Network Working Group A. Brown Internet-Draft G. Clemm Intended status: Informational IBM Expires: July 16, 2010 J. Reschke, Ed. greenbytes January 12, 2010 Link Relations for Simple Version Navigation draft-brown-versioning-link-relations-06 Abstract This specification defines Atom link relations for navigation between a resource and its versions. Editorial Note (To be removed by RFC Editor before publication) Please send comments to the Atom Syntax mailing list (). Note that although discussion takes place on the Atompub working group's mailing list, this is not a working group document. XML versions, latest edits and the issues list for this document are available from . Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Brown, et al. Expires July 16, 2010 [Page 1] Internet-Draft Version Navigation Link Relations January 2010 This Internet-Draft will expire on July 16, 2010. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License. Brown, et al. Expires July 16, 2010 [Page 2] Internet-Draft Version Navigation Link Relations January 2010 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Link Relations . . . . . . . . . . . . . . . . . . . . . . . . 5 3.1. version-history . . . . . . . . . . . . . . . . . . . . . 5 3.2. latest-version . . . . . . . . . . . . . . . . . . . . . . 5 3.3. working-copy . . . . . . . . . . . . . . . . . . . . . . . 5 3.4. working-copy-of . . . . . . . . . . . . . . . . . . . . . 5 3.5. predecessor-version . . . . . . . . . . . . . . . . . . . 5 3.6. successor-version . . . . . . . . . . . . . . . . . . . . 6 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 4.1. 'version-history' Link Relation Registration . . . . . . . 6 4.2. 'latest-version' Link Relation Registration . . . . . . . 6 4.3. 'working-copy' Link Relation Registration . . . . . . . . 6 4.4. 'working-copy-of' Link Relation Registration . . . . . . . 7 4.5. 'predecessor-version' Link Relation Registration . . . . . 7 4.6. 'successor-version' Link Relation Registration . . . . . . 7 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 7.1. Normative References . . . . . . . . . . . . . . . . . . . 8 7.2. Informative References . . . . . . . . . . . . . . . . . . 8 Appendix A. Relationship to Java Content Repository (JCR) and WebDAV . . . . . . . . . . . . . . . . . . . . . . . 9 A.1. Example: Use of Link Relations in HTTP Link Header . . . . 10 Appendix B. Change Log (to be removed by RFC Editor before publication) . . . . . . . . . . . . . . . . . . . . 12 B.1. Since draft-brown-link-relations-00 . . . . . . . . . . . 12 B.2. Since draft-brown-link-relations-01 . . . . . . . . . . . 12 B.3. Since draft-brown-link-relations-02 . . . . . . . . . . . 12 B.4. Since draft-brown-link-relations-03 . . . . . . . . . . . 12 B.5. Since draft-brown-link-relations-04 . . . . . . . . . . . 12 B.6. Since draft-brown-link-relations-05 . . . . . . . . . . . 12 Appendix C. Resolved issues (to be removed by RFC Editor before publication) . . . . . . . . . . . . . . . . . 12 C.1. edit . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 C.2. expose-urls . . . . . . . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13 Brown, et al. Expires July 16, 2010 [Page 3] Internet-Draft Version Navigation Link Relations January 2010 1. Introduction This specification defines link relations that may be used on a resource that exists in a system that supports versioning to navigate among the different resources available, such as past versions. These link relations are used in the AtomPub ([RFC5023]) bindings of the "Content Management Interoperability Services" (CMIS). See Section 3.4.3.1 of [CMIS] for further information. 2. Terminology Versioned Resource When a resource is put under version control, it becomes a "versioned resource". Many servers protect versioned resources from modifications by considering them "checked in", and by requiring a "checkout" operation before modification, and a "checkin" operation to get back to the "checked-in" state. Other servers allow modification, in which case the checkout/checkin operation may happen implicitly. Version History A "version history" resource is a resource that contains all the versions of a particular versioned resource. Predecessor, Successor When a versioned resource is checked out and then subsequently checked in, the version that