Network Working Group                                   J. Gregorio, Ed.
Internet-Draft                                           BitWorking, Inc
Expires: November 10, 2005                                 R. Sayre, April 14, 2006                                  B. de hOra, Ed.
                                                             May 9,
                                                           Propylon Ltd.
                                                        October 11, 2005

                      The Atom Publishing Protocol
                   draft-ietf-atompub-protocol-04.txt
                   draft-ietf-atompub-protocol-05.txt

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on November 10, 2005. April 14, 2006.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This memo presents a protocol for using XML (Extensible Markup
   Language) and HTTP (HyperText Transport Protocol) to edit content.

   The Atom Publishing Protocol (APP) is an application-level protocol
   for publishing and editing Web resources belonging to periodically
   updated websites. resources.  The protocol at its core
   is the HTTP transport of Atom-formatted representations.  The Atom
   format is documented in the Atom Syndication Format (draft-ietf-atompub-format-06.txt).
   (draft-ietf-atompub-format-11.txt).

Editorial Note

   To provide feedback on this Internet-Draft, join the atom-protocol
   mailing list (http://www.imc.org/atom-protocol/index.html) [1].

Table of Contents

   1.   Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3   4
   2.   XML Namespace and Language . . . . . . . . . . . . . . . . .   5
   3.   Notational Conventions . . . . . . . . . . . . . . . . . . . .  4
   3.   6
   4.   Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  5
   4.   7
   5.   The Atom Publishing Protocol Model . . . . . . . . . . . . . .  6
     4.1   8
     5.1  Collections  . . . . . . . . . . . . . . . . . . . . . . .  6
     4.2   Discovery   8
     5.2  Editable Resources . . . . . . . . . . . . . . . . . . . .   9
       5.2.1  Read . . . . . . .  6
     4.3   Listing . . . . . . . . . . . . . . . . . .  10
       5.2.2  Update . . . . . . .  7
     4.4   Authoring . . . . . . . . . . . . . . . . .  10
       5.2.3  Delete . . . . . . .  7
       4.4.1   Create . . . . . . . . . . . . . . . . .  10
     5.3  Capabilities Discovery . . . . . . .  7
       4.4.2   Read . . . . . . . . . . .  11
     5.4  Listing  . . . . . . . . . . . . . .  8
       4.4.3   Update . . . . . . . . . . .  11
     5.5  Success and Failure  . . . . . . . . . . . . .  8
       4.4.4   Delete . . . . . .  12
   6.   Atom Publishing Protocol Documents . . . . . . . . . . . . .  13
     6.1  Use of xml:base xml:lang . . . . .  8
     4.5   Success and Failure . . . . . . . . . . . .  13
     6.2  Collection Documents . . . . . . .  9
   5.  Collections . . . . . . . . . . . .  14
       6.2.1  Element Definitions  . . . . . . . . . . . . . . 10
     5.1   Collection Documents . . .  14
     6.3  Introspection Documents  . . . . . . . . . . . . . . . . 10
       5.1.1 .  16
       6.3.1  Element Definitions  . . . . . . . . . . . . . . . . . 10
     5.2   Collection  17
   7.   Introspection Resource . . . . . . . . . . . . . . . . . . . 12
       5.2.2   POST  20
     7.1  Discovery  . . . . . . . . . . . . . . . . . . . . . . . .  20
   8.   Collection Resources . 14
       5.2.3   Usage Scenarios . . . . . . . . . . . . . . . . . . . 15
       5.2.4   Range: Header  21
     8.1  GET  . . . . . . . . . . . . . . . . . . . . 16
       5.2.5   Accept-Ranges: Header . . . . . . .  21
     8.2  POST . . . . . . . . . 16
       5.2.6   Name: Header . . . . . . . . . . . . . . . . . .  21
     8.3  Title: Header  . . . . 17
   6.  Entry Collection . . . . . . . . . . . . . . . . . .  22
   9.   Entry Collections  . . . . . 18
     6.1 . . . . . . . . . . . . . . . .  23
     9.1  Editing Entry Resources  . . . . . . . . . . . . . . . . . 18
     6.2  23
     9.2  Role of Atom Entry Elements During Editing . . . . . . . . 18
   7.  23
   10.  Generic Collection . . Collections  . . . . . . . . . . . . . . . . . . . . 20
     7.1  25
     10.1   Editing Generic Resources  . . . . . . . . . . . . . . .  25
     10.2   Title: Header  . 20
   8.  Introspection . . . . . . . . . . . . . . . . . . . .  25
   11.  List Resources . . . . 21
     8.1   Introspection Document . . . . . . . . . . . . . . . . . . 21
       8.1.1   Element Definitions .  26
     11.1   URI Templates  . . . . . . . . . . . . . . . . 21
     8.2   Introspection Resource . . . . .  26
     11.2   URI Template Parameters  . . . . . . . . . . . . . 23
       8.2.1   Discovery . . .  27
       11.2.1   \{index\} URI template variable  . . . . . . . . . .  27
       11.2.2   \{daterange\} URI template variable  . . . . . . . .  27
       11.2.3   Other URI Template parameters  . 24
   9.  Securing the Atom Protocol . . . . . . . . . .  28
   12.  Atom Entry Extensions  . . . . . . . . 25
   10.   Security Considerations . . . . . . . . . . .  29
   13.  Securing the Atom Protocol . . . . . . . 26
   11.   IANA Considerations . . . . . . . . . .  30
   14.  Security Considerations  . . . . . . . . . . 27
   12.   References . . . . . . . .  31
   15.  IANA Considerations  . . . . . . . . . . . . . . . . . 30
     12.1  Normative References . . .  32
   16.  References . . . . . . . . . . . . . . . . 30
     12.2  Informative . . . . . . . . .  35
     16.1   Normative References . . . . . . . . . . . . . . . . . . 31  35
     16.2   Informative References . . . . . . . . . . . . . . . . .  36
        Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 32  37
   A.   Contributors . . . . . . . . . . . . . . . . . . . . . . . .  38
   B.   Revision History . . . . . . . . . . . . . . . . . . . . . . . 33  39
        Intellectual Property and Copyright Statements . . . . . . . . 35  41

1.  Introduction

   The Atom Publishing Protocol is an application-level protocol for
   publishing and editing Web resources using HTTP [RFC2616] and XML 1.0
   [W3C.REC-xml-20040204].

