draft-ietf-atompub-protocol-03.txt   draft-ietf-atompub-protocol-04.txt 
Network Working Group J. Gregorio, Ed. Network Working Group J. Gregorio, Ed.
Internet-Draft BitWorking, Inc Internet-Draft BitWorking, Inc
Expires: September 19, 2005 R. Sayre, Ed. Expires: November 10, 2005 R. Sayre, Ed.
Boswijck Memex Consulting May 9, 2005
March 18, 2005
The Atom Publishing Protocol The Atom Publishing Protocol
draft-ietf-atompub-protocol-03.txt draft-ietf-atompub-protocol-04.txt
Status of this Memo Status of this Memo
This document is an Internet-Draft and is subject to all provisions By submitting this Internet-Draft, each author represents that any
of Section 3 of RFC 3667. By submitting this Internet-Draft, each applicable patent or other IPR claims of which he or she is aware
author represents that any applicable patent or other IPR claims of have been or will be disclosed, and any of which he or she becomes
which he or she is aware have been or will be disclosed, and any of aware will be disclosed, in accordance with Section 6 of BCP 79.
which he or she become aware will be disclosed, in accordance with
RFC 3668.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as other groups may also distribute working documents as Internet-
Internet-Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on September 19, 2005. This Internet-Draft will expire on November 10, 2005.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2005). Copyright (C) The Internet Society (2005).
Abstract Abstract
This memo presents a protocol for using XML (Extensible Markup This memo presents a protocol for using XML (Extensible Markup
Language) and HTTP (HyperText Transport Protocol) to edit content. Language) and HTTP (HyperText Transport Protocol) to edit content.
The Atom Publishing Protocol is an application-level protocol for The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources belonging to periodically publishing and editing Web resources belonging to periodically
updated websites. The protocol at its core is the HTTP transport of updated websites. The protocol at its core is the HTTP transport of
Atom-formatted representations. The Atom format is documented in the Atom-formatted representations. The Atom format is documented in the
Atom Syndication Format (draft-ietf-atompub-format-06.txt). Atom Syndication Format (draft-ietf-atompub-format-06.txt).
Editorial Note Editorial Note
To provide feedback on this Internet-Draft, join the atom-syntax To provide feedback on this Internet-Draft, join the atom-protocol
mailing list (http://www.imc.org/atom-syntax/index.html) [1]. mailing list (http://www.imc.org/atom-protocol/index.html) [1].
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1 Notational Conventions . . . . . . . . . . . . . . . . . . 4 2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 4
1.2 Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
2. The Atom Publishing Protocol Model . . . . . . . . . . . . . 4 4. The Atom Publishing Protocol Model . . . . . . . . . . . . . . 6
2.1 Atom Collections . . . . . . . . . . . . . . . . . . . . . 4 4.1 Collections . . . . . . . . . . . . . . . . . . . . . . . 6
2.1.1 Usage . . . . . . . . . . . . . . . . . . . . . . . . 5 4.2 Discovery . . . . . . . . . . . . . . . . . . . . . . . . 6
2.1.2 Client and Server Interaction . . . . . . . . . . . . 5 4.3 Listing . . . . . . . . . . . . . . . . . . . . . . . . . 7
3. Functional Specification . . . . . . . . . . . . . . . . . . 5 4.4 Authoring . . . . . . . . . . . . . . . . . . . . . . . . 7
3.1 Collections . . . . . . . . . . . . . . . . . . . . . . . 6 4.4.1 Create . . . . . . . . . . . . . . . . . . . . . . . . 7
3.1.1 Collection Document . . . . . . . . . . . . . . . . . 6 4.4.2 Read . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.1.2 Elements in a Collection Document . . . . . . . . . . 6 4.4.3 Update . . . . . . . . . . . . . . . . . . . . . . . . 8
3.1.3 Collection Requests . . . . . . . . . . . . . . . . . 7 4.4.4 Delete . . . . . . . . . . . . . . . . . . . . . . . . 8
3.2 Introspection . . . . . . . . . . . . . . . . . . . . . . 8 4.5 Success and Failure . . . . . . . . . . . . . . . . . . . 9
3.2.1 Service Document . . . . . . . . . . . . . . . . . . . 8 5. Collections . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.3 Entry Collection . . . . . . . . . . . . . . . . . . . . . 9 5.1 Collection Documents . . . . . . . . . . . . . . . . . . . 10
3.3.1 Locating . . . . . . . . . . . . . . . . . . . . . . . 10 5.1.1 Element Definitions . . . . . . . . . . . . . . . . . 10
3.4 Simple Resource Collection . . . . . . . . . . . . . . . . 10 5.2 Collection Resource . . . . . . . . . . . . . . . . . . . 12
3.4.1 Locating . . . . . . . . . . . . . . . . . . . . . . . 10 5.2.2 POST . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.4.2 Request . . . . . . . . . . . . . . . . . . . . . . . 10 5.2.3 Usage Scenarios . . . . . . . . . . . . . . . . . . . 15
3.5 Atom Request and Response Body Constraints . . . . . . . . 11 5.2.4 Range: Header . . . . . . . . . . . . . . . . . . . . 16
3.5.1 id . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.2.5 Accept-Ranges: Header . . . . . . . . . . . . . . . . 16
3.5.2 link . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.2.6 Name: Header . . . . . . . . . . . . . . . . . . . . . 17
3.5.3 title . . . . . . . . . . . . . . . . . . . . . . . . 11 6. Entry Collection . . . . . . . . . . . . . . . . . . . . . . . 18
3.5.4 summary . . . . . . . . . . . . . . . . . . . . . . . 11 6.1 Editing Entry Resources . . . . . . . . . . . . . . . . . 18
3.5.5 content . . . . . . . . . . . . . . . . . . . . . . . 12 6.2 Role of Atom Entry Elements During Editing . . . . . . . . 18
3.5.6 issued . . . . . . . . . . . . . . . . . . . . . . . . 12 7. Generic Collection . . . . . . . . . . . . . . . . . . . . . . 20
3.5.7 modified . . . . . . . . . . . . . . . . . . . . . . . 12 7.1 Editing Generic Resources . . . . . . . . . . . . . . . . 20
3.5.8 created . . . . . . . . . . . . . . . . . . . . . . . 12 8. Introspection . . . . . . . . . . . . . . . . . . . . . . . . 21
3.5.9 author . . . . . . . . . . . . . . . . . . . . . . . . 13 8.1 Introspection Document . . . . . . . . . . . . . . . . . . 21
3.5.10 contributor . . . . . . . . . . . . . . . . . . . . 13 8.1.1 Element Definitions . . . . . . . . . . . . . . . . . 21
3.5.11 generator . . . . . . . . . . . . . . . . . . . . . 13 8.2 Introspection Resource . . . . . . . . . . . . . . . . . . 23
3.6 Securing the Atom Protocol . . . . . . . . . . . . . . . . 13 8.2.1 Discovery . . . . . . . . . . . . . . . . . . . . . . 24
3.6.1 [@@TBD@@ CGI Authentication] . . . . . . . . . . . . . 14 9. Securing the Atom Protocol . . . . . . . . . . . . . . . . . . 25
4. Security Considerations . . . . . . . . . . . . . . . . . . 14 10. Security Considerations . . . . . . . . . . . . . . . . . . 26
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . 14 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . 27
6. Appendix A - SOAP Enabling . . . . . . . . . . . . . . . . . 15 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 30
6.1 Servers . . . . . . . . . . . . . . . . . . . . . . . . . 15 12.1 Normative References . . . . . . . . . . . . . . . . . . . 30
6.2 Clients . . . . . . . . . . . . . . . . . . . . . . . . . 15 12.2 Informative References . . . . . . . . . . . . . . . . . . 31
7. Appendix B - Examples . . . . . . . . . . . . . . . . . . . 15 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 32
7.1 Example for a weblog . . . . . . . . . . . . . . . . . . . 15 A. Revision History . . . . . . . . . . . . . . . . . . . . . . . 33
7.2 Example for a wiki . . . . . . . . . . . . . . . . . . . . 15 Intellectual Property and Copyright Statements . . . . . . . . 35
8. Revision History . . . . . . . . . . . . . . . . . . . . . . 15
9. Normative References . . . . . . . . . . . . . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 18
Intellectual Property and Copyright Statements . . . . . . . 19
1. Introduction 1. Introduction
The Atom Publishing Protocol is an application-level protocol for The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources using HTTP [RFC2616] and XML. publishing and editing Web resources using HTTP [RFC2616] and XML 1.0
[W3C.REC-xml-20040204].
