wdiff draft-ietf-atompub-protocol-03.txt draft-ietf-atompub-protocol-04.txt

Network Working Group J. Gregorio, Ed.
Internet-Draft BitWorking, Inc
Expires: September 19, November 10, 2005 R. Sayre, Ed.
Boswijck Memex Consulting
March 18,
May 9, 2005

The Atom Publishing Protocol
draft-ietf-atompub-protocol-03.txt
draft-ietf-atompub-protocol-04.txt

Status of this Memo

This document is an Internet-Draft and is subject to all provisions
of Section 3 of RFC 3667.

By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she become becomes
aware will be disclosed, in accordance with
RFC 3668. Section 6 of BCP 79.

Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts. Internet-
Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.

This Internet-Draft will expire on September 19, November 10, 2005.

Abstract

This memo presents a protocol for using XML (Extensible Markup
Language) and HTTP (HyperText Transport Protocol) to edit content.

The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources belonging to periodically
updated websites. The protocol at its core is the HTTP transport of
Atom-formatted representations. The Atom format is documented in the
Atom Syndication Format (draft-ietf-atompub-format-06.txt).

Editorial Note

To provide feedback on this Internet-Draft, join the atom-syntax atom-protocol
mailing list (http://www.imc.org/atom-syntax/index.html) (http://www.imc.org/atom-protocol/index.html) [1].

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1 . 3
2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 4
1.2
3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4
2. . . 5
4. The Atom Publishing Protocol Model . . . . . . . . . . . . . 4
2.1 Atom Collections . . . . . . 6
4.1 Collections . . . . . . . . . . . . . . . 4
2.1.1 Usage . . . . . . . . 6
4.2 Discovery . . . . . . . . . . . . . . . . 5
2.1.2 Client and Server Interaction . . . . . . . . 6
4.3 Listing . . . . 5
3. Functional Specification . . . . . . . . . . . . . . . . . . 5
3.1 Collections . . . 7
4.4 Authoring . . . . . . . . . . . . . . . . . . . . 6
3.1.1 Collection Document . . . . 7
4.4.1 Create . . . . . . . . . . . . . 6
3.1.2 Elements in a Collection Document . . . . . . . . . . 6
3.1.3 Collection Requests . 7
4.4.2 Read . . . . . . . . . . . . . . . . 7
3.2 Introspection . . . . . . . . . 8
4.4.3 Update . . . . . . . . . . . . . 8
3.2.1 Service Document . . . . . . . . . . . 8
4.4.4 Delete . . . . . . . . 8
3.3 Entry Collection . . . . . . . . . . . . . . . . 8
4.5 Success and Failure . . . . . 9
3.3.1 Locating . . . . . . . . . . . . . . 9
5. Collections . . . . . . . . . 10
3.4 Simple Resource Collection . . . . . . . . . . . . . . . . 10
3.4.1 Locating . . . .
5.1 Collection Documents . . . . . . . . . . . . . . . . . . . 10
3.4.2 Request . . . . . .
5.1.1 Element Definitions . . . . . . . . . . . . . . . . . 10
3.5 Atom Request and Response Body Constraints . . . . . . . . 11
3.5.1 id . . .
5.2 Collection Resource . . . . . . . . . . . . . . . . . . . 12
5.2.2 POST . . . . 11
3.5.2 link . . . . . . . . . . . . . . . . . . . . . 14
5.2.3 Usage Scenarios . . . . 11
3.5.3 title . . . . . . . . . . . . . . . 15
5.2.4 Range: Header . . . . . . . . . 11
3.5.4 summary . . . . . . . . . . . 16
5.2.5 Accept-Ranges: Header . . . . . . . . . . . . 11
3.5.5 content . . . . 16
5.2.6 Name: Header . . . . . . . . . . . . . . . . . . . 12
3.5.6 issued . . 17
6. Entry Collection . . . . . . . . . . . . . . . . . . . . . . 12
3.5.7 modified . 18
6.1 Editing Entry Resources . . . . . . . . . . . . . . . . . 18
6.2 Role of Atom Entry Elements During Editing . . . . . 12
3.5.8 created . . . 18
7. Generic Collection . . . . . . . . . . . . . . . . . . . . 12
3.5.9 author . . 20
7.1 Editing Generic Resources . . . . . . . . . . . . . . . . 20
8. Introspection . . . . . . 13
3.5.10 contributor . . . . . . . . . . . . . . . . . . 21
8.1 Introspection Document . . 13
3.5.11 generator . . . . . . . . . . . . . . . . 21
8.1.1 Element Definitions . . . . . 13
3.6 Securing the Atom Protocol . . . . . . . . . . . . 21
8.2 Introspection Resource . . . . 13
3.6.1 [@@TBD@@ CGI Authentication] . . . . . . . . . . . . . 14
4. Security Considerations . 23
8.2.1 Discovery . . . . . . . . . . . . . . . . . 14
5. IANA Considerations . . . . . 24
9. Securing the Atom Protocol . . . . . . . . . . . . . . . 14
6. Appendix A - SOAP Enabling . . . 25
10. Security Considerations . . . . . . . . . . . . . . 15
6.1 Servers . . . . 26
11. IANA Considerations . . . . . . . . . . . . . . . . . . . . 27
12. References . 15
6.2 Clients . . . . . . . . . . . . . . . . . . . . . . . . 30
12.1 Normative References . 15
7. Appendix B - Examples . . . . . . . . . . . . . . . . . . 30
12.2 Informative References . 15
7.1 Example for a weblog . . . . . . . . . . . . . . . . . 31
Authors' Addresses . . 15
7.2 Example for a wiki . . . . . . . . . . . . . . . . . . . . 15
8. 32
A. Revision History . . . . . . . . . . . . . . . . . . . . . . 15
9. Normative References . . . . . . . . . . . . 33
Intellectual Property and Copyright Statements . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 18
Intellectual Property and Copyright Statements . . . . . . . 19 35

1. Introduction

The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources using HTTP [RFC2616] and XML.

1.1 XML 1.0
[W3C.REC-xml-20040204].

2. Notational Conventions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].

1.2

3. Terminology

Atom Entry: An Atom Entry is a fragment of a full Atom feed. In this
case,

URI/IRI - A Uniform Resource Identifier and Internationalized
Resource Identifier, respectively. These terms (and the fragment is a single 'entry' element distinction
between them) are defined in [RFC3986] and all its child
elements. Each Atom Entry describes [RFC3987].