2.  XML Namespace and Language

   The XML Namespaces URI [W3C.REC-xml-names-19990114] for the XML data
   format described in this specification is: http://purl.org/atom/app#

   XML elements defined by this specification MAY have an xml:lang
   attribute, whose content indicates the natural language for the
   element (and its descendents).  The language context is only
   significant for elements and attributes declared to be "Language-
   Sensitive" by this specification.  Requirements regarding the content
   and interpretation of xml:lang are specified in [W3C.REC-xml-
   20040204], Section 2.12.

3.  Notational Conventions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

3.

   Some sections of this specification are illustrated with fragments of
   a non-normative RELAX NG Compact schema [RNC].  However, the text of
   this specification provides the definition of conformance.

   This specification uses the namespace prefix "app:" for the Namespace
   URI identified in Section 2 above.  It uses the namespace prefix
   "atom:" for the Namespace URI identified in [AtomFormat].  Note that
   choices of namespace prefix are arbitrary and not semantically
   significant.

4.  Terminology

   For convenience, this protocol may be referred to as "Atom Protocol"
   or "APP".  This specification uses both internally.

   URI/IRI - A Uniform Resource Identifier and Internationalized
   Resource Identifier, respectively.  These terms (and the distinction
   between them) are defined in [RFC3986] and [RFC3987].

   Resource - an item identified by a URI [W3C.REC-webarch-20041215].

   Collection Resource -  A resource network data object or service that contains can be identified
   by a listing of Member
   Resources and meets the requirements URI, as defined in Section 5 of this
   specification.

   Member Resource [RFC2616].

   Representation - A resource whose URI is listed by  An entity included with a Collection
   Resource.

4. request or response as
   defined in [RFC2616].

5.  The Atom Publishing Protocol Model

   The Atom Publishing Protocol is a subset of HTTP that is used to edit
   resources on the web.  The APP operates on collections of Web
   resources.  All collections support the same basic interactions,  Collections are HTTP resources, as
   do are the members of the
   collection.  Both Collections and collection member resources within support
   the collections. same basic interactions.  The patterns of interaction are based
   on the common HTTP verbs.

   o  GET is used to retrieve a representation of a resource or perform
      a read-only query.

   o  POST is used to create a new, dynamically-named resource. resource, or to
      provide a block of data to a data-handling process.

   o  PUT is used to update a known resource.

   o  DELETE is used to remove a resource.

4.1

5.1  Collections

   The APP groups resources into "Collections", which are analogous to
   the "folders"
   folders or "directories" directories found in many a file systems.

4.2  Discovery

   To discover the location of the collections exposed by an APP
   service, system.  In the client must locate and request an Introspection Document
   (Section 8).

   Client                      Server figure we have
   member resources in a collection.

          +-------------------------+
          | Collection              |
          |  1.) GET Introspection                         |
   |------------------------------->|
          |  +----------------+     |
          |  2.) Introspection Doc  |
   |<-------------------------------| Member_A       |     |

   1.  The client sends
          |  +----------------+     |
          |                         |
          |  +----------------+     |
          |  | Member_B       |     |
          |  +----------------+     |
          |                         |
          |  +----------------+     |
          |  | Member_C       |     |
          |  +----------------+     |
          |                         |
          |  ...                    |
          |                         |
          |  +----------------+     |
          |  | Member_Oldest  |     |
          |  +----------------+     |
          |                         |
          +-------------------------+
   To add a GET request new member to the Service Description
       Resource.

   2.  The server responds with a collection an Introspection Document containing appropriate representation is
   POSTed to the
       locations URI of collections provided by the service.  The content of
       this document can vary based on aspects of collection resource.  Here we show it being
   added to the client request,
       including, but not limited to, authentication credentials.

4.3  Listing

   Once beginnng of the client has discovered list.  The ordering of the location members of a collection, it can
   request a listing
   collections is in terms of the collection's membership.  However,
   collections might be extremely large, so servers are likely to list a
   small subset time at which each resource was last
   updated, which includes the act of creating the resource.  The
   ordering of collection by default.

   Client                      Server members is covered in more detail in Section 8
   and Section 11.

          +-------------------------+
          | Collection              |
          |  1.) GET to Collection URI                         |
   |------------------------------->|
    POST  |  +----------------+     |
   --------->| Member_New     |  2.) 200 OK, Atom Feed Doc     |
   |<-------------------------------|
          |  +----------------+     |

   1.  The client sends a GET request to the Collection's URI.

   2.  The server responds with an Atom Feed Document containing a full
       or partial listing of the collection's membership.

4.4  Authoring

   After locating a collection, a client can add entries by sending a
   request to the collection; other changes are accomplished by sending
   HTTP requests to its member resources.

4.4.1  Create

   Client                      Server
          |                         |
          |  1.) POST to Collection URI  +----------------+     |
   |------------------------------->|
          |  | Member_A       |  2.) 201 Created @ Location     |
   |<-------------------------------|
          |  +----------------+     |

   1.  The client sends a representation
          |                         |
          |  +----------------+     |
          |  | Member_B       |     |
          |  +----------------+     |
          |                         |
          |  +----------------+     |
          |  | Member_C       |     |
          |  +----------------+     |
          |                         |
          |  ...                    |
          |                         |
          |  +----------------+     |
          |  | Member_Oldest  |     |
          |  +----------------+     |
          |                         |
          +-------------------------+

   You'll note that up until now we haven't said what kinds of
   representations we are expecting at each of a member to the server via
       HTTP POST.  The Request URI is that resources.  There are
   two kinds of collections, Entry and Generic.  In Entry Collections
   all the Collection.