1.1 Notational Conventions 2. Notational Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
1.2 Terminology 3. Terminology
Atom Entry: An Atom Entry is a fragment of a full Atom feed. In this URI/IRI - A Uniform Resource Identifier and Internationalized
case, the fragment is a single 'entry' element and all its child Resource Identifier, respectively. These terms (and the distinction
elements. Each Atom Entry describes a single Web resource, between them) are defined in [RFC3986] and [RFC3987].
providing metadata and optionally a textual representation of that
resource.
2. The Atom Publishing Protocol Model Resource - an item identified by a URI [W3C.REC-webarch-20041215].
Collection Resource - A resource that contains a listing of Member
Resources and meets the requirements in Section 5 of this
specification.
Member Resource - A resource whose URI is listed by a Collection
Resource.
4. The Atom Publishing Protocol Model
The Atom Publishing Protocol operates on collections of Web
resources. All collections support the same basic interactions, as
do the resources within the collections. The patterns of interaction
are based on the common HTTP verbs.
The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources. The primary way of interaction
in the Atom Publishing Protocol is by managing collection of
resources. All collections support the same basic methods of
interaction. In addition, the resources belonging to collections
also share the same interaction patterns. Using the common HTTP
verbs provides a pattern for working with all such Web resources:
o GET is used to retrieve a representation of a resource or perform o GET is used to retrieve a representation of a resource or perform
a read-only query. a read-only query.
o POST is used to create a new, dynamically-named resource.
o PUT is used to update a known resource. o PUT is used to update a known resource.
o POST is used to create a new dynamically-named resource.
o DELETE is used to remove a resource. o DELETE is used to remove a resource.
2.1 Atom Collections 4.1 Collections
An Atom collection is a set of items all of the same type ("members" The APP groups resources into "Collections", which are analogous to
of the collection), where the "type" may be, for example: Atom entry, the "folders" or "directories" found in many file systems.
category, template, "simple resource", or any other classification of
web resource.
Each collection has a URI which is given in the introspection file. 4.2 Discovery
A GET on the collection URI MUST produce a collection document as
defined in "3.X.1 Collection Document." That document describes PART
OF the state of the collection.
All the members of a collection have an "updated" property, and the To discover the location of the collections exposed by an APP
collection is considered to be ordered by this property. A single service, the client must locate and request an Introspection Document
collection document may not contain all of the members of a (Section 8).
collection. If a collection document is the response of a
non-partial GET request, and does not contain all of the members of a
collection, then it will contain the URI of the next collection
document which will contain more of the collection members. By
traversing this list of collection documents a client can obtain all
of the members of a collection. The 'next' attribute will not be
present in the response to a partial GET request.
2.1.1 Usage Client Server
| |
| 1.) GET Introspection |
|------------------------------->|
| |
| 2.) Introspection Doc |
|<-------------------------------|
| |
Below two usages are outlined for Atom Collections. They are here to 1. The client sends a GET request to the Service Description
highlight common idioms for interacting with a Collection Resource Resource.
and not a normative interaction pattern.
The Atom Collection can be used by clients in two ways. In the first 2. The server responds with an Introspection Document containing the
case the client has attached to a site for the first time and is locations of collections provided by the service. The content of
doing an initial syncronization, that is, retrieving a list of all this document can vary based on aspects of the client request,
the members of the collections and possibly retrieving all the including, but not limited to, authentication credentials.
members of the collection also. The client can perform a non-partial
GET on the collection resource and it will receive a collection
document that either contains all the member of the collection, or
the collection document root element 'collection' will contain a
'next' attribute pointing to the next collection document. By
repeatedly following the 'next' attribute from document to document
the client can find all the members of the collection.
In the second case the client has already done an initial sync, and 4.3 Listing
now needs to re-sync, because the client was just restarted, or some
time has passed since a re-sync, etc. The client does a partial GET
on the collection document, supplying a Range header that begins from
the last time the client sync'd to the current time. The collection
document returned will contain only those members of the collection
that have changed since the last time the client syncronized.
2.1.2 Client and Server Interaction Once the client has discovered the location of a collection, it can
request a listing of the collection's membership. However,
collections might be extremely large, so servers are likely to list a
small subset of the collection by default.
[[anchor5: ...]] Client Server
| |
| 1.) GET to Collection URI |
|------------------------------->|
| |
| 2.) 200 OK, Atom Feed Doc |
|<-------------------------------|
| |
This document does not specify the form of the URIs that are used. 1. The client sends a GET request to the Collection's URI.
The URI space of each server is controlled, as defined by HTTP, by
the server alone. What this document does specify are the formats of
the files that are exchanged and the actions that can be performed on
the URIs embedded in those files.
3. Functional Specification 2. The server responds with an Atom Feed Document containing a full
or partial listing of the collection's membership.
3.1 Collections 4.4 Authoring
3.1.1 Collection Document After locating a collection, a client can add entries by sending a
request to the collection; other changes are accomplished by sending
HTTP requests to its member resources.
A collection document is rooted by a <collection> element. A 4.4.1 Create
collection element may have any number of <member> elements as
children; each such element identifies a member of the collection.
In some situations, a collection document may not contain every
member of the collection itself.
Whether complete or partial, the members in a collection document Client Server
MUST constitute a consecutive sequence of the collection's members, | |
ordered by their "updated" properties. That is, a collection | 1.) POST to Collection URI |
document MUST contain a contiguous subset of the members of the |------------------------------->|
collection ordered by their 'updated' property. | |
| 2.) 201 Created @ Location |
|<-------------------------------|
| |
3.1.2 Elements in a Collection Document 1. The client sends a representation of a member to the server via
HTTP POST. The Request URI is that of the Collection.
A collection document MAY contain zero or more 'member' elements. 2. The server responds with a response of "201 Created" and a
"Location" header containing the URI of the newly-created
resource.
Each 'member' element MUST include an 'href' attribute identifying a 4.4.2 Read
URL of the member resource. The 'href' URI of a member resource is
an "EditURI" under the terms of section 2, and MUST respond to the
same HTTP methods as such an EditURI.