Resource - an item identified by a single Web resource,
providing metadata and optionally URI [W3C.REC-webarch-20041215].

Collection Resource - A resource that contains a textual representation listing of that
resource.

2. Member
Resources and meets the requirements in Section 5 of this
specification.

Member Resource - A resource whose URI is listed by a Collection
Resource.

4. The Atom Publishing Protocol Model

The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources. The primary way of interaction
in the Atom Publishing Protocol is by managing collection operates on collections of Web
resources. All collections support the same basic methods of
interaction. In addition, interactions, as
do the resources belonging to collections
also share within the same collections. The patterns of interaction patterns. Using
are based on the common HTTP
verbs provides a pattern for working with all such Web resources: verbs.

o GET is used to retrieve a representation of a resource or perform
a read-only query.

o PUT POST is used to update create a known new, dynamically-named resource.

o POST PUT is used to create update a new dynamically-named known resource.

o DELETE is used to remove a resource.

2.1 Atom

4.1 Collections

An Atom collection is a set of items all of the same type ("members"
of the collection), where the "type" may be, for example: Atom entry,
category, template, "simple resource", or any other classification of
web resource.

Each collection has a URI

The APP groups resources into "Collections", which is given in the introspection file.
A GET on are analogous to
the collection URI MUST produce a collection document as
defined "folders" or "directories" found in "3.X.1 Collection Document." That document describes PART
OF many file systems.

4.2 Discovery

To discover the state location of the collection.

All the members of a collection have collections exposed by an "updated" property, and APP
service, the
collection is considered client must locate and request an Introspection Document
(Section 8).

Client Server
| |
| 1.) GET Introspection |
|------------------------------->|
| |
| 2.) Introspection Doc |
|<-------------------------------|
| |

1. The client sends a GET request to be ordered by this property. A single
collection document may not contain all the Service Description
Resource.

2. The server responds with an Introspection Document containing the
locations of collections provided by the members service. The content of a
collection. If a collection
this document is the response can vary based on aspects of a
non-partial GET the client request, and does
including, but not contain all of limited to, authentication credentials.

4.3 Listing

Once the members client has discovered the location of a collection, then it will contain the URI of the next collection
document which will contain more can
request a listing of the collection members. By
traversing this collection's membership. However,
collections might be extremely large, so servers are likely to list of collection documents a client can obtain all
of the members
small subset of a collection. The 'next' attribute will not be
present in the response collection by default.

Client Server
| |
| 1.) GET to Collection URI |
|------------------------------->|
| |
| 2.) 200 OK, Atom Feed Doc |
|<-------------------------------|
| |

1. The client sends a partial GET request.

2.1.1 Usage

Below two usages are outlined for Atom Collections. They are here request to
highlight common idioms for interacting the Collection's URI.

2. The server responds with an Atom Feed Document containing a Collection Resource
and not full
or partial listing of the collection's membership.

4.4 Authoring

After locating a normative interaction pattern.

The Atom Collection collection, a client can be used add entries by clients in two ways. In the first
case sending a
request to the client has attached collection; other changes are accomplished by sending
HTTP requests to its member resources.

4.4.1 Create

Client Server
| |
| 1.) POST to Collection URI |
|------------------------------->|
| |
| 2.) 201 Created @ Location |
|<-------------------------------|
| |

1. The client sends a site for representation of a member to the first time and server via
HTTP POST. The Request URI is
doing an initial syncronization, that is, retrieving a list of all the members Collection.

2. The server responds with a response of the collections "201 Created" and possibly retrieving all a
"Location" header containing the
members URI of the collection also. newly-created
resource.

4.4.2 Read

Client Server
| |
| 1.) GET or HEAD to Member URI |
|------------------------------->|
| |
| 2.) 200 OK |
|<-------------------------------|
| |

1. The client can perform sends a non-partial GET on the collection resource and it will receive a collection
document that either contains all the member of the collection, or
the collection document root element 'collection' will contain a
'next' attribute pointing (or HEAD) request to the next collection document. By
repeatedly following the 'next' attribute from document member's URI.

2. The server responds with an appropriate representation.

4.4.3 Update

Client Server
| |
| 1.) PUT to document
the client can find all the members of the collection.

In the second case the Member URI |
|------------------------------->|
| |
| 2.) 200 OK |
|<-------------------------------|

1. The client has already done PUTs an initial sync, and
now needs updated representation to re-sync, because the client was just restarted, or some
time has passed since a re-sync, etc. member's URI.

2. The client does a partial GET
on the collection document, supplying server responds with a Range header that begins from
the last time representation of the member's new
state.

4.4.4 Delete

Client Server
| |
| 1.) DELETE to Member URI |
|------------------------------->|
| |
| 2.) 204 No Content |
|<-------------------------------|
| |

1. The client sync'd sends a DELETE request to the current time. member's URI.

2. The collection
document returned will contain only those members of the collection
that have changed since the last time the client syncronized.

2.1.2 Client server responds with successful status code.

4.5 Success and Server Interaction

[[anchor5: ...]]

This document does not specify the form Failure

HTTP defines classes of the URIs that are used.
The URI space response. HTTP status codes of each server is controlled, as defined by HTTP, by the server alone. What this document does specify are the formats form 2xx
signal that a request was successful. HTTP status codes of the files form
4xx or 5xx signal that are exchanged an error has occurred, and the actions that can be performed on request has
failed. Consult the URIs embedded in those files.

3. Functional Specification

3.1 HTTP specification for more detailed definitions
of each status code.

5. Collections

3.1.1 Collection Document

An Atom Collection is a set of related resources. All members of a
collection have an "updated" property, and the collection document is rooted
considered to be ordered by a <collection> element. this property.

5.1 Collection Documents

An example Collection Document.

<?xml version="1.0" encoding='utf-8'?>
<collection xmlns="http://purl.org/atom/app#">
<member href="http://example.org/1"
hrefreadonly="http://example.com/1/bar"
title="Sample 1"
updated="2003-12-13T18:30:02Z" />
<member href="http://example.org/2"
hrefreadonly="http://example.com/2/bar"
title="Sample 2"
updated="2003-12-13T18:30:02Z" />
<member href="http://example.org/3"
hrefreadonly="http://example.com/3/bar"
title="Sample 3"
updated="2003-12-13T18:30:02Z" />
<member href="http://example.org/4"
title="Sample 4"
updated="2003-12-13T18:30:02Z" />
</collection>

Atom Collection Documents have the media-type 'application/
atomcoll+xml', see Section 11.