was checked out becomes a "predecessor" of the version created by the checkin. A client can specify multiple predecessors for a new version if the new version is logically a merge of those predecessors. The inverse of the predecessor relation is the "successor" relation. Therefore, if X is a predecessor of Y, then Y is a successor of X. Working Copy A "working copy" is a resource at a server-defined URL that can be used to create a new version of a versioned resource. Checkout A "checkout" is an operation on a versioned resource that creates a working copy, or changes the versioned resource to be a working- copy as well ("in-place versioning"). Brown, et al. Expires July 16, 2010 [Page 4] Internet-Draft Version Navigation Link Relations January 2010 Checkin A "checkin" is an operation on a working copy that creates a new version of its corresponding versioned resource. Note: the operations for putting a resource under version control, and for checking in and checking out depend on the protocol in use and are beyond the scope of this document; see [CMIS], [RFC3253] and [JSR-283] for examples. 3. Link Relations The following link relations are defined: 3.1. version-history When included on a versioned resource, this link points to a resource containing the version history for this resource. 3.2. latest-version When included on a versioned resource, this link points to a resource containing the latest (e.g., current) version. The latest version is defined by the system. For linear versioning systems, this is probably the latest version by timestamp. For systems that support branching, there will be multiple latest versions, one for each branch in the version history. Some systems may allow multiple of these link relations. 3.3. working-copy When included on a versioned resource, this link points to a working copy for this resource. Some systems may allow multiple of these link relations. 3.4. working-copy-of When included on a working copy, this link points to the versioned resource from which this working copy was obtained. 3.5. predecessor-version When included on a versioned resource, this link points to a resource containing the predecessor version in the version history. Brown, et al. Expires July 16, 2010 [Page 5] Internet-Draft Version Navigation Link Relations January 2010 Some systems may allow multiple of these link relations in the case of a multiple branches merging. 3.6. successor-version When included on a versioned resource, this link points to a resource containing the successor version in the version history. Some systems may allow multiple of these link relations in order to support branching. 4. IANA Considerations The link relations below are to be registered by IANA per Section 7.1 of [RFC4287]: 4.1. 'version-history' Link Relation Registration Attribute Value: version-history Description: See Section 3.1. Expected display characteristics: Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value. Security considerations: See Section 5. 4.2. 'latest-version' Link Relation Registration Attribute Value: latest-version Description: See Section 3.2. Expected display characteristics: Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value. Security considerations: See Section 5. 4.3. 'working-copy' Link Relation Registration Attribute Value: working-copy Brown, et al. Expires July 16, 2010 [Page 6] Internet-Draft Version Navigation Link Relations January 2010 Description: See Section 3.3. Expected display characteristics: Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value. Security considerations: See Section 5. 4.4. 'working-copy-of' Link Relation Registration Attribute Value: working-copy-of Description: See Section 3.4. Expected display characteristics: Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value. Security considerations: See Section 5. 4.5. 'predecessor-version' Link Relation Registration Attribute Value: predecessor-version Description: See Section 3.5. Expected display characteristics: Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value. Security considerations: See Section 5. 4.6. 