Each 'member' element MAY include an "hrefreadonly" attribute. This Client Server
optional attribute identifies a URI which, on a GET request, responds | |
equivalently to how the "href" URI would respond to the same request. | 1.) GET or HEAD to Member URI |
Clients SHOULD NOT apply to this URI any HTTP methods that would be |------------------------------->|
expected to modify the state of the resource (e.g. PUT, POST or | |
DELETE). A PUT or POST request to this URI MAY NOT affect the | 2.) 200 OK |
underlying resource. If the "hrefreadonly" attribute is not given, |<-------------------------------|
its value defaults to the "href" value. If the "hrefreadonly" | |
1. The client sends a GET (or HEAD) request to the member's URI.
2. The server responds with an appropriate representation.
4.4.3 Update
Client Server
| |
| 1.) PUT to Member URI |
|------------------------------->|
| |
| 2.) 200 OK |
|<-------------------------------|
1. The client PUTs an updated representation to the member's URI.
2. The server responds with a representation of the member's new
state.
4.4.4 Delete
Client Server
| |
| 1.) DELETE to Member URI |
|------------------------------->|
| |
| 2.) 204 No Content |
|<-------------------------------|
| |
1. The client sends a DELETE request to the member's URI.
2. The server responds with successful status code.
4.5 Success and Failure
HTTP defines classes of response. HTTP status codes of the form 2xx
signal that a request was successful. HTTP status codes of the form
4xx or 5xx signal that an error has occurred, and the request has
failed. Consult the HTTP specification for more detailed definitions
of each status code.
5. Collections
An Atom Collection is a set of related resources. All members of a
collection have an "updated" property, and the collection is
considered to be ordered by this property.
5.1 Collection Documents
An example Collection Document.
<?xml version="1.0" encoding='utf-8'?>
<collection xmlns="http://purl.org/atom/app#">
<member href="http://example.org/1"
hrefreadonly="http://example.com/1/bar"
title="Sample 1"
updated="2003-12-13T18:30:02Z" />
<member href="http://example.org/2"
hrefreadonly="http://example.com/2/bar"
title="Sample 2"
updated="2003-12-13T18:30:02Z" />
<member href="http://example.org/3"
hrefreadonly="http://example.com/3/bar"
title="Sample 3"
updated="2003-12-13T18:30:02Z" />
<member href="http://example.org/4"
title="Sample 4"
updated="2003-12-13T18:30:02Z" />
</collection>
Atom Collection Documents have the media-type 'application/
atomcoll+xml', see Section 11.
5.1.1 Element Definitions
5.1.1.1 The 'app:collection' Element
The 'app:collection' element represents an Atom Collection. A
collection document does not necessarily list every member of the
collection.
appCollection element app:collection {
attribute next { text } ?,
appMember*
}
o 'app:collection' elements MAY contain any number of 'app:member'
elements.
o 'app:collection' elements MAY contain a 'next' attribute which
identifies a collection document containing member elements
updated earlier in time.
The members listed in a collection document MUST constitute a
consecutive sequence of the collection's members, ordered by their
"updated" properties. That is, a collection document MUST contain a
contiguous subset of the members of the collection ordered by their
'updated' property.
5.1.1.2 The 'app:member' Element
The 'app:member' represents a single member resource.
appMember element app:member {
attribute title { text },
attribute href { text },
attribute hrefreadonly { text } ?,
attribute updated { text }
}
o 'app:member' elements MUST include an 'href' attribute, whose
value conveys the URI used to edit the member source
o 'app:member' elements MAY include an "hrefreadonly
(Section 5.1.1.3)" attribute.
o 'app:member' elements MUST include a 'title' attribute, whose
value is a human-readable name or description for the item.
o 'app:member' elements MUST include an 'updated' attribute, whose
value is the 'updated' property of the collection member. Its
format MUST conform to the date-time production in [RFC3339].
5.1.1.3 The 'hrefreadonly' Attribute
This optional attribute identifies a URI which, on a GET request,
responds equivalently to how the "href" URI would respond to the same
request. Clients SHOULD NOT apply to this URI any HTTP methods that
would be expected to modify the state of the resource (e.g. PUT,
POST or DELETE). A PUT or POST request to this URI MAY NOT affect
the underlying resource. If the "hrefreadonly" attribute is not
given, its value defaults to the "href" value. If the "hrefreadonly"
attribute is present, and its value is an empty string, then there is attribute is present, and its value is an empty string, then there is
no URI that can be treated in the way such a value would be treated. no URI that can be treated in the way such a value would be treated.
Clients SHOULD use the "href" value to manipulate the resource within Clients SHOULD use the "href" value to manipulate the resource within
the context of the APP itself. Clients SHOULD prefer the the context of the APP itself. Clients SHOULD prefer the
"hrefreadonly" value in any other context. For example, if the "hrefreadonly" value in any other context. For example, if the
resource is an image, a client may replace the image data using a PUT resource is an image, a client may replace the image data using a PUT
on the "href" value, and may even display a preview of the image by on the "href" value, and may even display a preview of the image by
fetching the "href" URI. But when creating a public, read-only fetching the "href" URI. But when creating a public, read-only
reference to the same image resource, the client should use the reference to the same image resource, the client should use the
"hrefreadonly" value. If the "hrefreadonly" value is an empty "hrefreadonly" value. If the "hrefreadonly" value is an empty
string, the client SHOULD NOT make public reference to the "href" string, the client SHOULD NOT make public reference to the "href"
value. value.
Each 'member' element MUST include a 'title' attribute, whose value [[anchor10: Define extensibility for Collection Documents.]]
is a human-readable name or description for the item. The values of
'title' attributes are not required to be unique across all members
of a collection.
Each 'member' element MUST include an 'updated' attribute, whose 5.2 Collection Resource
value is the 'updated' property of the collection member whose format
MUST conform to the date-time BNF rule in [RFC3339].
3.1.3 Collection Requests This specification defines two HTTP methods for use with collection
resources: GET and POST.
3.1.3.1 Range: Header 5.2.1 GET
Collections can contain extremely large numbers of resources. A
naive client such as a web spider or web browser would be overwhelmed
if the response to a GET reflected the full membership of the
collection, and the server would waste large amounts of bandwidth and
processing time on clients unable to handle the response. As a
result, responses to a simple GET request represent a server-
determined subset of the collection's membership.
In addition, the client MAY send a 'Range' header with a range type
of 'udpated', indicating the subset of the collection to be returned.
The 'Range' header is described in Section 5.2.4.
This specification defines two serializations for Atom Collections.
Servers MUST provide both, but MAY also provide additional
serializations.
1. Atom Collection Documents (application/atomcoll+xml),
Section 5.1.
2. Atom Collection Documents wrapped by a SOAP envelope
(application/soap+xml), .
Clients use the HTTP 'Accept' request header to indicate their
preference.
Example Request, with Accept header
GET /collection HTTP/1.1
Host: example.org
User-Agent: Agent/1.0
Accept: application/atomcoll+xml
Here, the server could return any subset of the collection as an Atom
Collection Document.
Example Response, Atom Collection Document
HTTP/1.1 200 OK
Date: Fri, 25 Mar 2005 17:15:33 GMT
Last-Modified: Mon, 04 Oct 2004 18:31:45 GMT
ETag: "2b3f6-a4-5b572640"
Accept-Ranges: updated
Content-Length: nnnn
Content-Type: application/atomcoll+xml; charset="utf-8"
<?xml version="1.0" encoding="utf-8"?>
<collection xmlns="http://purl.org/atom/app#">
...