   2. members MUST have representations as Atom Entries.  For
   further restrictions on Entry Collection see Section 9 The server responds with other type
   of collection is a response Generic Collection.  Generic Collections make no
   restriction on the representations of their member resources.

5.2  Editable Resources

   All the members of "201 Created" a collection are Editable Resources.  An Editable
   resource is a resource whose available HTTP methods can be used to
   retrieve, update and delete it.

5.2.1  Read

   To retrieve a
       "Location" header containing representation of the resource, you send a GET to the
   URI of the newly-created
       resource.

4.4.2  Read Editable Resource.  Remember that for members of Entry
   Collections, the served representation will be an Atom Entry.

   Client                                   Server
     |                                           |
     |  1.) GET or HEAD to Member Editable Resource URI         |
   |------------------------------->|
     |------------------------------------------>|
     |                                           |
     |  2.) 200 OK                               |
   |<-------------------------------|
     |<------------------------------------------|
     |                                           |

   1.  The client sends a GET (or HEAD) request to the member's URI.

   2.  The server responds with an appropriate representation.

4.4.3 the representation of the resource.

5.2.2  Update

   To update an Editable Resource the client will PUT an updated
   representation to the URI of the resource.

   Client                                     Server
     |                                           |
     |  1.) PUT to Member Editable Resource URI         |
   |------------------------------->|
     |------------------------------------------>|
     |                                           |
     |  2.) 200 OK                               |
   |<-------------------------------|
     |<------------------------------------------|

   1.  The client PUTs an updated representation to the member's URI.

   2.  The server responds MAY respond with a an updated representation of the
       member's new state.

4.4.4

5.2.3  Delete

   Client                      Server
   |                                |

   An Editable Resource is deleted by sending it DELETE.  Note that this
   also removes it from all the collections that it belonged to.

   Client                                     Server
     |                                           |
     |  1.) DELETE to Member Editable Resource URI      |
   |------------------------------->|
     |------------------------------------------>|
     |                                           |
     |  2.) 204 No Content 200 Ok                               |
   |<-------------------------------|
     |<------------------------------------------|
     |                                           |

   1.  The client sends a DELETE request to the member's URI.

   2.  The server responds with successful status code.

4.5  Success

5.3  Capabilities Discovery

   Each collection resource responds to GET and Failure

   HTTP defines classes of response.  HTTP status codes of the form 2xx
   signal that can return a request was successful.  HTTP status codes of the form
   4xx or 5xx signal that an error has occurred, and the request has
   failed.  Consult Collection
   Document as it's representation.  The Collection Document enumerates
   the HTTP specification for more detailed definitions capabilities of each status code.

5.  Collections

   An Atom Collection is a set of related resources.  All members of a collection have an "updated" property, and the collection format is
   considered described in
   Section 6.2.

   Client                         Server
     |                                |
     |  1.) GET to be ordered by this property.

5.1  Collection Documents

   An example Collection Document.

   <?xml version="1.0" encoding='utf-8'?>
   <collection xmlns="http://purl.org/atom/app#">
     <member href="http://example.org/1"
             hrefreadonly="http://example.com/1/bar"
             title="Sample 1"
             updated="2003-12-13T18:30:02Z" />
     <member href="http://example.org/2"
             hrefreadonly="http://example.com/2/bar"
             title="Sample 2"
             updated="2003-12-13T18:30:02Z" />
     <member href="http://example.org/3"
             hrefreadonly="http://example.com/3/bar"
             title="Sample 3"
             updated="2003-12-13T18:30:02Z" />
     <member href="http://example.org/4"
             title="Sample 4"
             updated="2003-12-13T18:30:02Z" />
   </collection>

   Atom         |
     |------------------------------->|
     |                                |
     |  2.) Collection Documents have the media-type 'application/
   atomcoll+xml', see Section 11.

5.1.1  Element Definitions

5.1.1.1 Document       |
     |<-------------------------------|
     |                                |

   1.  The 'app:collection' Element client sends a GET request to the Collection Resource.

   2.  The 'app:collection' element represents an Atom Collection.  A
   collection document does not necessarily list every member server responds with a Collection Document containing a
       description of the
   collection.

   appCollection       element app:collection {
         attribute next { text } ?,
         appMember*
      }
   o  'app:collection' elements MAY contain any number capabilities of 'app:member'
      elements.

   o  'app:collection' elements MAY contain a 'next' attribute which
      identifies a collection document containing member elements
      updated earlier in time. the collection.  The members listed in a collection content
       of this document MUST constitute a
   consecutive sequence can vary based on aspects of the collection's members, ordered by their
   "updated" properties.  That is, a collection document MUST contain client request,
       including, but not limited to, authentication credentials.

5.4  Listing

   Clients can request a
   contiguous subset listing of the Collection's membership.
   Listing the Editable Resources that are members of the a collection ordered by their
   'updated' property.

5.1.1.2  The 'app:member' Element is
   done using one of the List Resources in the Introspection Document,
   utilizing the 'app:uri-template' element.  The 'app:member' represents a single List Resource returns
   Atom Feed Documents with one Atom Entry for each member resource.

   appMember       element app:member {
         attribute title { text },
         attribute href { text },
         attribute hrefreadonly { text } ?,
         attribute updated { text }
      }

   o  'app:member' elements MUST include an 'href' attribute, whose
      value conveys resource that
   match the URI used to edit selection criteria.  This is true whether the member source

   o  'app:member' elements MAY include an "hrefreadonly
      (Section 5.1.1.3)" attribute.

   o  'app:member' elements MUST include a 'title' attribute, whose
      value collection is a human-readable name
   an Entry Collection or description for the item.

   o  'app:member' elements MUST include a Generic Collection.  If an 'updated' attribute, whose
      value Entry Collection
   is being interrogated, the 'updated' property of the collection member.  Its
      format MUST conform to the date-time production in [RFC3339].