'successor-version' Link Relation Registration Attribute Value: successor-version Description: See Section 3.6. Expected display characteristics: Undefined; this relation can be used for background processing or to provide extended functionality without displaying its value. Security considerations: See Section 5. Brown, et al. Expires July 16, 2010 [Page 7] Internet-Draft Version Navigation Link Relations January 2010 5. Security Considerations Automated agents should take care when these relations cross administrative domains (e.g., the URI has a different authority than the current document). Such agents should also take care to detect circular references. Care should be applied when versioned resources are subject to differing access policies. In this case, exposing links may leak information even if the linked resource itself is properly secured. In particular, the syntax of the link URI/IRI could expose sensitive information (see Section 16.2 of [RFC3253] for a similar consideration in WebDAV Versioning). Note that this applies to exposing link metadata in general, not only to links related to versioning. 6. Acknowledgments Thanks to the members of Content Management Interoperability Services (CMIS) Technical Committee (TC) at OASIS for the initial proposal, and to Jan Algermissen for feedback during IETF review. 7. References 7.1. Normative References [RFC4287] Nottingham, M. and R. Sayre, "The Atom Syndication Format", RFC 4287, December 2005. 7.2. Informative References [CMIS] Brown, A., Gur-Esh, E., McVeigh, R., and F. Muller, "Content Management Interoperability Services (CMIS) Version 1.0", OASIS CMIS v1.0 Committee Draft 04, September 2009, . [JSR-283] Day Software, Nuescheler, D., and P. Piegaze, "Content Repository API for Java(tm) Technology Specification", Java Specification Request 283, August 2009, . [RFC3253] Clemm, G., Amsden, J., Ellison, T., Kaler, C., and J. Whitehead, "Versioning Extensions to WebDAV (Web Distributed Authoring and Versioning)", RFC 3253, March 2002. Brown, et al. Expires July 16, 2010 [Page 8] Internet-Draft Version Navigation Link Relations January 2010 [RFC5023] Gregorio, J. and B. de hOra, "The Atom Publishing Protocol", RFC 5023, October 2007. [draft-nottingham-http-link-header] Nottingham, M., "Web Linking", draft-nottingham-http-link-header-06 (work in progress), July 2009. Appendix A. Relationship to Java Content Repository (JCR) and WebDAV The link relations defined in Section 3 correspond to various properties used in WebDAV Versioning [RFC3253] and JCR [JSR-283]: version-history WebDAV: the resource identified by the DAV:version-history property ([RFC3253], Sections 5.2.1 and 5.3.1). JCR: the node identified by jcr:versionHistory property ([JSR-283], Section 3.13.2.4) for versionable nodes, the parent folder for version nodes. latest-version WebDAV: for version-controlled resources, DAV:checked-in ([RFC3253], Section 3.2.1) or DAV:checked-out ([RFC3253], Section 3.3.1), depending on checkin state. For version resources, a successor version that itself does not have any successors. JCR: the version node identified by the jcr:baseVersion property ([JSR-283], Section 3.13.2.5) for versionable nodes; for version nodes, a successor version that itself does not have any successors. working-copy WebDAV: for version-controlled resources that are checked-out in place: the resource itself. For version resources: each resource identified by a member of the DAV:checkout-set property (see [RFC3253], Section 3.4.3). JCR: for checked-out versionable nodes: the node itself. working-copy-of Brown, et al. Expires July 16, 2010 [Page 9] Internet-Draft Version Navigation Link Relations January 2010 WebDAV: the resource identified by the the DAV:checked-out property (see [RFC3253], Section 3.3.1). JCR: for checked-out versionable nodes: the node identified by the jcr:baseVersion property ([JSR-283], Section 3.13.12.5). predecessor-version WebDAV: each resource identified by a member of DAV:predecessor- set ([RFC3253], Sections 3.3.2 and 3.4.1). JCR: each node identified by a member of jcr:predecessors ([JSR-283], Section 3.13.3.3). successor-version WebDAV: each resource identified by a member of DAV:successor-set ([RFC3253], Section 3.4.2). JCR: each node identified by a member of jcr:successors ([JSR-283], Section 3.13.3.4). A.1. Example: Use of Link Relations in HTTP Link Header The "Web Linking" specification ([draft-nottingham-http-link-header]) generalizes Atom link relations, and also re-introduces the HTTP "Link" header as a way to expose link relations in HTTP