5.1.1 Element Definitions

5.1.1.1 The 'app:collection' Element

The 'app:collection' element represents an Atom Collection. A
collection document does not necessarily list every member of the
collection.

appCollection element may have app:collection {
attribute next { text } ?,
appMember*
}
o 'app:collection' elements MAY contain any number of <member> 'app:member'
elements.

o 'app:collection' elements as
children; each such element identifies MAY contain a member of the collection.
In some situations, 'next' attribute which
identifies a collection document may not contain every containing member of the collection itself.

Whether complete or partial, the elements
updated earlier in time.

The members listed in a collection document MUST constitute a
consecutive sequence of the collection's members, ordered by their
"updated" properties. That is, a collection document MUST contain a
contiguous subset of the members of the collection ordered by their
'updated' property.

3.1.2 Elements in

5.1.1.2 The 'app:member' Element

The 'app:member' represents a Collection Document

A collection document MAY contain zero or more 'member' elements.

Each 'member' single member resource.

appMember element app:member {
attribute title { text },
attribute href { text },
attribute hrefreadonly { text } ?,
attribute updated { text }
}

o 'app:member' elements MUST include an 'href' attribute identifying a
URL of attribute, whose
value conveys the member resource. The 'href' URI of a used to edit the member resource source

o 'app:member' elements MAY include an "hrefreadonly
(Section 5.1.1.3)" attribute.

o 'app:member' elements MUST include a 'title' attribute, whose
value is a human-readable name or description for the item.

o 'app:member' elements MUST include an "EditURI" under 'updated' attribute, whose
value is the terms 'updated' property of section 2, and the collection member. Its
format MUST respond conform to the
same HTTP methods as such an EditURI.

Each 'member' element MAY include an "hrefreadonly" attribute. date-time production in [RFC3339].

5.1.1.3 The 'hrefreadonly' Attribute

This optional attribute identifies a URI which, on a GET request,
responds equivalently to how the "href" URI would respond to the same
request. Clients SHOULD NOT apply to this URI any HTTP methods that
would be expected to modify the state of the resource (e.g. PUT,
POST or DELETE). A PUT or POST request to this URI MAY NOT affect
the underlying resource. If the "hrefreadonly" attribute is not
given, its value defaults to the "href" value. If the "hrefreadonly"
attribute is present, and its value is an empty string, then there is
no URI that can be treated in the way such a value would be treated.

Clients SHOULD use the "href" value to manipulate the resource within
the context of the APP itself. Clients SHOULD prefer the
"hrefreadonly" value in any other context. For example, if the
resource is an image, a client may replace the image data using a PUT
on the "href" value, and may even display a preview of the image by
fetching the "href" URI. But when creating a public, read-only
reference to the same image resource, the client should use the
"hrefreadonly" value. If the "hrefreadonly" value is an empty
string, the client SHOULD NOT make public reference to the "href"
value.

Each 'member' element MUST include a 'title' attribute, whose value
is a human-readable name or description

[[anchor10: Define extensibility for the item. The values Collection Documents.]]

5.2 Collection Resource

This specification defines two HTTP methods for use with collection
resources: GET and POST.

5.2.1 GET

Collections can contain extremely large numbers of
'title' attributes are not required to resources. A
naive client such as a web spider or web browser would be unique across all members
of overwhelmed
if the response to a collection.

Each 'member' element MUST include an 'updated' attribute, whose
value is GET reflected the 'updated' property full membership of the collection member whose format
MUST conform
collection, and the server would waste large amounts of bandwidth and
processing time on clients unable to handle the date-time BNF rule in [RFC3339].

3.1.3 Collection Requests

3.1.3.1 Range: Header

HTTP/1.1 allows response. As a client
result, responses to a simple GET request that only part (a range of) represent a server-
determined subset of the
collection to be included within collection's membership.

In addition, the response. HTTP/1.1 uses client MAY send a 'Range' header with a range
units in type
of 'udpated', indicating the subset of the Range header field. A collection can be broken down
into subranges according to the members 'updated' property. If a
Range: be returned.
The 'Range' header is present described in the request, its value explictly
identifies the Section 5.2.4.

This specification defines two serializations for Atom Collections.
Servers MUST provide both, but MAY also provide additional
serializations.

1. Atom Collection Documents (application/atomcoll+xml),
Section 5.1.

2. Atom Collection Documents wrapped by a time interval interval in which all SOAP envelope
(application/soap+xml), .

Clients use the members
'updated' property must fall HTTP 'Accept' request header to be included in indicate their
preference.

Example Request, with Accept header

GET /collection HTTP/1.1
Host: example.org
User-Agent: Agent/1.0
Accept: application/atomcoll+xml

Here, the response.

Range = "Range" ":" ranges-specifier

The value server could return any subset of the Range: collection as an Atom
Collection Document.

Example Response, Atom Collection Document

HTTP/1.1 200 OK
Date: Fri, 25 Mar 2005 17:15:33 GMT
Last-Modified: Mon, 04 Oct 2004 18:31:45 GMT
ETag: "2b3f6-a4-5b572640"
Accept-Ranges: updated
Content-Length: nnnn
Content-Type: application/atomcoll+xml; charset="utf-8"

<?xml version="1.0" encoding="utf-8"?>
<collection xmlns="http://purl.org/atom/app#">
...
<member href="http://example.org/1"
hrefreadonly="http://example.com/1/bar"
title="Example 1"
updated="2003-12-13T18:30:02Z" />
...
</collection>

Example Request, with SOAP Accept header should be a pair

GET /collection HTTP/1.1
Host: example.org
User-Agent: Cosimo/1.0
Accept: application/soap+xml

Here, the server could return any subset of ISO 8601 dates,
separated the collection as an Atom
Feed Document wrapped by a slash character; either date may be optionally
omitted, in which case SOAP envelope.