5.1.1.3  The 'hrefreadonly' Attribute

   This optional attribute identifies a URI which, on entries returned by a GET request,
   responds equivalently to how the "href" URI would respond to the same
   request.  Clients list resource SHOULD
   NOT apply to this URI any HTTP methods that
   would be expected to modify the state considered complete representations of the resource (e.g.  PUT,
   POST or DELETE).  A PUT or POST request to this URI MAY NOT affect
   the underlying resource.  If the "hrefreadonly" attribute is not
   given, its value defaults to the "href" value.  If member
   resources.  See Section 11 and Section 12 for more details on the "hrefreadonly"
   attribute is present,
   extensions and its value is an empty string, then there is
   no URI that can be treated in constraints found on the way such entries returned from List
   Resources.

   Client                          Server
     |                                |
     |  1.) GET to List Resource      |
     |------------------------------->|
     |                                |
     |  2.) 200 OK, Atom Feed Doc     |
     |<-------------------------------|
     |                                |

   1.  The client sends a value would be treated.

   Clients SHOULD use the "href" value GET request to manipulate the resource within
   the context of the APP itself.  Clients SHOULD prefer the
   "hrefreadonly" value in any other context.  For example, if the
   resource is Collection's URI.

   2.  The server responds with an image, a client may replace the image data using Atom Feed Document containing a PUT
   on full
       or partial listing of the "href" value, Collection's membership.

5.5  Success and may even display a preview Failure

   HTTP defines different classes of the image response, which are used by
   fetching the "href" URI.  But when creating a public, read-only
   reference to the same image resource, the client should use
   Atom Protocol.  HTTP status codes of the
   "hrefreadonly" value.  If form 2xx signal that a
   request was successful.  HTTP status codes of the "hrefreadonly" value is form 4xx or 5xx
   signal that an empty
   string, error has occurred, and the client SHOULD NOT make public reference to request has failed.
   Consult the "href"
   value.

   [[anchor10: Define extensibility HTTP specification [RFC2616] for Collection Documents.]]

5.2  Collection Resource more detailed
   definitions of each status code.

6.  Atom Publishing Protocol Documents

   This specification defines describes two HTTP methods for use with collection
   resources: GET and POST.

5.2.1  GET

   Collections can contain extremely large numbers kinds of resources.  A
   naive client such as a web spider or web browser would be overwhelmed
   if the response to Atom Publishing Protocol
   Documents: Atom Collections Documents and Atom Introspection
   Documents.

   An Atom Collection Document is a GET reflected the full membership representation of an Atom
   collection, including metadata about the collection, and some or all
   of the server would waste large amounts of bandwidth and
   processing time on clients unable to handle members associated with it.  Its root is the response.  As a
   result, responses to a simple GET request represent a server-
   determined subset app:collection
   element.

   An Atom Introspection Document represents one or more workspaces,
   which describe server-defined groupings of collections.  Its root is
   the collection's membership.

   In addition, the client MAY send a 'Range' header with a range type app:service element.

   namespace app = "..." start = appCollection | appIntrospection

   Both kinds of 'udpated', indicating the subset Atom Publishing Protocol Documents are specified in
   terms of the collection to XML Information Set, serialised as XML 1.0 ([W3C.REC-
   xml-20040204]).  Atom Publishing Protocol Documents MUST be returned.
   The 'Range' header is described in Section 5.2.4. well-
   formed XML.  This specification defines two serializations does not define a DTD for Atom Collections.
   Servers MUST provide both, but MAY also provide additional
   serializations.

   1.
   Protocol, and hence does not require them to be valid (in the sense
   used by XML).

   Atom Collection Documents (application/atomcoll+xml),
       Section 5.1.

   2. are identified with the "application/
   atomcoll+xml" media type.

   Atom Collection Introspection Documents wrapped by a SOAP envelope
       (application/soap+xml), .

   Clients use the HTTP 'Accept' request header to indicate their
   preference.

   Example Request, are identified with Accept header

   GET /collection HTTP/1.1
   Host: example.org
   User-Agent: Agent/1.0
   Accept: application/atomcoll+xml

   Here, the server could return any subset of "application/
   atomserv+xml" media type.

   Atom allows the collection use of IRIs [RFC3987], as well as URIs [RFC3986].
   Every URI is an Atom
   Collection Document.

   Example Response, Atom Collection Document

   HTTP/1.1 200 OK
   Date: Fri, 25 Mar 2005 17:15:33 GMT
   Last-Modified: Mon, 04 Oct 2004 18:31:45 GMT
   ETag: "2b3f6-a4-5b572640"
   Accept-Ranges: updated
   Content-Length: nnnn
   Content-Type: application/atomcoll+xml; charset="utf-8"

   <?xml version="1.0" encoding="utf-8"?>
   <collection xmlns="http://purl.org/atom/app#">
   ...
     <member href="http://example.org/1"
             hrefreadonly="http://example.com/1/bar"
             title="Example 1"
             updated="2003-12-13T18:30:02Z" />
   ...
   </collection>

   Example Request, with SOAP Accept header

   GET /collection HTTP/1.1
   Host: example.org
   User-Agent: Cosimo/1.0
   Accept: application/soap+xml

   Here, the server could return IRI, so any subset URI can be used where an IRI is needed.
   While IRIs must, for many protocols, be mapped to URIs prior to
   dereferencing, they MUST NOT be so mapped for comparison when used in
   atom:id.  Section 3.1 of the collection as [RFC3987] describes how to map an Atom
   Feed Document wrapped by a SOAP envelope.