<member href="http://example.org/1"
hrefreadonly="http://example.com/1/bar"
title="Example 1"
updated="2003-12-13T18:30:02Z" />
...
</collection>
Example Request, with SOAP Accept header
GET /collection HTTP/1.1
Host: example.org
User-Agent: Cosimo/1.0
Accept: application/soap+xml
Here, the server could return any subset of the collection as an Atom
Feed Document wrapped by a SOAP envelope.
Example Response, Atom Feed Document wrapped by a SOAP envelope
HTTP/1.1 200 OK
Date: Fri, 25 Mar 2005 17:15:33 GMT
Last-Modified: Mon, 04 Oct 2004 18:31:45 GMT
ETag: "2b3f6-a4-5b572640-89"
Accept-Ranges: bytes
Content-Length: nnnn
Content-Type: application/soap+xml; charset="utf-8"
<?xml version="1.0" encoding="utf-8"?>
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header />
<env:Body>
<collection xmlns="http://purl.org/atom/app#">
...
<member href="http://example.org/1"
hrefreadonly="http://example.com/1/bar"
title="Example 1"
updated="2003-12-13T18:30:02Z" />
...
</collection>
</env:Body>
</env:Envelope>
5.2.2 POST
In addition to GET, a Collection Resource also accepts POST requests.
The client POSTs a representation of the desired resource to the
Collection Resource. Note that some collections only allow members
of a specific media-type and a POST MAY generate a response with a
status code of 415 ("Unsupported Media Type").
In the case of a successful creation, the status code MUST be 201
("Created").
Example Request, Create a resource in a collection.
POST /collection HTTP/1.1
Host: example.org
User-Agent: Cosimo/1.0
Accept: application/atomcoll+xml
Content-Type: image/png
Content-Length: nnnn
Name: trip-to-beach.png
...binary data...
Here, the client is adding a new image resource to a collection. The
Name: header indicates the client's desired name for the resource,
see Section 5.2.6.
Example Response, resource created successfully.
HTTP/1.1 201 Created
Date: Fri, 25 Mar 2005 17:17:11 GMT
Content-Length: nnnn
Content-Type: application/atomcoll+xml; charset="utf-8"
Location: http://example.org/images/trip-to-the-beach-01.png
<?xml version="1.0" encoding="UTF-8"?>
<collection xmlns="http://purl.org/atom/app#">
<member href="http://example.org/images/trip-to-beach.png"
hrefreadonly="http://example.com/ed/im/trip-01.png"
title="trip-to-beach.png"
updated="2005-03-25T17:17:09Z" />
</collection>
5.2.3 Usage Scenarios
These scenarios illustrate common idioms for interactin with
Collections.
The Atom Collection can be used by clients in two ways. In the first
case the client encounters a Collection for the first time and is
doing an initial syncronization, that is, retrieving a list of all
the members of the collections and possibly retrieving all the
members of the collection also. The client can perform a non-partial
GET on the collection resource and it will receive a collection
document that either contains all the members of the collection, or
the collection document root element 'collection' will contain a
'next' attribute pointing to the next collection document. By
repeatedly following the 'next' attribute from document to document
the client can find all the members of the collection.
In the second case the client has already done an initial sync, and
now needs to re-sync, because the client was just restarted, or some
time has passed since a re-sync, etc. The client does a partial GET
on the collection document, supplying a Range header that begins from
the last time the client sync'd to the current time. The collection
document returned will contain only those members of the collection
that have changed since the last time the client syncronized.
5.2.4 Range: Header
HTTP/1.1 allows a client to request that only part (a range of) the HTTP/1.1 allows a client to request that only part (a range of) the
collection to be included within the response. HTTP/1.1 uses range collection to be included within the response. HTTP/1.1 uses range
units in the Range header field. A collection can be broken down units in the Range header field. A collection can be broken down
into subranges according to the members 'updated' property. If a into subranges according to the members 'updated' property. If a
Range: header is present in the request, its value explictly Range: header is present in the request, its value explictly
identifies the a time interval interval in which all the members identifies the a time interval interval in which all the members
'updated' property must fall to be included in the response. 'updated' property must fall to be included in the response.
Range = "Range" ":" ranges-specifier Range = "Range" ":" ranges-specifier
skipping to change at page 7, line 37 skipping to change at page 16, line 37
separated by a slash character; either date may be optionally separated by a slash character; either date may be optionally
omitted, in which case the range is understood as stretching to omitted, in which case the range is understood as stretching to
infinity on that end. infinity on that end.
ranges-specifier = updated-ranges-specifier ranges-specifier = updated-ranges-specifier
updated-ranges-specifier = updated-unit "=" updated-range updated-ranges-specifier = updated-unit "=" updated-range
updated-unit = "updated" updated-unit = "updated"
updated-range = [iso-date] "/" [iso-date] updated-range = [iso-date] "/" [iso-date]
The response to a collection request MUST be a collection document, The response to a collection request MUST be a collection document,
all of whose 'member' elements fall within the requested range. If all of whose 'member' elements fall within the requested range. The
no members fall in the requested range, the server MUST respond with request range is considered a closed set, that is, if a 'member'
a collection document containing no 'member' elements. element matches one end of the range exactly it MUST be included in
the response. If no members fall in the requested range, the server
MUST respond with a collection document containing no 'member'
elements.
3.1.3.2 Accept-Ranges: Header The inclusion of the Range: header in a request changes the request
to a "partial GET" [RFC2616].
The response to a non-partial GET request MUST include an 5.2.5 Accept-Ranges: Header
Accept-Ranges header that indicates that the server accepts 'updated'
range requests. The response to a non-partial GET request MUST include an Accept-
Ranges header that indicates that the server accepts 'updated' range
requests.
Accept-Ranges = "Accept-Ranges" ":" acceptable-ranges Accept-Ranges = "Accept-Ranges" ":" acceptable-ranges
acceptable-ranges = updated-unit ( 1#range-unit ) acceptable-ranges = updated-unit ( 1#range-unit )
3.2 Introspection 5.2.6 Name: Header
There are many different kinds of resources that can be managed [[anchor13: this is new...]]
through the APP, for example, entries, templates, users, etc. The
Service Document is a single document that lists all the facets of
the APP that a site supports and also contains the URIs of all those
resources.
3.2.1 Service Document The POST to a Collection Resource MAY contain a Name: header that
indicates the clients suggested name for the resource. The server
MAY ignore the Name: header or modify the requested name to suit
local conventions.
The Service Document lists the resources that each site makes Name = "Name" ":" relative-part
available. The Service Resource returns an Service Document in
response to a GET request. Here is an example of an Service
Document.
<?xml version="1.0" encoding='utf-8'?> The relative-part production is defined in [RFC3986].