Example Response, Atom Feed Document wrapped by a SOAP envelope

HTTP/1.1 200 OK
Date: Fri, 25 Mar 2005 17:15:33 GMT
Last-Modified: Mon, 04 Oct 2004 18:31:45 GMT
ETag: "2b3f6-a4-5b572640-89"
Accept-Ranges: bytes
Content-Length: nnnn
Content-Type: application/soap+xml; charset="utf-8"

<?xml version="1.0" encoding="utf-8"?>
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header />
<env:Body>
<collection xmlns="http://purl.org/atom/app#">
...
<member href="http://example.org/1"
hrefreadonly="http://example.com/1/bar"
title="Example 1"
updated="2003-12-13T18:30:02Z" />
...
</collection>
</env:Body>
</env:Envelope>

5.2.2 POST

In addition to GET, a Collection Resource also accepts POST requests.
The client POSTs a representation of the range is understood as stretching desired resource to
infinity on the
Collection Resource. Note that end.

ranges-specifier = updated-ranges-specifier
updated-ranges-specifier = updated-unit "=" updated-range
updated-unit = "updated"
updated-range = [iso-date] "/" [iso-date]

The some collections only allow members
of a specific media-type and a POST MAY generate a response to with a collection request
status code of 415 ("Unsupported Media Type").

In the case of a successful creation, the status code MUST be 201
("Created").

Example Request, Create a collection document,
all of whose 'member' elements fall within the requested range. If
no members fall resource in a collection.

POST /collection HTTP/1.1
Host: example.org
User-Agent: Cosimo/1.0
Accept: application/atomcoll+xml
Content-Type: image/png
Content-Length: nnnn
Name: trip-to-beach.png

...binary data...

Here, the requested range, the server MUST respond with client is adding a collection document containing no 'member' elements.

3.1.3.2 Accept-Ranges: Header

The response new image resource to a non-partial GET request MUST include an
Accept-Ranges collection. The
Name: header that indicates that the server accepts 'updated'
range requests.

Accept-Ranges = "Accept-Ranges" ":" acceptable-ranges
acceptable-ranges = updated-unit ( 1#range-unit )

3.2 Introspection

There are many different kinds of resources that client's desired name for the resource,
see Section 5.2.6.

Example Response, resource created successfully.

HTTP/1.1 201 Created
Date: Fri, 25 Mar 2005 17:17:11 GMT
Content-Length: nnnn
Content-Type: application/atomcoll+xml; charset="utf-8"
Location: http://example.org/images/trip-to-the-beach-01.png

<?xml version="1.0" encoding="UTF-8"?>
<collection xmlns="http://purl.org/atom/app#">
<member href="http://example.org/images/trip-to-beach.png"
hrefreadonly="http://example.com/ed/im/trip-01.png"
title="trip-to-beach.png"
updated="2005-03-25T17:17:09Z" />
</collection>

5.2.3 Usage Scenarios

These scenarios illustrate common idioms for interactin with
Collections.

The Atom Collection can be managed
through used by clients in two ways. In the first
case the APP, client encounters a Collection for example, entries, templates, users, etc. The
Service Document the first time and is a single document
doing an initial syncronization, that lists is, retrieving a list of all
the facets members of the APP that a site supports collections and also contains possibly retrieving all the URIs
members of all those
resources.

3.2.1 Service Document

The Service Document lists the resources that each site makes
available. collection also. The Service Resource returns an Service Document in
response to client can perform a non-partial
GET request. Here is an example of an Service
Document.

<?xml version="1.0" encoding='utf-8'?>
<service version="0.3" xmlns="http://purl.org/atom/ns#">
<workspace title="Main Site" >
<collection rel="entries" name="Entries"
href="http://example.org/reilly/feed" />
<collection rel="categories" name="Categories"
href="http://example.org/reilly/cat" />
<collection rel="templates" name="Templates"
href="http://example.org/reilly/tmpl" />
<collection rel="users" name="Users"
href="http://example.org/reilly/users" />
<collection rel="resource" name="Pictures"
href="http://example.org/reilly/pic" />
</workspace>
<workspace title="b-links">
<collection rel="entries" name="Entries"
href="http://example.org/reilly/feed" />
<collection rel="http://example.net/booklist" name="Books"
href="http://example.org/reilly/books" />
</workspace>
</service>

o entries
o resource
o categories
o templates
o users
The default for the rel attribute is 'resource'. Extensibility for
'rel' values is handled in on the same manner as PaceFieldingLinks.
Each 'collection' element in 'workspace' represents collection resource and it will receive a single facet collection
document that either contains all the members of the APP. While a site must fully support each facet they list in
their Service Document, collection, or
the collection document root element 'collection' will contain a site does not need
'next' attribute pointing to support all the
facets in this RFC. Additionally, new facets may be added either
through vendor extension or follow-on RFCs.

3.2.1.1 Service Documet Elements

The "service" element is next collection document. By
repeatedly following the 'next' attribute from document element to document
the client can find all the members of a Service Document,
acting as a container for service data associated with possibly
multiple workspaces. Its only child elements MUST be one the collection.

In the second case the client has already done an initial sync, and
now needs to re-sync, because the client was just restarted, or more
'workspace' elements. some
time has passed since a re-sync, etc. The 'service' element MUST have client does a single
attribute 'version' whose content indicates the version of partial GET
on the Atom
specification collection document, supplying a Range header that begins from
the document conforms to. The content of this
attribute is unstructured text. The version identifier for this
specification is "1.0".

The 'workspace' element element contains information elements about last time the collections of resources available for editing. The only
children of 'workspace' MUST be one or more "collection" elements.
The 'workspace' element MUST have a single attribute 'title' whose
content MUST NOT be empty and which is a human-readable name for client sync'd to the
workspace. current time. The 'collection' element describes various typed groups of resources
available for editing or adding to.

3.3 Entry Collection

Entries are managed through collections and as such entry collection
and entries that are
document returned will contain only those members of a collection must support all the
operations enumerated above.

An Edit Resource is used to edit a single entry. Each entry collection
that is
editable MUST have a unique URI. This URI supports both GET and PUT
and they are used in tandem for an editing cycle. The client GETs changed since the last time the representation which is formatted as an Atom entry. The client
may then update syncronized.

5.2.4 Range: Header

HTTP/1.1 allows a client to request that only part (a range of) the entry and then PUT it back
collection to be included within the same URI. The
PUT will cause all response. HTTP/1.1 uses range
units in the related resources to Range header field. A collection can be updated, for example, broken down
into subranges according to the HTML representation.