responses. This will make it possible to expose version links independently from a specific vocabulary, be it the Atom Feed Format ([RFC4287]) or WebDAV properties ([RFC3253]). For instance, a response to an VERSION-CONTROL request ([RFC3253], Section 3.5) could expose newly created version-history and checked-in version as link relations: >> Request: VERSION-CONTROL /docs/test.txt HTTP/1.1 Host: example.net Brown, et al. Expires July 16, 2010 [Page 10] Internet-Draft Version Navigation Link Relations January 2010 >> Response: HTTP/1.1 204 No Content Link: ; rel=latest-version; anchor= Link: ; rel=version-history; anchor= (Note that in this case, the anchor parameter is used, as the response to a VERSION-CONTROL request is not a representation of the resource at the Request-URI) A subsequent HEAD request on that resource could expose the version- history and latest-version relations as well: >> Request: HEAD /docs/test.txt HTTP/1.1 Host: example.net >> Response: HTTP/1.1 200 OK Content-Type: text/plain; charset=UTF-8 Content-Length: 12345 Link: ; rel=latest-version Link: ; rel=version-history After creating more versions, following the latest-version would then expose predecessors of a version: >> Request: HEAD /system/v/84345634/3 HTTP/1.1 Host: example.net >> Response: HTTP/1.1 200 OK Content-Type: text/plain; charset=UTF-8 Content-Length: 12323 Link: ; rel=predecessor-version Brown, et al. Expires July 16, 2010 [Page 11] Internet-Draft Version Navigation Link Relations January 2010 Appendix B. Change Log (to be removed by RFC Editor before publication) B.1. Since draft-brown-link-relations-00 Added Geoff Clemm as author. Renamed link relation "all-versions" to "version-history". Fixed description of "working-resource" relation to state that it appears on a version resource. B.2. Since draft-brown-link-relations-01 Rewrite terminology and link relations using simpler definitions that can reflect versioning approaches different from WebDAV. Add JCR/WebDAV property table. And reference to Web Linking draft (for now informative) and examples showing use of the Link header. B.3. Since draft-brown-link-relations-02 Add and resolve issue "iana". B.4. Since draft-brown-link-relations-03 Fix typo ("working-resource" instead of "working-copy"). Add and resolve issues "checked-out", "cmis" and "working-copy-of". B.5. Since draft-brown-link-relations-04 Close issue "working-copy-of", which was really fixed in -04. B.6. Since draft-brown-link-relations-05 Fix VERSION-CONTROL example to return 204 (there's no response body). Fix country names in contact information. Add and resolve issue "expose-urls". Appendix C. Resolved issues (to be removed by RFC Editor before publication) Issues that were either rejected or resolved in this version of this document. C.1. edit Type: edit Brown, et al. Expires July 16, 2010 [Page 12] Internet-Draft Version Navigation Link Relations January 2010 julian.reschke@greenbytes.de (2009-11-19): Umbrella issue for editorial fixes/enhancements. C.2. expose-urls In Section 5: Type: change ekr@networkresonance.com (2010-01-03): In general this mechanism seems sound but I'm not sure that the security considerations are entirely adequate. This mechanism lets you learn information about other versions of a resource even if you potentially don't have permission to view them directly. Consider a limiting case where each version of the resource had a name that contained the change set for that resource. E.g., http://example.com/versions/filename/_@line_50_+_FOO;@line_60_+_BAR/; In this case, seeing other parts of the version tree leaks information about those versions. I don't think that this is a problem for the draft, but it might be useful to mention that this feature has implications for name construction. Resolution (2010-01-06): Add that consideration. Authors' Addresses Al Brown IBM 3565 Harbor Blvd Costa Mesa, California 92626 USA Email: albertcbrown@us.ibm.com Geoffrey Clemm IBM 20 Maguire Road Lexington, MA 02421 USA Email: geoffrey.clemm@us.ibm.com Brown, et al. Expires July 16, 2010 [Page 13] Internet-Draft Version Navigation Link Relations January 2010 Julian F. Reschke (editor) greenbytes GmbH Hafenweg 16 Muenster, NW 48155 Germany Email: julian.reschke@greenbytes.de URI: http://greenbytes.de/tech/webdav/ Brown, et al. Expires July 16, 2010 [Page 14]