   Example Response, Atom Feed Document wrapped by IRI to a SOAP envelope

   HTTP/1.1 200 OK
   Date: Fri, 25 Mar 2005 17:15:33 GMT
   Last-Modified: Mon, 04 Oct 2004 18:31:45 GMT
   ETag: "2b3f6-a4-5b572640-89"
   Accept-Ranges: bytes
   Content-Length: nnnn
   Content-Type: application/soap+xml; charset="utf-8"

   <?xml version="1.0" encoding="utf-8"?>
   <env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">
      <env:Header />
      <env:Body>
         <collection xmlns="http://purl.org/atom/app#">
         ...
         <member href="http://example.org/1"
                 hrefreadonly="http://example.com/1/bar"
                 title="Example 1"
                 updated="2003-12-13T18:30:02Z" />
         ...
         </collection>
      </env:Body>
   </env:Envelope>

5.2.2  POST

   In addition to GET, a Collection Resource also accepts POST requests.
   The client POSTs a representation of the desired resource to the
   Collection Resource.  Note that some collections only allow members
   URI when necessary.

6.1  Use of a specific media-type and a POST xml:base xml:lang

   Any element defined by this specification MAY generate a response with a
   status code of 415 ("Unsupported Media Type").

   In have an xml:base
   attribute [W3C.REC-xmlbase-20010627].  When xml:base is used in an
   Atom Publishing Protocol Document, it serves the case function described
   in section 5.1.1 of a successful creation, [RFC3986], establishing the status code MUST be 201
   ("Created").

   Example Request, Create a resource in a collection.

   POST /collection HTTP/1.1
   Host: example.org
   User-Agent: Cosimo/1.0
   Accept: application/atomcoll+xml
   Content-Type: image/png
   Content-Length: nnnn
   Name: trip-to-beach.png

   ...binary data...

   Here, base URI (or IRI) for
   resolving any relative references found within the client is adding a new image resource to a collection.  The
   Name: header effective scope of
   the xml:base attribute.

   Any element defined by this specification MAY have an xml:lang
   attribute, whose content indicates the client's desired name natural language for the resource,
   see Section 5.2.6.

   Example Response, resource created successfully.

   HTTP/1.1 201 Created
   Date: Fri, 25 Mar 2005 17:17:11 GMT
   Content-Length: nnnn
   Content-Type: application/atomcoll+xml; charset="utf-8"
   Location: http://example.org/images/trip-to-the-beach-01.png

   <?xml version="1.0" encoding="UTF-8"?>
   <collection xmlns="http://purl.org/atom/app#">
       <member href="http://example.org/images/trip-to-beach.png"
           hrefreadonly="http://example.com/ed/im/trip-01.png"
           title="trip-to-beach.png"
           updated="2005-03-25T17:17:09Z" />
   </collection>

5.2.3  Usage Scenarios

   These scenarios illustrate common idioms for interactin with
   Collections.
   element and its descendents.  The Atom Collection can language context is only
   significant for elements and attributes declared to be used "Language-
   Sensitive" by clients in two ways.  In the first
   case the client encounters a Collection for this specification.  Requirements regarding the first time content
   and is
   doing an initial syncronization, that is, retrieving a list interpretation of all xml:lang are specified in XML 1.0 ([W3C.REC-
   xml-20040204]), Section 2.12.

    appCommonAttributes =
         attribute xml:base { atomUri }?,
         attribute xml:lang { atomLanguageTag }?,
        undefinedAttribute*

6.2  Collection Documents

   The Collection Document describes the members capabilities of a Collection,
   the collections and possibly retrieving all the
   members types of Entries that it will support, the collection also. URI Templates it
   supports.

   The client can perform a non-partial
   GET on Collection Document has the collection resource media-type 'application/atomcoll+xml'
   (see Section 15).

   Here's an example document:

   <?xml version="1.0" encoding='utf-8'?>
   <app:collection xmlns:app="http://purl.org/atom/app#">
     <app:member-type>entry</pub:member-type>
     <app:uri-template>http://example.org/{index}</pub:uri-template>
     <app:uri-template>http://example.org/{daterange}</pub:uri-template>
   </app:collection>

   This example says the Collection contains Atom Entry documents, and it will receive a collection
   document
   that either contains all the members there are two means of selecting entries using what are called
   'URI Templates'; one based on the collection, or collection's order, and another
   based on dates.  See Section 11.1 for more about URI Templates.

6.2.1  Element Definitions

6.2.1.1  The 'app:collection' Element

   The app:collection is the collection document root element 'collection' will contain of a
   'next' attribute pointing to the next collection document.  By
   repeatedly following the 'next' attribute from document to document
   the client can find all Collection Document.

   appCollection =
      element app:collection {
         appCommonAttributes,
         ( appMemberType+
           appSearchTemplate
           & anyElement* )
      }

   This specification defines two child elements for app:collection:

   o  app:member-type: any number of elements listing the members types of
      Entries that the collection.

   In Collection may contain.

   o  app:uri-template: any number of URI Templates for a List Resource
      (See Section 11).

6.2.1.2  The 'app:member-type' Element

   The app:member-type element contains information elements about the second case
   types of Entries that the client has already done Collection may contain.

   appMember =
      element app:member-type {
            appCommonAttributes,
            appTypeValue
      }

   The element content of an initial sync, app:member-type MUST be a string that is
   non-empty, and
   now needs to re-sync, because matches either the client was just restarted, "isegment-nz-nc" or some
   time has passed since the "IRI"
   production in [RFC3987].  Note that use of a re-sync, etc.  The client does relative reference other
   than a partial GET
   on the collection document, supplying simple name is not allowed.  If a Range header that begins from
   the last time name is given,
   implementations MUST consider the client sync'd link relation type to be equivalent
   to the current time.  The collection
   document returned will contain only those members same name registered within the IANA Registry of Member Types
   (Section 15), and thus the collection IRI that have changed since would be obtained by appending
   the last time value of the client syncronized.