<service version="0.3" xmlns="http://purl.org/atom/ns#">
<workspace title="Main Site" >
<collection rel="entries" name="Entries"
href="http://example.org/reilly/feed" />
<collection rel="categories" name="Categories"
href="http://example.org/reilly/cat" />
<collection rel="templates" name="Templates"
href="http://example.org/reilly/tmpl" />
<collection rel="users" name="Users"
href="http://example.org/reilly/users" />
<collection rel="resource" name="Pictures"
href="http://example.org/reilly/pic" />
</workspace>
<workspace title="b-links">
<collection rel="entries" name="Entries"
href="http://example.org/reilly/feed" />
<collection rel="http://example.net/booklist" name="Books"
href="http://example.org/reilly/books" />
</workspace>
</service>
o entries 6. Entry Collection
o resource
o categories
o templates
o users
The default for the rel attribute is 'resource'. Extensibility for
'rel' values is handled in the same manner as PaceFieldingLinks.
Each 'collection' element in 'workspace' represents a single facet of
the APP. While a site must fully support each facet they list in
their Service Document, a site does not need to support all the
facets in this RFC. Additionally, new facets may be added either
through vendor extension or follow-on RFCs.
3.2.1.1 Service Documet Elements Entry Collections are Collections that restrict their membership to
Atom entries. This specification defines two serializations for Atom
entries. Servers MUST provide both serializations.
The "service" element is the document element of a Service Document, 1. Atom Entry Documents (application/atom+xml), [AtomFormat].
acting as a container for service data associated with possibly
multiple workspaces. Its only child elements MUST be one or more
'workspace' elements. The 'service' element MUST have a single
attribute 'version' whose content indicates the version of the Atom
specification that the document conforms to. The content of this
attribute is unstructured text. The version identifier for this
specification is "1.0".
The 'workspace' element element contains information elements about 2. Atom Entry Documents wrapped by a SOAP envelope (application/
the collections of resources available for editing. The only soap+xml), .
children of 'workspace' MUST be one or more "collection" elements.
The 'workspace' element MUST have a single attribute 'title' whose
content MUST NOT be empty and which is a human-readable name for the
workspace.
The 'collection' element describes various typed groups of resources Clients use the HTTP 'Accept' request header to indicate their
available for editing or adding to. preference [RFC2616]. If no 'Accept' header is present in the
request, the server is free to choose any serialization. When an
HTTP request contains a body, clients MUST include a 'Content-Type'
header, and servers MUST accept both application/atom+xml and
application/soap+xml message bodies.
3.3 Entry Collection 6.1 Editing Entry Resources
Entries are managed through collections and as such entry collection Atom entries are edited by sending HTTP requests to an individual
and entries that are members of a collection must support all the entry's URI. Servers can determine the processing necessary to
operations enumerated above. interpret a request by examining the request's HTTP method and
'Content-Type' header.
An Edit Resource is used to edit a single entry. Each entry that is If the request method is POST and the 'Content-Type' is application/
editable MUST have a unique URI. This URI supports both GET and PUT soap+xml, the SOAP document MUST contain a Web-Method property .
and they are used in tandem for an editing cycle. The client GETs This specifcation defines two values for that property, PUT and
the representation which is formatted as an Atom entry. The client DELETE.
may then update the entry and then PUT it back to the same URI. The
PUT will cause all the related resources to be updated, for example,
the HTML representation.
Note that the value of the content element in the Atom entry does not Processing Client Requests
have to exactly match the content element for the same entry when it
is represented in an Atom feed. For example, a server may allow the
client to post entries whose content is formatted as WikiML, yet the
server may clean up such markup and transform it into well-formed
XHTML before placing it in the publicly available Atom feed. Another
scenario is summaries--the EditURI is for editing the full content of
an entry, but the server may only present excerpts when it produces
an Atom feed.
A client will send a DELETE to the EditURI to delete an entry. +----------------------------------+------+--------+--------+--------+
| | GET | PUT | DELETE | POST |
+----------------------------------+------+--------+--------+--------+
| No Body | Read | x | Delete | x |
| | | | | |
| Atom Body | x | Update | x | x |
| | | | | |
| SOAP Body with Web-Method PUT | x | x | x | Update |
| | | | | |
| SOAP Body with Web-Method DELETE | x | x | x | Delete |
+----------------------------------+------+--------+--------+--------+
3.3.1 Locating 6.2 Role of Atom Entry Elements During Editing
For editing a site Entry, the link tag is used. Note that a link tag The elements of an Atom Entry Document are either a 'Writable
is used in both HTML and in the Atom format. A link tag of the Element' or a 'Round Trip Element'.
following format points to the EditURI for a site. In HTML, the link
tags for editing are always found in the head element, while in Atom
they may appear as children of the entry elements.
<link rel="service.edit" Writable Element - An element of an Atom Entry whose value is
type="application/atom+xml" editable by the client and not enforced by the server.
href="URI for Editing goes here"
title="Readable desc of the entry." />
Note: The critical characteristic of this link tag is the @rel of Round Trip Element - An element of an Atom Entry whose value is
'service.edit' and the @type of 'application/atom+xml'. enforced by the server and not editable by the client.
3.4 Simple Resource Collection That categorization will determine the elements' disposition during
editing.
Simple Resources are managed through collections and as such simple +--------------------+------------+
reource collections and simple resources that are members of the | Atom Entry Element | Property |
collection must support all the operations enumerated above. Simple +--------------------+------------+
Resources can be images, templates, and any other non-entry | atom:author | Writable |
resources. | | |
| atom:category | Writable |
| | |
| atom:content | Writable |
| | |
| atom:contributor | Writable |
| | |
| atom:id | Round Trip |
| | |
| atom:link | Writable |
| | |
| atom:published | Writable |
| | |
| atom:source | Writable |
| | |
| atom:summary | Writable |
| | |
| atom:title | Writable |
| | |
| atom:updated | Round Trip |
+--------------------+------------+
3.4.1 Locating Table 2
For creating a new non-entry resource, the link tag is used. Note 7. Generic Collection
that a link tag is used in both HTML and in the Atom format. A link
tag of the following format points to the ResourcePostURI for a site.
In HTML the link tags are always found in the head element, while in
Atom they may appear as children of the Feed and entry elements.
<link rel="resource.post" href="URI for Resource Posting goes here" Generic Collections are Collections that do not have uniform
title="The name of the site."> restrictions on the representations of the member resources.
3.4.2 Request 7.1 Editing Generic Resources
The request contains a resource, sent through a standard HTTP POST, Member resources are edited by sending HTTP requests to an individual
e.g.: resource's URI. Servers can determine the processing necessary to
interpret a request by examining the request's HTTP method and
'Content-Type' header.
POST /_do/exampleblog/post_resource HTTP/1.1 Processing Client Requests
Host: www.example.com
Content-Type: image/jpeg
Content-Length: nnn
...raw bytes of image go here... +----------+------+--------+--------+------+
| | GET | PUT | DELETE | POST |
+----------+------+--------+--------+------+
| No Body | Read | x | Delete | x |
| | | | | |
| Any Body | x | Update | x | x |
+----------+------+--------+--------+------+
3.5 Atom Request and Response Body Constraints 8. Introspection
The Atom format is used as the representation of all the resources in In order for authoring to commence, a client must first discover the
this specification. As it is used in differing contexts, there are capabilities and locations of collections offered.
different constraints of which elements may be present, and how their
values should be interpreted.
3.5.1 id 8.1 Introspection Document
PostURI MUST NOT be present. The Introspection Document describes "workspaces", which are server-
FeedURI MUST be present. defined groupings of collections. There is no requirement that
EditURI servers support multiple workspaces, and a collection may appear in
GET MUST be present. more than one workspace.
PUT MUST be present.