Note that members 'updated' property. If a
Range: header is present in the request, its value of explictly
identifies the content element a time interval interval in which all the Atom entry does not
have members
'updated' property must fall to exactly match be included in the content element for response.

Range = "Range" ":" ranges-specifier

The value of the same entry when it
is represented in an Atom feed. For example, Range: header should be a server may allow the
client to post entries whose content is formatted as WikiML, yet the
server pair of ISO 8601 dates,
separated by a slash character; either date may clean up such markup and transform it into well-formed
XHTML before placing it be optionally
omitted, in which case the publicly available Atom feed. Another
scenario is summaries--the EditURI range is for editing the full content of
an entry, but the server may only present excerpts when it produces
an Atom feed.

A client will send a DELETE understood as stretching to the EditURI
infinity on that end.

ranges-specifier = updated-ranges-specifier
updated-ranges-specifier = updated-unit "=" updated-range
updated-unit = "updated"
updated-range = [iso-date] "/" [iso-date]

The response to delete an entry.

3.3.1 Locating

For editing a site Entry, collection request MUST be a collection document,
all of whose 'member' elements fall within the link tag requested range. The
request range is used. Note considered a closed set, that is, if a link tag
is used in both HTML and in the Atom format. A link tag 'member'
element matches one end of the
following format points to the EditURI for a site. In HTML, the link
tags for editing are always found range exactly it MUST be included in
the head element, while response. If no members fall in Atom
they may appear as children of the entry elements.

Note: server
MUST respond with a collection document containing no 'member'
elements.

The critical characteristic of this link tag is the @rel of
'service.edit' and the @type of 'application/atom+xml'.

3.4 Simple Resource Collection

Simple Resources are managed through collections and as such simple
reource collections and simple resources that are members inclusion of the
collection must support all the operations enumerated above. Simple
Resources can be images, templates, and any other non-entry
resources.

3.4.1 Locating

For creating Range: header in a new non-entry resource, request changes the link tag is used. Note
that request
to a link tag is used in both HTML and in the Atom format. A link
tag of the following format points "partial GET" [RFC2616].

5.2.5 Accept-Ranges: Header

The response to the ResourcePostURI for a site.
In HTML the link tags are always found in the head element, while in
Atom they may appear as children of the Feed and entry elements.

3.4.2 Request server accepts 'updated' range
requests.

Accept-Ranges = "Accept-Ranges" ":" acceptable-ranges
acceptable-ranges = updated-unit ( 1#range-unit )

5.2.6 Name: Header

[[anchor13: this is new...]]

The request contains POST to a resource, sent through Collection Resource MAY contain a standard HTTP POST,
e.g.:

POST /_do/exampleblog/post_resource HTTP/1.1
Host: www.example.com
Content-Type: image/jpeg
Content-Length: nnn

...raw bytes of image go here...

3.5 Atom Request and Response Body Constraints Name: header that
indicates the clients suggested name for the resource. The Atom format is used as server
MAY ignore the representation of all Name: header or modify the resources in
this specification. As it requested name to suit
local conventions.

Name = "Name" ":" relative-part

The relative-part production is used defined in differing contexts, there [RFC3986].

6. Entry Collection

Entry Collections are
different constraints of which elements may be present, and how Collections that restrict their
values should be interpreted.

3.5.1 id

PostURI MUST NOT be present.
FeedURI MUST be present.
EditURI
GET MUST be present.
PUT MUST be present.

3.5.2 link

PostURI MAY be present. membership to
Atom entries. This specification defines two serializations for Atom
entries. Servers MAY MUST provide both serializations.

1. Atom Entry Documents (application/atom+xml), [AtomFormat].

2. Atom Entry Documents wrapped by a SOAP envelope (application/
soap+xml), .

Clients use the information HTTP 'Accept' request header to determine indicate their
preference [RFC2616]. If no 'Accept' header is present in the URI of
request, the created resource. Relative URLs are to be
interpreted relative server is free to xml:base.
FeedURI MUST be present.
EditURI
GET MUST be present.
PUT choose any serialization. When an
HTTP request contains a body, clients MUST be present.

3.5.3 title

PostURI include a 'Content-Type'
header, and servers MUST be present. The element may be empty, to explicitly
indicate "no title". Servers SHOULD NOT try accept both application/atom+xml and
application/soap+xml message bodies.

6.1 Editing Entry Resources

Atom entries are edited by sending HTTP requests to generate an individual
entry's URI. Servers can determine the processing necessary to
interpret a title
if one is not provided. The type attribute MAY be present, request by examining the request's HTTP method and if
not it defaults to "text/plain".
'Content-Type' header.

If present, it the request method is POST and the 'Content-Type' is application/
soap+xml, the SOAP document MUST represent contain a
MIME type Web-Method property .
This specifcation defines two values for that the server supports. The mode attribute MAY be
present. If not present, it defaults to "xml". If present, it
MUST be "xml", "base64", or "escaped".
FeedURI MUST be present.
EditURI property, PUT and
DELETE.

Processing Client Requests

+----------------------------------+------+--------+--------+--------+
| | GET MUST be present. | PUT MUST be present. | DELETE | POST |
+----------------------------------+------+--------+--------+--------+
| No Body | Read | x | Delete | x |
| | | | | |
| Atom Body | x | Update | x | x |
| | | | | |
| SOAP Body with Web-Method PUT | x | x | x | Update |
| | | | | |
| SOAP Body with Web-Method DELETE | x | x | x | Delete |
+----------------------------------+------+--------+--------+--------+

6.2 Role of Atom Entry Elements During Editing

The element may be empty, to explicitly
indicate "no title". Servers SHOULD NOT try to generate elements of an Atom Entry Document are either a
title if one 'Writable
Element' or a 'Round Trip Element'.

Writable Element - An element of an Atom Entry whose value is
editable by the client and not provided.

3.5.4 summary

PostURI MAY be present. If not present, enforced by the server server.

Round Trip Element - An element of an Atom Entry whose value is welcome to
produce its own summary. If present but empty,
enforced by the server SHOULD
NOT generate a summary and not editable by the client.

That categorization will determine the elements' disposition during
editing.

Table 2

7. Generic Collection

Generic Collections are Collections that do not have uniform
restrictions on the representations of its own. The type attribute MAY be
present. If not, it defaults the member resources.