5.2.4  Range: Header

   HTTP/1.1 allows a client to request that only part (a range of) the
   collection to be included within the response.  HTTP/1.1 uses range
   units in the Range header field.  A collection can be broken down
   into subranges according to the members 'updated' property.  If a
   Range: header is present in the request, its value explictly
   identifies the a time interval interval in which all the members
   'updated' property must fall rel attribute to be included in the response.

      Range = "Range" ":" ranges-specifier string
   "http://www.iana.org/assignments/entrytype/".

   The value content of an app:member-type specifies constraints on the Range: header should be a pair of ISO 8601 dates,
   separated by a slash character; either date
   Entries that may be optionally
   omitted, appear in which case the range is understood as stretching to
   infinity on that end.

      ranges-specifier = updated-ranges-specifier
      updated-ranges-specifier = updated-unit "=" updated-range
      updated-unit = "updated"
      updated-range = [iso-date] "/" [iso-date] Collection.  The response app:collection
   element MAY have multiple app:member-type elements.  An Entry POSTed
   to a collection request Collection MUST be a collection document,
   all of whose 'member' elements fall within meet the requested range.  The
   request range is considered a closed set, that is, if a 'member'
   element matches constraints of at least one end of the range exactly it MUST be included in app:
   member-type constraints.  It MAY meet more than one, but the response.  If no members fall minimum
   requirement is at least one.

   This specification defines two initial values for app:member-type
   IANA registry:

   o  "entry" - The Collection is an Entry Collection as defined in the requested range, the server
   MUST respond with
      Section 9.

   o  "generic" - The Collection is a collection document containing no 'member'
   elements. Generic Collection as defined in
      Section 10.

6.2.1.3  The inclusion 'app:uri-template' Element

   The element content of the Range: header in an app:uri-template is a request changes the request
   to URI Template for a "partial GET" [RFC2616].

5.2.5  Accept-Ranges: Header

   The response to
   List Resource (See Section 11).  Every List resource, whose URI is
   determined by filling in the parameters in a non-partial GET request URI Template, MUST include
   return an Accept-
   Ranges header that indicates that the server accepts 'updated' range
   requests.

     Accept-Ranges     = "Accept-Ranges" ":" acceptable-ranges
     acceptable-ranges = updated-unit ( 1#range-unit )

5.2.6  Name: Header

   [[anchor13: this is new...]]

   The POST to a Collection Resource MAY Atom feed document as its representation.  This Atom feed
   document MUST NOT contain a Name: header that
   indicates entries which do not match the clients suggested name selection
   criteria.

6.3  Introspection Documents

   In order for authoring to commence, a client must first discover the resource.
   capabilities and locations of collections offered.

   The server
   MAY ignore the Name: header or modify Introspection Document describes "workspaces", which are server-
   defined groupings of collections.  There is no requirement that
   servers support multiple workspaces, and a collection may appear in
   more than one workspace.

   The Introspection Document has the requested name to suit
   local conventions.

     Name     = "Name" ":" relative-part media-type 'application/
   atomserv+xml', see Section 15

   Here's an example document:

   <?xml version="1.0" encoding='utf-8'?>
   <app:service xmlns:app="http://purl.org/atom/app#">
     <app:workspace title="Main Site" >
         <app:collection contents="entries"
             title="My Blog Entries"
             href="http://example.org/reilly/feed" />
         <app:collection contents="generic"
             title="Documents"
             href="http://example.org/reilly/pic" />
     </app:workspace>
     <app:workspace title="Side Bar Blog">
         <app:collection contents="entries" title="Entries"
             href="http://example.org/reilly/feed" />
         <app:collection contents="http://example.net/booklist"
             title="Books"
             href="http://example.org/reilly/books" />
     </app:workspace>
   </app:service>

   This example says there are two workspaces, each consisting of two
   collections.  The relative-part production first workspace is defined in [RFC3986].

6.  Entry Collection

   Entry Collections called 'Mail', and has two
   collections, called 'My Blog Entries' and 'Documents' whose locations
   are Collections that restrict their membership to 'http://example.org/reilly/feed' and
   'http://example.org/reilly/pic'.  'My Blog Entries' contains Atom entries.  This specification defines
   Entries and 'Documents' contains Generic Entries.  The second
   workspace is called 'Side Bar Blog' and also has two serializations for collections,
   called 'Entries' and 'Books' whose locations are
   'http://example.org/reilly/feed' and
   'http://example.org/reilly/booklist'.  'Entries' contains Atom
   entries.  Servers
   Entries and 'Books' contains Generic Entries (since its contents
   attribute is not present you MUST provide both serializations.

   1.  Atom Entry Documents (application/atom+xml),  [AtomFormat].

   2.  Atom Entry Documents wrapped by assume it is a SOAP envelope (application/
       soap+xml), .

   Clients use the HTTP 'Accept' request header to indicate their
   preference [RFC2616].  If no 'Accept' header Generic Collection).

6.3.1  Element Definitions

6.3.1.1  The 'app:service' Element

   The "app:service" element is present in the
   request, the server is free to choose document element of a Introspection
   Document, acting as a container for service data associated with one
   or more workspaces.  An app:service elements MAY contain any serialization.  When an
   HTTP request number
   of app:workspace elements.

   appService =
      element app:service {
         appCommonAttributes,
         ( appWorkspace*
           & anyElement* )
      }

6.3.1.2  The 'app:workspace' Element

   The 'workspace' element contains a body, clients information elements about the
   collections of resources available for editing.  The app:workspace
   elements MAY contain any number of app:collection elements.

   appWorkspace =
      element app:workspace {
         appCommonAttributes,
         attribute title { text },
         ( appCollection*
           & anyElement* )
      }

6.3.1.2.1  The 'title' Attribute

   The app:workspace element MUST include contain a 'Content-Type'
   header, and servers MUST accept both application/atom+xml and
   application/soap+xml message bodies.

6.1  Editing Entry Resources

   Atom entries are edited by sending HTTP requests to an individual
   entry's URI.  Servers can determine the processing necessary to
   interpret 'title' attribute, which
   conveys a request by examining the request's HTTP method and
   'Content-Type' header.