3.5.2 link The Introspection Document has the media-type 'application/
atomserv+xml', see Section 11
PostURI MAY be present. Servers MAY use the information to determine <?xml version="1.0" encoding='utf-8'?>
the URI of the created resource. Relative URLs are to be <service xmlns="http://purl.org/atom/app#">
interpreted relative to xml:base. <workspace title="Main Site" >
FeedURI MUST be present. <collection contents="entries" title="My Blog Entries"
EditURI href="http://example.org/reilly/feed" />
GET MUST be present. <collection contents="generic" title="Documents"
PUT MUST be present. href="http://example.org/reilly/pic" />
</workspace>
<workspace title="Side Bar Blog">
<collection contents="entries" title="Entries"
href="http://example.org/reilly/feed" />
<collection contents="http://example.net/booklist" title="Books"
href="http://example.org/reilly/books" />
</workspace>
</service>
3.5.3 title 8.1.1 Element Definitions
PostURI MUST be present. The element may be empty, to explicitly 8.1.1.1 The 'app:service' Element
indicate "no title". Servers SHOULD NOT try to generate a title
if one is not provided. The type attribute MAY be present, and if
not it defaults to "text/plain". If present, it MUST represent a
MIME type that the server supports. The mode attribute MAY be
present. If not present, it defaults to "xml". If present, it
MUST be "xml", "base64", or "escaped".
FeedURI MUST be present.
EditURI
GET MUST be present.
PUT MUST be present. The element may be empty, to explicitly
indicate "no title". Servers SHOULD NOT try to generate a
title if one is not provided.
3.5.4 summary The "service" element is the document element of a Service Document,
acting as a container for service data associated with one or more
workspaces.
PostURI MAY be present. If not present, the server is welcome to appService element app:service {
produce its own summary. If present but empty, the server SHOULD ( appWorkspace*
NOT generate a summary of its own. The type attribute MAY be & anyElement* )
present. If not, it defaults to "text/plain". If present, it }
must represent a MIME type that the server supports. The mode
attribute MAY be present and defaults to "xml". If present, it
must be "xml","base64", or "escaped".
FeedURI MAY be present.
EditURI
GET MAY be present.
PUT MAY be present. The element may be empty, to explicitly
indicate "no summary". Servers SHOULD NOT try to generate a
title if one is not provided.
3.5.5 content The following child elements are defined by this specification:
PostURI MAY be present but may be empty, to explicitly indicate "no o app:service elements MAY contain any number of app:workspace
content". The type attribute MAY be present, but defaults to elements.
"text/plain" if not present. It must represent a MIME type that
the server supports. The MODE attribute may be present and
defaults to "xml" if not present. It must be "xml","base64", or
"escaped".
FeedURI MAY be present.
EditURI
GET MAY be present.
PUT MAY be present. The element may be empty, to explicitly
indicate "no content".
3.5.6 issued 8.1.1.2 The 'app:workspace' Element
PostURI MUST be present, but may be empty, in which case it signifies The 'workspace' element element contains information elements about
"now" in the time zone of the server. the collections of resources available for editing.
FeedURI MUST be present.
EditURI
GET MUST be present.
PUT MUST be present. Server policy determines if an updated time
is accepted.
3.5.7 modified appWorkspace element app:workspace {
attribute title { text },
( appCollection*
& anyElement* )
}
PostURI MUST NOT be present. The following attributes and child elements are defined by this
FeedURI MAY be present. specification:
EditURI
GET MAY be present.
PUT MAY be present. The element may be empty, to explicitly
indicate that 'now' on the server time is to be used.
3.5.8 created o app:workspace elements MUST contain a 'title' attribute, which
conveys a human-readable name for the workspace
PostURI MAY be present. o app:workspace elements MAY contain any number of app:collection
elements.
FeedURI MAY be present. 8.1.1.3 The 'app:collection' Element
EditURI
GET MAY be present.
PUT MAY be present. The server may or may not accept an updated
value. If the server does not allow updating the issued time
then any PUT request with a different issued value MUST be
rejected.
3.5.9 author The 'app:collection' element describes collections and their member
resources.
PostURI MAY be present. If not present, the server determines the [[anchor19: We have a collection element that's different than the
author. If present, and conflicting with valid values as root element of the collection document. Messy. --R. Sayre]]
determined by the server, then the server may change the value of
author.
FeedURI MAY be present.
EditURI
GET MAY be present.
PUT MAY be present.
3.5.10 contributor appCollection element app:collection {
attribute title { text },
attribute contents { text },
attribute href { text },
anyElement*
}
PostURI MAY be present. The following attributes are defined by this specification:
FeedURI MAY be present.
EditURI
GET MAY be present.
PUT MAY be present.
3.5.11 generator o app:collection elements MUST contain a 'title' attribute, whose
value conveys a human-readable name for the workspace
PostURI MUST be present and contain a URI. The value of the element o app:collection elements MAY contain a 'contents' attribute
indicates the code base used to create this request. MUST also (Section 8.1.1.3.1). If it is not present, it's value is
have an attribute 'version' with a version number. considered to be 'generic'.
FeedURI MUST NOT be present.
EditURI
GET MUST NOT be present.
PUT MUST NOT be present.
3.6 Securing the Atom Protocol o app:collection elements MUST contain an 'href' attribute, whose
value conveys the URI of the collection.
8.1.1.3.1 The 'contents' Attribute
The 'contents' attribute conveys the nature of a collection's member
resources. This specification defines two initial values for the
'contents' attribute:
o entry
o generic
Extensibility for 'content' values is handled [[anchor20: Same as
atom:link]].
8.1.1.3.1.1 entry
A value of 'entry' for the contents attribute indicates that the
Collection is an Entry Collection (Section 6).
8.1.1.3.1.2 generic
A value of 'generic' for the contents attribute indicates that the
Collection is a Generic Collection (Section 7).
8.2 Introspection Resource
To retrieve an Introspection Document, the client sends a GET request
to its URI.
GET /service-desc HTTP/1.1
Host: example.org
User-Agent: Cosimo/1.0
Accept: application/atomserv+xml
The server responds to a GET request by returning an Introspection
Document in the message body.
HTTP/1.1 200 OK
Date: Mon, 21 Mar 2005 19:20:19 GMT
Server: CountBasic/2.0
Last-Modified: Mon, 21 Mar 2005 19:17:26 GMT
ETag: "4c083-268-423f1dc6"
Content-Length: nnnn
Content-Type: application/atomserv+xml
<?xml version="1.0" encoding='utf-8'?>
<service xmlns="http://purl.org/atom/app#">
...
</service>
8.2.1 Discovery
[[anchor24: Add in desc of an HTML link element that points to the
Introspection Resource, or add it to the autodisco draft]]
9. Securing the Atom Protocol
All instances of publishing Atom entries SHOULD be protected by All instances of publishing Atom entries SHOULD be protected by
authentication to prevent posting or editing by unknown sources. authentication to prevent posting or editing by unknown sources.
Atom servers and clients MUST support one of the following Atom servers and clients MUST support one of the following
authentication mechanisms, and SHOULD support both. authentication mechanisms, and SHOULD support both.
o HTTP Digest Authentication [RFC2617] o HTTP Digest Authentication [RFC2617]
o [@@TBD@@ CGI Authentication ref] o [@@TBD@@ CGI Authentication ref]
Atom servers and clients MAY support encryption of the Atom session Atom servers and clients MAY support encryption of the Atom session
using TLS [RFC2246]. using TLS [RFC2246].