7.1 Editing Generic Resources

Member resources are edited by sending HTTP requests to "text/plain". If present, it
must represent an individual
resource's URI. Servers can determine the processing necessary to
interpret a MIME type that request by examining the server supports. The mode
attribute MAY be present request's HTTP method and defaults to "xml". If present, it
must be "xml","base64", or "escaped".
FeedURI MAY be present.
EditURI
'Content-Type' header.

Processing Client Requests

+----------+------+--------+--------+------+
| | GET MAY be present. | PUT MAY be present. The element may be empty, to explicitly
indicate "no summary". Servers SHOULD NOT try | DELETE | POST |
+----------+------+--------+--------+------+
| No Body | Read | x | Delete | x |
| | | | | |
| Any Body | x | Update | x | x |
+----------+------+--------+--------+------+

8. Introspection

In order for authoring to generate commence, a
title if one client must first discover the
capabilities and locations of collections offered.

8.1 Introspection Document

The Introspection Document describes "workspaces", which are server-
defined groupings of collections. There is not provided.

3.5.5 content

PostURI MAY be present but no requirement that
servers support multiple workspaces, and a collection may be empty, to explicitly indicate "no
content". appear in
more than one workspace.

The type attribute MAY be present, but defaults to
"text/plain" if not present. It must represent a MIME type that Introspection Document has the server supports. media-type 'application/
atomserv+xml', see Section 11

<?xml version="1.0" encoding='utf-8'?>
<service xmlns="http://purl.org/atom/app#">
<workspace title="Main Site" >
<collection contents="entries" title="My Blog Entries"
href="http://example.org/reilly/feed" />
<collection contents="generic" title="Documents"
href="http://example.org/reilly/pic" />
</workspace>
<workspace title="Side Bar Blog">
<collection contents="entries" title="Entries"
href="http://example.org/reilly/feed" />
<collection contents="http://example.net/booklist" title="Books"
href="http://example.org/reilly/books" />
</workspace>
</service>

8.1.1 Element Definitions

8.1.1.1 The MODE attribute may be present and
defaults to "xml" if not present. It must be "xml","base64", or
"escaped".
FeedURI MAY be present.
EditURI
GET MAY be present.
PUT MAY be present. 'app:service' Element

The "service" element may be empty, to explicitly
indicate "no content".

3.5.6 issued

PostURI MUST be present, but may be empty, in which case it signifies
"now" in is the time zone document element of the server.
FeedURI MUST be present.
EditURI
GET MUST be present.
PUT MUST be present. Server policy determines if an updated time
is accepted.

3.5.7 modified

PostURI MUST NOT be present.
FeedURI MAY be present.
EditURI
GET MAY be present.
PUT a Service Document,
acting as a container for service data associated with one or more
workspaces.

appService element app:service {
( appWorkspace*
& anyElement* )
}

The following child elements are defined by this specification:

o app:service elements MAY be present. contain any number of app:workspace
elements.

8.1.1.2 The 'app:workspace' Element

The 'workspace' element may be empty, to explicitly
indicate that 'now' on element contains information elements about
the server time is to be used.

3.5.8 created

PostURI MAY be present.

FeedURI MAY be present.
EditURI
GET MAY be present.
PUT MAY be present. collections of resources available for editing.

appWorkspace element app:workspace {
attribute title { text },
( appCollection*
& anyElement* )
}

The server may or may not accept an updated
value. If the server does not allow updating following attributes and child elements are defined by this
specification:

o app:workspace elements MUST contain a 'title' attribute, which
conveys a human-readable name for the issued time
then workspace

o app:workspace elements MAY contain any PUT request with number of app:collection
elements.

8.1.1.3 The 'app:collection' Element

The 'app:collection' element describes collections and their member
resources.

[[anchor19: We have a collection element that's different issued value than the
root element of the collection document. Messy. --R. Sayre]]

appCollection element app:collection {
attribute title { text },
attribute contents { text },
attribute href { text },
anyElement*
}

The following attributes are defined by this specification:

o app:collection elements MUST be
rejected.

3.5.9 author

PostURI contain a 'title' attribute, whose
value conveys a human-readable name for the workspace

o app:collection elements MAY be present. contain a 'contents' attribute
(Section 8.1.1.3.1). If it is not present, the server determines the
author. If present, and conflicting with valid values as
determined by the server, then the server may change the it's value of
author.
FeedURI MAY be present.
EditURI
GET MAY be present.
PUT MAY be present.

3.5.10 contributor

PostURI MAY be present.
FeedURI MAY be present.
EditURI
GET MAY be present.
PUT MAY is
considered to be present.

3.5.11 generator

PostURI 'generic'.

o app:collection elements MUST be present and contain a URI. an 'href' attribute, whose
value conveys the URI of the collection.

8.1.1.3.1 The 'contents' Attribute

The 'contents' attribute conveys the nature of a collection's member
resources. This specification defines two initial values for the
'contents' attribute:

o entry

o generic

Extensibility for 'content' values is handled [[anchor20: Same as
atom:link]].

8.1.1.3.1.1 entry

A value of 'entry' for the element contents attribute indicates that the code base used to create this request. MUST also
have
Collection is an Entry Collection (Section 6).

8.1.1.3.1.2 generic

A value of 'generic' for the contents attribute 'version' with indicates that the
Collection is a Generic Collection (Section 7).

8.2 Introspection Resource

To retrieve an Introspection Document, the client sends a version number.
FeedURI MUST NOT be present.
EditURI GET MUST NOT be present.
PUT MUST NOT be present.

3.6 request
to its URI.

GET /service-desc HTTP/1.1
Host: example.org
User-Agent: Cosimo/1.0
Accept: application/atomserv+xml

The server responds to a GET request by returning an Introspection
Document in the message body.

HTTP/1.1 200 OK
Date: Mon, 21 Mar 2005 19:20:19 GMT
Server: CountBasic/2.0
Last-Modified: Mon, 21 Mar 2005 19:17:26 GMT
ETag: "4c083-268-423f1dc6"
Content-Length: nnnn
Content-Type: application/atomserv+xml

<?xml version="1.0" encoding='utf-8'?>
<service xmlns="http://purl.org/atom/app#">
...
</service>

8.2.1 Discovery

[[anchor24: Add in desc of an HTML link element that points to the
Introspection Resource, or add it to the autodisco draft]]

9. Securing the Atom Protocol

All instances of publishing Atom entries SHOULD be protected by
authentication to prevent posting or editing by unknown sources.
Atom servers and clients MUST support one of the following
authentication mechanisms, and SHOULD support both.

o HTTP Digest Authentication [RFC2617]

o [@@TBD@@ CGI Authentication ref]

Atom servers and clients MAY support encryption of the Atom session
using TLS [RFC2246].

