This specification defines Atom link relations for navigation between a resource and its versions.¶
This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress”.¶
This Internet-Draft will expire on July 16, 2010.¶
Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License.¶
Note that although discussion takes place on the Atompub working group's mailing list, this is not a working group document.¶
XML versions, latest edits and the issues list for this document are available from <http://greenbytes.de/tech/webdav/#draft-brown-versioning-link-relations>.¶
|I edit (type: edit, status: closed)
|Umbrella issue for editorial fixes/enhancements.
|Associated changes in this document: A.1, B.
This specification defines link relations that may be used on a resource that exists in a system that supports versioning to navigate among the different resources available, such as past versions.¶
Versioned Resource ¶
Version History ¶
Predecessor, Successor ¶
Working Copy ¶
|I expose-urls (type: change, status: closed)
In general this mechanism seems sound but I'm not sure that
the security considerations are entirely adequate. This
mechanism lets you learn information about other versions
of a resource even if you potentially don't have permission
to view them directly. Consider a limiting case where each
version of the resource had a name that contained the
change set for that resource. E.g.,
In this case, seeing other parts of the version tree leaks information about those versions. I don't think that this is a problem for the draft, but it might be useful to mention that this feature has implications for name construction.
|Resolution:Add that consideration.
|Associated changes in this document: 5.
Automated agents should take care when these relations cross administrative domains (e.g., the URI has a different authority than the current document). Such agents should also take care to detect circular references.¶
Care should be applied when versioned resources are subject to differing access policies. In this case, exposing links may leak information even if the linked resource itself is properly secured. In particular, the syntax of the link URI/IRI could expose sensitive information (see Section 16.2 of [RFC3253] for a similar consideration in WebDAV Versioning). Note that this applies to exposing link metadata in general, not only to links related to versioning.
Thanks to the members of Content Management Interoperability Services (CMIS) Technical Committee (TC) at OASIS for the initial proposal, and to Jan Algermissen for feedback during IETF review.¶