There are cases where an authentication mechanism may not be There are cases where an authentication mechanism may not be
required, such as a publicly editable Wiki, or when using the PostURI required, such as a publicly editable Wiki, or when using the PostURI
to post comments to a site that does not require authentication to to post comments to a site that does not require authentication to
create comments. create comments.
skipping to change at page 14, line 11 skipping to change at page 25, line 24
o [@@TBD@@ CGI Authentication ref] o [@@TBD@@ CGI Authentication ref]
Atom servers and clients MAY support encryption of the Atom session Atom servers and clients MAY support encryption of the Atom session
using TLS [RFC2246]. using TLS [RFC2246].
There are cases where an authentication mechanism may not be There are cases where an authentication mechanism may not be
required, such as a publicly editable Wiki, or when using the PostURI required, such as a publicly editable Wiki, or when using the PostURI
to post comments to a site that does not require authentication to to post comments to a site that does not require authentication to
create comments. create comments.
3.6.1 [@@TBD@@ CGI Authentication] 9.1 [@@TBD@@ CGI Authentication]
This authentication method is included as part of the protocol to This authentication method is included as part of the protocol to
allow Atom servers and clients that cannot use HTTP Digest allow Atom servers and clients that cannot use HTTP Digest
Authentication but where the user can both insert its own HTTP Authentication but where the user can both insert its own HTTP
headers and create a CGI program to authenticate entries to the headers and create a CGI program to authenticate entries to the
server. This scenario is common in environments where the user server. This scenario is common in environments where the user
cannot control what services the server employs, but the user can cannot control what services the server employs, but the user can
write their own HTTP services. write their own HTTP services.
4. Security Considerations 10. Security Considerations
Because Atom is a publishing protocol, it is important that only Because Atom is a publishing protocol, it is important that only
authorized users can create and edit entries. authorized users can create and edit entries.
The security of Atom is based on HTTP Digest Authentication and/or The security of Atom is based on HTTP Digest Authentication and/or
[@@TBD@@ CGI Authentication]. Any weaknesses in either of these [@@TBD@@ CGI Authentication]. Any weaknesses in either of these
authentication schemes will obviously affect the security of the Atom authentication schemes will obviously affect the security of the Atom
Publishing Protocol. Publishing Protocol.
Both HTTP Digest Authentication and [@@TBD@@ CGI Authentication] are Both HTTP Digest Authentication and [@@TBD@@ CGI Authentication] are
skipping to change at page 14, line 46 skipping to change at page 27, line 5
of the public string and dictionary entries. of the public string and dictionary entries.
See RFC 2617 for more detailed description of the security properties See RFC 2617 for more detailed description of the security properties
of HTTP Digest Authentication. of HTTP Digest Authentication.
@@TBD@@ Talk here about using HTTP basic and digest authentication. @@TBD@@ Talk here about using HTTP basic and digest authentication.
@@TBD@@ Talk here about denial of service attacks using large XML @@TBD@@ Talk here about denial of service attacks using large XML
files, or the billion laughs DTD attack. files, or the billion laughs DTD attack.
5. IANA Considerations 11. IANA Considerations
This document has no actions for IANA. A Atom Collection Document, when serialized as XML 1.0, can be
identified with the following media type:
6. Appendix A - SOAP Enabling MIME media type name: application
All servers SHOULD support the following alternate interface MIME subtype name: atomcoll+xml
mechanisms to enable a wider variety of clients to interact with Atom
Publishing Protocol servers. The following requirements are in
addition to the ones listed in the Functional Specification Section.
If a server supports SOAP Enabling then it MUST support all of the
following.
6.1 Servers Mandatory parameters: None.
1. All servers MUST support the limited use of the SOAPAction HTTP Optional parameters:
Header as described below in the Client section.
2. All servers MUST be able to process well formed XML. Servers
need not be able to handle processing instructions or DTDs.
3. Servers MUST accept content in a SOAP Envelope, and if they
receive a request that is wrapped in a SOAP Envelope then they
MUST wrap their responses in SOAP envelopes or produce a SOAP
Fault.
6.2 Clients "charset": This parameter has identical semantics to the charset
parameter of the "application/xml" media type as specified in
[RFC3023].
1. Clients SHOULD use the appropriate HTTP Method when possible. Encoding considerations: Identical to those of "application/xml" as
When not possible, they should use POST and include a SOAPAction described in [RFC3023], section 3.2.
HTTP header which is constrained as follows:
2. SOAPAction: "http://schemas.xmlsoap.org/wsdl/http/[METHOD]"
3. Where [METHOD] is replaced by the desired HTTP Method.
4. Clients MAY wrap their XML payload in a SOAP Envelope. If so,
they must also wrap it in an element which exactly matches the
HTTP Method.
7. Appendix B - Examples Security considerations: As defined in this specification.
[[anchor28: update upon publication]]
7.1 Example for a weblog In addition, as this media type uses the "+xml" convention, it
shares the same security considerations as described in [RFC3023],
section 10.
Fill this in with an example for how all the above is used for a Interoperability considerations: There are no known interoperability
weblog. Start with main HTML page, link tag of type service.feed to issues.
the 'introspection' file. 1. Creating a new entry 2. Finding an
old entry 3. editing an old entry 4. commenting on a entry (via
HTML and Atom)
7.2 Example for a wiki Published specification: This specification. [[anchor29: update upon
publication]]
Fill this in like above but for a wiki. Applications that use this media type: No known applications
currently use this media type.
8. Revision History Additional information:
Magic number(s): As specified for "application/xml" in [RFC3023],
section 3.2.
File extension: .atomcoll
Fragment identifiers: As specified for "application/xml" in
[RFC3023], section 5.
Base URI: As specified in [RFC3023], section 6.
Macintosh File Type code: TEXT
Person and email address to contact for further information: Joe
Gregorio <joe@bitworking.org>
Intended usage: COMMON
Author/Change controller: IESG
An Atom Introspection Document, when serialized as XML 1.0, can be
identified with the following media type:
MIME media type name: application
MIME subtype name: atomserv+xml
Mandatory parameters: None.
Optional parameters:
"charset": This parameter has identical semantics to the charset
parameter of the "application/xml" media type as specified in
[RFC3023].
Encoding considerations: Identical to those of "application/xml" as
described in [RFC3023], section 3.2.
Security considerations: As defined in this specification.
[[anchor30: update upon publication]]
In addition, as this media type uses the "+xml" convention, it
shares the same security considerations as described in [RFC3023],
section 10.
Interoperability considerations: There are no known interoperability
issues.
Published specification: This specification. [[anchor31: update upon
publication]]
Applications that use this media type: No known applications
currently use this media type.
Additional information:
Magic number(s): As specified for "application/xml" in [RFC3023],
section 3.2.
File extension: .atomsrv
Fragment identifiers: As specified for "application/xml" in
[RFC3023], section 5.
Base URI: As specified in [RFC3023], section 6.
Macintosh File Type code: TEXT
Person and email address to contact for further information: Joe
Gregorio <joe@bitworking.org>
Intended usage: COMMON
Author/Change controller: This specification's author(s). [[anchor32:
update upon publication]]
12. References
12.1 Normative References
[AtomFormat]
Nottingham, M. and R. Sayre, "The Atom Syndication
Format", work-in-progress, April 2005.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2246] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
RFC 2246, January 1999.