There are cases where an authentication mechanism may not be
required, such as a publicly editable Wiki, or when using the PostURI
to post comments to a site that does not require authentication to
create comments.

3.6.1

9.1 [@@TBD@@ CGI Authentication]

This authentication method is included as part of the protocol to
allow Atom servers and clients that cannot use HTTP Digest
Authentication but where the user can both insert its own HTTP
headers and create a CGI program to authenticate entries to the
server. This scenario is common in environments where the user
cannot control what services the server employs, but the user can
write their own HTTP services.

10. Security Considerations

Because Atom is a publishing protocol, it is important that only
authorized users can create and edit entries.

The security of Atom is based on HTTP Digest Authentication and/or
[@@TBD@@ CGI Authentication]. Any weaknesses in either of these
authentication schemes will obviously affect the security of the Atom
Publishing Protocol.

Both HTTP Digest Authentication and [@@TBD@@ CGI Authentication] are
susceptible to dictionary-based attacks on the shared secret. If the
shared secret is a password (instead of a random string with
sufficient entropy), an attacker can determine the secret by
exhaustively comparing the authenticating string with hashed results
of the public string and dictionary entries.

See RFC 2617 for more detailed description of the security properties
of HTTP Digest Authentication.

@@TBD@@ Talk here about using HTTP basic and digest authentication.

@@TBD@@ Talk here about denial of service attacks using large XML
files, or the billion laughs DTD attack.

11. IANA Considerations

This document has no actions for IANA.

6. Appendix

A - SOAP Enabling

All servers SHOULD support Atom Collection Document, when serialized as XML 1.0, can be
identified with the following alternate interface
mechanisms media type:

MIME media type name: application

MIME subtype name: atomcoll+xml

Mandatory parameters: None.

Optional parameters:

"charset": This parameter has identical semantics to enable a wider variety the charset
parameter of clients to interact with Atom
Publishing Protocol servers. The following requirements are the "application/xml" media type as specified in
addition
[RFC3023].

Encoding considerations: Identical to the ones listed those of "application/xml" as
described in [RFC3023], section 3.2.

Security considerations: As defined in this specification.
[[anchor28: update upon publication]]

In addition, as this media type uses the Functional Specification Section.
If a server supports SOAP Enabling then "+xml" convention, it MUST support all of
shares the
following.

6.1 Servers

1. All servers MUST support same security considerations as described in [RFC3023],
section 10.

Interoperability considerations: There are no known interoperability
issues.

Published specification: This specification. [[anchor29: update upon
publication]]

Applications that use this media type: No known applications
currently use this media type.

Additional information:

Magic number(s): As specified for "application/xml" in [RFC3023],
section 3.2.

File extension: .atomcoll

Fragment identifiers: As specified for "application/xml" in
[RFC3023], section 5.

Base URI: As specified in [RFC3023], section 6.

Macintosh File Type code: TEXT

Person and email address to contact for further information: Joe
Gregorio <joe@bitworking.org>

Intended usage: COMMON

Author/Change controller: IESG

An Atom Introspection Document, when serialized as XML 1.0, can be
identified with the following media type:

MIME media type name: application

MIME subtype name: atomserv+xml

Mandatory parameters: None.

Optional parameters:

"charset": This parameter has identical semantics to the limited use charset
parameter of the SOAPAction HTTP
Header "application/xml" media type as described below specified in the Client section.
2. All servers MUST be able to process well formed XML. Servers
need not be able
[RFC3023].

Encoding considerations: Identical to handle processing instructions or DTDs.
3. Servers MUST accept content in a SOAP Envelope, and if they
receive a request that is wrapped those of "application/xml" as
described in a SOAP Envelope then they
MUST wrap their responses [RFC3023], section 3.2.

Security considerations: As defined in SOAP envelopes or produce a SOAP
Fault.

6.2 Clients

1. Clients SHOULD use the appropriate HTTP Method when possible.
When not possible, they should use POST and include a SOAPAction
HTTP header which is constrained this specification.
[[anchor30: update upon publication]]

In addition, as follows:
2. SOAPAction: "http://schemas.xmlsoap.org/wsdl/http/[METHOD]"
3. Where [METHOD] is replaced by this media type uses the desired HTTP Method.
4. Clients MAY wrap their XML payload in a SOAP Envelope. If so,
they must also wrap "+xml" convention, it in an element which exactly matches
shares the
HTTP Method.

7. Appendix B - Examples

7.1 Example for a weblog

Fill same security considerations as described in [RFC3023],
section 10.

Interoperability considerations: There are no known interoperability
issues.

Published specification: This specification. [[anchor31: update upon
publication]]

Applications that use this media type: No known applications
currently use this media type.

Additional information:

Magic number(s): As specified for "application/xml" in with an example [RFC3023],
section 3.2.

File extension: .atomsrv

Fragment identifiers: As specified for how all the above is used "application/xml" in
[RFC3023], section 5.

Base URI: As specified in [RFC3023], section 6.

Macintosh File Type code: TEXT

Person and email address to contact for a
weblog. Start with main HTML page, link tag of type service.feed further information: Joe
Gregorio <joe@bitworking.org>

Intended usage: COMMON

Author/Change controller: This specification's author(s). [[anchor32:
update upon publication]]

12. References

12.1 Normative References

[AtomFormat]
Nottingham, M. and R. Sayre, "The Atom Syndication
Format", work-in-progress, April 2005.

[RFC2119] Bradner, S., "Key words for use in RFCs to
the 'introspection' file. 1. Creating a new entry 2. Finding an
old entry 3. editing an old entry 4. commenting Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2246] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
RFC 2246, January 1999.

[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

[RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
Leach, P., Luotonen, A., and L. Stewart, "HTTP
Authentication: Basic and Digest Access Authentication",
RFC 2617, June 1999.

[RFC3023] Murata, M., St. Laurent, S., and D. Kohn, "XML Media
Types", RFC 3023, January 2001.

