Fix VERSION-CONTROL example to return 204 (there's no response body). Fix country names in contact information. Add and resolve issue "expose-urls".

Authors' Addresses

Al Brown
IBM
3565 Harbor Blvd
Costa Mesa, California 92626
USA
EMail: albertcbrown@us.ibm.com

Geoffrey Clemm
IBM
20 Maguire Road
Lexington, MA 02421
USA
EMail: geoffrey.clemm@us.ibm.com

Julian F. Reschke (editor)
greenbytes GmbH
Hafenweg 16
Muenster, NW 48155
Germany
EMail: julian.reschke@greenbytes.de
URI: http://greenbytes.de/tech/webdav/