   If human-readable name for the request method workspace.  This attribute is POST
   Language-Sensitive.

6.3.1.3  The 'app:collection' Element

   The 'app:collection' element describes collections and their member
   resources.

   appCollection =
      element app:collection {
         appCommonAttributes,
         attribute title { text },
         attribute href { text },
         attribute contents { text },
         anyElement*
      }

6.3.1.3.1  The 'title' Attribute

   The app:collection element MUST contain a 'title' attribute, whose
   value conveys a human-readable name for the 'Content-Type' workspace.  This
   attribute is application/
   soap+xml, the SOAP document Language-Sensitive.

6.3.1.3.2  The 'href' Attribute

   The app:collection element MUST contain an 'href' attribute, whose
   value conveys the IRI of the collection.

6.3.1.3.3  The 'contents' Attribute

   The app:collection element MAY contain a Web-Method property . 'contents' attribute.  The
   'contents' attribute conveys the nature of a collection's member
   resources.  This specifcation specification defines two initial values for that property, PUT the
   'contents' attribute:

   o  'entry': A value of 'entry' for the contents attribute indicates
      that the Collection is an Entry Collection (Section 9).

   o  'generic': A value of 'generic' for the contents attribute
      indicates that the Collection is a Generic Collection
      (Section 10).

   If the attribute is not present, its value MUST be considered to be
   'generic'.

7.  Introspection Resource

   To retrieve an Introspection Document, the client sends a GET request
   to its URI.

   GET /service-desc HTTP/1.1
   Host: example.org
   User-Agent: Cosimo/1.0
   Accept: application/atomserv+xml

   The server responds to a GET request by returning an Introspection
   Document in the message body.

   HTTP/1.1 200 OK
   Date: Mon, 21 Mar 2005 19:20:19 GMT
   Server: CountBasic/2.0
   Last-Modified: Mon, 21 Mar 2005 19:17:26 GMT
   ETag: "4c083-268-423f1dc6"
   Content-Length: nnnn
   Content-Type: application/atomserv+xml

   <?xml version="1.0" encoding='utf-8'?>
   <app:service xmlns:app="http://purl.org/atom/app#">
       ...
   </app:service>

7.1  Discovery

   [[anchor18: Add in desc of an HTML link element that points to the
   Introspection Resource, or add it to the autodisco draft]]

8.  Collection Resources

   An Atom Collection is a set of related resources.  All members of a
   collection have an "app:updated" property, and
   DELETE. the Collection is
   considered to be ordered by this property.

   This specification defines two HTTP methods for use with collection
   resources: GET and POST.

8.1  GET

   A GET to a Collection Resource returns a Collection Document,
   outlining the Collection.  Collection Documents are described in
   Section 6.2.

8.2  POST

   In addition to GET, a Collection Resource also accepts POST requests.
   The client POSTs a representation of the desired resource to the
   Collection Resource.  Note that some collections may impose
   constraints on the media-types that are created in a Collection and
   MAY generate a response with a status code of 415 ("Unsupported Media
   Type").

   In the case of a successful creation, the status code MUST be 201
   ("Created").

   Every successful POST MUST return a Location: header with the URI of
   the newly created resource.

   Here's an example.  Below, the client requests to create a resource
   in a Collection:

   POST /edit HTTP/1.1
   Host: example.org
   User-Agent: Cosimo/1.0
   Accept: application/atom+xml
   Content-Type: application/atom+xml
   Content-Length: 601

   <atom:entry xmlns:atom="http://www.w3.org/2005/Atom">
     <atom:title>Mars Attacks!</atom:title>
     <atom:summary type="html">
       Why cant we all just... get along?
     </atom:summary>
     <atom:author>
       <atom:name>The President</atom:name>
       <atom:uri>http://www.example.org/blog</atom:uri>
     </atom:author>
     <atom:content type="html" xml:lang="en"
         xml:base="http://www.example.org/blog/">
       <p>
       Why can't we...work out our differences?
       Why can't we...work things out?
       Little people...why can't we all just...get along?
       </p>
     </atom:content>
   </atom:entry>

   The resource is created by sending an Atom Entry as the entity body.

   Assuming the server created the resource successfully, it sends back
   a 201 Created response with a Location: header that contains the IRI
   of the newly created member as an Editable Resource.

   HTTP/1.1 201 Created
   Date: Fri, 7 Oct 2005 17:17:11 GMT
   Content-Length: 663
   Content-Type: application/atom+xml; charset="utf-8"
   Location: http://example.org/edit/first-post.atom

8.3  Title: Header

   The POST to a Collection Resource MAY contain a Title: header that
   indicates the clients suggested name for the resource.  The server
   MAY ignore the Title: header or modify the requested name to suit
   local conventions.

        Title     = "Title" ":" [text]

9.  Entry Collections

   Entry Collections are Collections that restrict their membership to
   Atom entries.

9.1  Editing Entry Resources

   Atom entries are edited by sending HTTP requests to an individual
   entry's URI.  Servers can determine the processing necessary to
   interpret a request by examining the request's HTTP method and
   'Content-Type' header.

   Processing Client Requests

 +----------------------------------+------+--------+--------+--------+

             +-----------+------+--------+--------+------+
             |           |  GET |   PUT  | DELETE | POST |
 +----------------------------------+------+--------+--------+--------+
             +-----------+------+--------+--------+------+
             |   No Body | Read |    x   | Delete |   x  |
             |           |      |        |        |      |
             | Atom Body |   x  | Update |    x   |   x  |
 |                                  |      |        |        |        |
 |    SOAP Body with Web-Method PUT |   x  |    x   |    x   | Update |
 |                                  |      |        |        |        |
 | SOAP Body with Web-Method DELETE |   x  |    x   |    x   | Delete |
 +----------------------------------+------+--------+--------+--------+

6.2
             +-----------+------+--------+--------+------+

9.2  Role of Atom Entry Elements During Editing

   The elements of an Atom Entry Document are either a 'Writable
   Element' or a 'Round Trip Element'.