[RFC3339] Klyne, G. and C. Newman, "Date and Time on a entry (via
HTML the Internet:
Timestamps", RFC 3339, July 2002.

[RFC3986] Berners-Lee, T., Fielding, R., and Atom)

7.2 Example for a wiki

Fill this in like above but for a wiki.

8. L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, January 2005.

[RFC3987] Duerst, M. and M. Suignard, "Internationalized Resource
Identifiers (IRIs)", RFC 3987, January 2005.

[W3C.REC-soap12-part1-20030624]
Nielsen, H., Mendelsohn, N., Gudgin, M., Hadley, M., and
J. Moreau, "SOAP Version 1.2 Part 1: Messaging Framework",
W3C REC REC-soap12-part1-20030624, June 2003.

[W3C.REC-soap12-part2-20030624]
Nielsen, H., Hadley, M., Moreau, J., Mendelsohn, N., and
M. Gudgin, "SOAP Version 1.2 Part 2: Adjuncts", W3C
REC REC-soap12-part2-20030624, June 2003.

[W3C.REC-xml-20040204]
Yergeau, F., Paoli, J., Sperberg-McQueen, C., Bray, T.,
and E. Maler, "Extensible Markup Language (XML) 1.0 (Third
Edition)", W3C REC REC-xml-20040204, February 2004.

12.2 Informative References

[W3C.REC-webarch-20041215]
Walsh, N. and I. Jacobs, "Architecture of the World Wide
Web, Volume One", W3C REC REC-webarch-20041215,
December 2004.

URIs

[1] <http://www.imc.org/atom-protocol/index.html>

Authors' Addresses

Joe Gregorio (editor)
BitWorking, Inc
1002 Heathwood Dairy Rd.
Apex, NC 27502
US

Phone: +1 919 272 3764
Email: joe@bitworking.com
URI: http://bitworking.com/

Robert Sayre (editor)

Email: rfsayre@boswijck.com
URI: http://boswijck.com

Appendix A. Revision History

draft-ietf-atompub-protocol-04 - Add ladder diagrams, reorganize, add
SOAP interactions

draft-ietf-atompub-protocol-03 - Incorporates PaceSliceAndDice3 and
PaceIntrospection.

draft-ietf-atompub-protocol-02 - Incorporates Pace409Response,
PacePostLocationMust, and PaceSimpleResourcePosting.

draft-ietf-atompub-protocol-01 - Added in sections on Responses for
the EditURI. Allow 2xx for response to EditURI PUTs. Elided all
mentions of WSSE. Started adding in some normative references.
Added the section "Securing the Atom Protocol". Clarified that it is
possible that the PostURI and FeedURI could be the same URI. Cleaned
up descriptions for Response codes 400 and 500.

Rev draft-ietf-atompub-protocol-00 - 5Jul2004 - Renamed the file and
re-titled the document to conform to IETF submission guidelines.
Changed MIME type to match the one selected for the Atom format.
Numerous typographical fixes. We used to have two 'Introduction'
sections. One of them was moved into the Abstract the other absorbed
the Scope section. IPR and copyright notifications were added.

Rev 09 - 10Dec2003 - Added the section on SOAP enabled clients and
servers.

Rev 08 - 01Dec2003 - Refactored the specification, merging the
Introspection file into the feed format. Also dropped the
distinction between the type of URI used to create new entries and
the kind used to create comments. Dropped user preferences.

Rev 07 - 06Aug2003 - Removed the use of the RSD file for
auto-discovery. auto-
discovery. Changed copyright until a final standards body is chosen.
Changed query parameters for the search facet to all begin with atom-
to avoid name collisions. Updated all the Entries to follow the 0.2
version. Changed the format of the search results and template file
to a pure element based syntax.

Rev 06 - 24Jul2003 - Moved to PUT for updating Entries. Changed all
the mime-types to application/x.atom+xml. Added template editing.
Changed 'edit-entry' to 'create-entry' in the Introspection file to
more accurately reflect it's purpose.

Rev 05 - 17Jul2003 - Renamed everything Echo into Atom. Added
version numbers in the Revision history. Changed all the mime-types
to application/atom+xml.

Rev 04 - 15Jul2003 - Updated the RSD version used from 0.7 to 1.0.
Change the method of deleting an Entry from POSTing <delete/> to
using the HTTP DELETE verb. Also changed the query interface to GET
instead of POST. Moved Introspection Discovery to be up under
Introspection. Introduced the term 'facet' for the services listed
in the Introspection file.

Rev 03 - 10Jul2003 - Added a link to the Wiki near the front of the
document. Added a section on finding an Entry. Retrieving an Entry
now broken out into it's own section. Changed the HTTP status code
for a successful editing of an Entry to 205.

Rev 02 - 7Jul2003 - Entries are no longer returned from POSTs,
instead they are retrieved via GET. Cleaned up figure titles, as
they are rendered poorly in HTML. All content-types have been
changed to application/atom+xml.

Rev 01 - 5Jul2003 - Renamed from EchoAPI.html to follow the more
commonly used format: draft-gregorio-NN.html. Renamed all references
to URL to URI. Broke out introspection into it's own section. Added
the Revision History section. Added more to the warning that the
example URIs are not normative.

9. Normative References

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2246] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
RFC 2246, January 1999.

[RFC2396] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform
Resource Identifiers (URI): Generic Syntax", RFC 2396,
August 1998.

[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P. and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

[RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
Leach, P., Luotonen, A. and L. Stewart, "HTTP
Authentication: Basic and Digest Access Authentication",
RFC 2617, June 1999.

[1] <http://www.imc.org/atom-syntax/index.html>

Authors' Addresses

Joe Gregorio (editor)
BitWorking, Inc
1002 Heathwood Dairy Rd.
Apex, NC 27502
US

Phone: +1 919 272 3764
Email: joe@bitworking.com
URI: http://bitworking.com/

Robert Sayre (editor)
Boswijck Memex Consulting
148 N 9th St. 4R
Brooklyn, NY 11211
US

Email: rfsayre@boswijck.com
URI: http://boswijck.com

Intellectual Property Statement

The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.

Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.

The IETF has been notified of intellectual property rights claimed in
regard to some or all of the specification contained in this
document. For more information consult the online list of claimed
rights.

Disclaimer of Validity

This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.

Acknowledgment

Funding for the RFC Editor function is currently provided by the
Internet Society.