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
[RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
Leach, P., Luotonen, A., and L. Stewart, "HTTP
Authentication: Basic and Digest Access Authentication",
RFC 2617, June 1999.
[RFC3023] Murata, M., St. Laurent, S., and D. Kohn, "XML Media
Types", RFC 3023, January 2001.
[RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet:
Timestamps", RFC 3339, July 2002.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, January 2005.
[RFC3987] Duerst, M. and M. Suignard, "Internationalized Resource
Identifiers (IRIs)", RFC 3987, January 2005.
[W3C.REC-soap12-part1-20030624]
Nielsen, H., Mendelsohn, N., Gudgin, M., Hadley, M., and
J. Moreau, "SOAP Version 1.2 Part 1: Messaging Framework",
W3C REC REC-soap12-part1-20030624, June 2003.
[W3C.REC-soap12-part2-20030624]
Nielsen, H., Hadley, M., Moreau, J., Mendelsohn, N., and
M. Gudgin, "SOAP Version 1.2 Part 2: Adjuncts", W3C
REC REC-soap12-part2-20030624, June 2003.
[W3C.REC-xml-20040204]
Yergeau, F., Paoli, J., Sperberg-McQueen, C., Bray, T.,
and E. Maler, "Extensible Markup Language (XML) 1.0 (Third
Edition)", W3C REC REC-xml-20040204, February 2004.
12.2 Informative References
[W3C.REC-webarch-20041215]
Walsh, N. and I. Jacobs, "Architecture of the World Wide
Web, Volume One", W3C REC REC-webarch-20041215,
December 2004.
URIs
[1] <http://www.imc.org/atom-protocol/index.html>
Authors' Addresses
Joe Gregorio (editor)
BitWorking, Inc
1002 Heathwood Dairy Rd.
Apex, NC 27502
US
Phone: +1 919 272 3764
Email: joe@bitworking.com
URI: http://bitworking.com/
Robert Sayre (editor)
Email: rfsayre@boswijck.com
URI: http://boswijck.com
Appendix A. Revision History
draft-ietf-atompub-protocol-04 - Add ladder diagrams, reorganize, add
SOAP interactions
draft-ietf-atompub-protocol-03 - Incorporates PaceSliceAndDice3 and draft-ietf-atompub-protocol-03 - Incorporates PaceSliceAndDice3 and
PaceIntrospection. PaceIntrospection.
draft-ietf-atompub-protocol-02 - Incorporates Pace409Response, draft-ietf-atompub-protocol-02 - Incorporates Pace409Response,
PacePostLocationMust, and PaceSimpleResourcePosting. PacePostLocationMust, and PaceSimpleResourcePosting.
draft-ietf-atompub-protocol-01 - Added in sections on Responses for draft-ietf-atompub-protocol-01 - Added in sections on Responses for
the EditURI. Allow 2xx for response to EditURI PUTs. Elided all the EditURI. Allow 2xx for response to EditURI PUTs. Elided all
mentions of WSSE. Started adding in some normative references. mentions of WSSE. Started adding in some normative references.
skipping to change at page 16, line 31 skipping to change at page 33, line 38
the Scope section. IPR and copyright notifications were added. the Scope section. IPR and copyright notifications were added.
Rev 09 - 10Dec2003 - Added the section on SOAP enabled clients and Rev 09 - 10Dec2003 - Added the section on SOAP enabled clients and
servers. servers.
Rev 08 - 01Dec2003 - Refactored the specification, merging the Rev 08 - 01Dec2003 - Refactored the specification, merging the
Introspection file into the feed format. Also dropped the Introspection file into the feed format. Also dropped the
distinction between the type of URI used to create new entries and distinction between the type of URI used to create new entries and
the kind used to create comments. Dropped user preferences. the kind used to create comments. Dropped user preferences.
Rev 07 - 06Aug2003 - Removed the use of the RSD file for Rev 07 - 06Aug2003 - Removed the use of the RSD file for auto-
auto-discovery. Changed copyright until a final standards body is discovery. Changed copyright until a final standards body is chosen.
chosen. Changed query parameters for the search facet to all begin Changed query parameters for the search facet to all begin with atom-
with atom- to avoid name collisions. Updated all the Entries to to avoid name collisions. Updated all the Entries to follow the 0.2
follow the 0.2 version. Changed the format of the search results and version. Changed the format of the search results and template file
template file to a pure element based syntax. to a pure element based syntax.
Rev 06 - 24Jul2003 - Moved to PUT for updating Entries. Changed all Rev 06 - 24Jul2003 - Moved to PUT for updating Entries. Changed all
the mime-types to application/x.atom+xml. Added template editing. the mime-types to application/x.atom+xml. Added template editing.
Changed 'edit-entry' to 'create-entry' in the Introspection file to Changed 'edit-entry' to 'create-entry' in the Introspection file to
more accurately reflect it's purpose. more accurately reflect it's purpose.
Rev 05 - 17Jul2003 - Renamed everything Echo into Atom. Added Rev 05 - 17Jul2003 - Renamed everything Echo into Atom. Added
version numbers in the Revision history. Changed all the mime-types version numbers in the Revision history. Changed all the mime-types
to application/atom+xml. to application/atom+xml.
skipping to change at page 17, line 21 skipping to change at page 35, line 4
Rev 02 - 7Jul2003 - Entries are no longer returned from POSTs, Rev 02 - 7Jul2003 - Entries are no longer returned from POSTs,
instead they are retrieved via GET. Cleaned up figure titles, as instead they are retrieved via GET. Cleaned up figure titles, as
they are rendered poorly in HTML. All content-types have been they are rendered poorly in HTML. All content-types have been
changed to application/atom+xml. changed to application/atom+xml.
Rev 01 - 5Jul2003 - Renamed from EchoAPI.html to follow the more Rev 01 - 5Jul2003 - Renamed from EchoAPI.html to follow the more
commonly used format: draft-gregorio-NN.html. Renamed all references commonly used format: draft-gregorio-NN.html. Renamed all references
to URL to URI. Broke out introspection into it's own section. Added to URL to URI. Broke out introspection into it's own section. Added
the Revision History section. Added more to the warning that the the Revision History section. Added more to the warning that the
example URIs are not normative. example URIs are not normative.
9. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2246] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
RFC 2246, January 1999.
[RFC2396] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform
Resource Identifiers (URI): Generic Syntax", RFC 2396,
August 1998.
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P. and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
[RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
Leach, P., Luotonen, A. and L. Stewart, "HTTP
Authentication: Basic and Digest Access Authentication",
RFC 2617, June 1999.
[1] <http://www.imc.org/atom-syntax/index.html>
Authors' Addresses
Joe Gregorio (editor)
BitWorking, Inc
1002 Heathwood Dairy Rd.
Apex, NC 27502
US
Phone: +1 919 272 3764
Email: joe@bitworking.com
URI: http://bitworking.com/
Robert Sayre (editor)
Boswijck Memex Consulting
148 N 9th St. 4R
Brooklyn, NY 11211
US
Email: rfsayre@boswijck.com
URI: http://boswijck.com
Intellectual Property Statement Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be on the procedures with respect to rights in RFC documents can be
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/