   Writable Element - An element of an Atom Entry whose value is
   editable by the client and not enforced by the server.

   Round Trip Element - An element of an Atom Entry whose value is
   enforced by the server and not editable by the client.

   That categorization will determine the elements' disposition during
   editing.

                  +--------------------+------------+
                  | Atom Entry Element |  Property  |
                  +--------------------+------------+
                  |     atom:author    |  Writable  |
                  |                    |            |
                  |    atom:category   |  Writable  |
                  |                    |            |
                  |    atom:content    |  Writable  |
                  |                    |            |
                  |  atom:contributor  |  Writable  |
                  |                    |            |
                  |       atom:id      | Round Trip |
                  |                    |            |
                  |      atom:link     |  Writable  |
                  |                    |            |
                  |   atom:published   |  Writable  |
                  |                    |            |
                  |     atom:source    |  Writable  |
                  |                    |            |
                  |    atom:summary    |  Writable  |
                  |                    |            |
                  |     atom:title     |  Writable  |
                  |                    |            |
                  |    atom:updated    | Round Trip |
                  +--------------------+------------+

                                  Table 2

7.

10.  Generic Collection Collections

   Generic Collections are Collections that do not have uniform
   restrictions on the representations of the member resources.

7.1

10.1  Editing Generic Resources

   Member resources are edited by sending HTTP requests to an individual
   resource's URI.  Servers can determine the processing necessary to
   interpret a request by examining the request's HTTP method and
   'Content-Type' header.

   Processing Client Requests

              +----------+------+--------+--------+------+
              |          |  GET |   PUT  | DELETE | POST |
              +----------+------+--------+--------+------+
              |  No Body | Read |    x   | Delete |   x  |
              |          |      |        |        |      |
              | Any Body |   x  | Update |    x   |   x  |
              +----------+------+--------+--------+------+

8.  Introspection

   In order

   When a List resource returns an Atom Feed enumerating the contents of
   a Generic Collection, all the Entries MUST have an atom:content
   element with a 'src' attribute.

10.2  Title: Header

   The POST to a Generic Collection Resource MAY contain a Title: header
   that indicates the clients suggested title for the resource.  The
   server MAY ignore the Title: header or modify the requested title to
   suit local conventions.

   Title     = "Title" ":" [text]

11.  List Resources

   List resources are resources which are identified by URI templates
   indicating selection criteria.  They can be used where clients
   require fine control over the range or size of a server's response.
   A list resource MUST return an Atom feed document as its
   representation.  The entries in the returned document MUST be ordered
   by their 'atom:updated' property, with the most recently updated
   entries coming first in the document order.  Clients MUST NOT assume
   that the entry returned in the feed is a full representation of a
   member resource.  If the entry is an Editable Resource then the
   client should perform a GET on the member resource before editing.

   note: in this section some URIs carry across onto the next line; this
   is indicated by a '\'

11.1  URI Templates

   URI Templates are a mechanism for declaring criteria against a list
   resource.  By itself a URI Template is not a valid URI.  Instead
   there are multiple parameters embedded in the URI and distinguished
   by closing braces which can be populated and used as selection
   criteria.  The value of each app:uri-template element in a Collection
   document is a URI Template.

   Each URI template has one or more parameters that MUST be substituted
   with values to construct a valid URI.  The substitution MUST ensure
   that the resulting value is also properly percent-encoded utf-8.

   Here are some examples of template URIs and corresponding populated
   values:

   http://example.org/blog/edit/{index}
   http://example.org/blog/edit/3-9

   http://example.org/blog/edit/{index}/foo
   http://example.org/blog/edit/0-100/foo

   http://example.org/blog/edit/{daterange}
   http://example.org/blog/edit/daterange=\
       2003-12-13T18:30:02Z-2003-12-13T18:30:02Z

   http://example.org/blog/edit?dr={daterange}/bar/
   http://example.org/blog/edit?dr=\
       2003-12-13T18:30:02Z,2003-12-13T18:30:02Z/bar/

   Note that the parameters MAY appear at any place in the URI template.

11.2  URI Template Parameters

   This specification defines two parameters for authoring to commence, use in URI Templates:

   o  index: allows selection into a client must first discover collection's resources based as
      though ordered by their 'atom:updated' property.

   o  daterange: allows selection into a collection's resources based on
      their 'atom:updated' property

   In both cases, the
   capabilities and locations response to the selection request MUST be an Atom
   Feed where all the entries fall within the requested criteria.  The
   request range is considered a closed set - if an entry matches one
   end of collections offered.

8.1  Introspection the range exactly it MUST be included in the response.  If no
   members fall in the requested range, the server MUST respond with an
   Atom Feed containing no entries.

   A Collection Document MUST contain at least two app:uri-template
   elements - one for the {index} parameter template and the other for
   the {daterange} parameter template.  The Introspection Document describes "workspaces", which two parameters are server-
   defined groupings of collections.  There is no requirement that
   servers support multiple workspaces, not
   mutually exclusive and a collection may MAY appear together in
   more than one workspace. a single Template URI.

11.2.1  \{index\} URI template variable

   The Introspection Document has value of the media-type 'application/
   atomserv+xml', see Section 11

   <?xml version="1.0" encoding='utf-8'?>
   <service xmlns="http://purl.org/atom/app#">
     <workspace title="Main Site" >
       <collection contents="entries" title="My Blog Entries"
         href="http://example.org/reilly/feed" />
       <collection contents="generic" title="Documents"
         href="http://example.org/reilly/pic" />
     </workspace>
     <workspace title="Side Bar Blog">
       <collection contents="entries" title="Entries"
         href="http://example.org/reilly/feed" />
       <collection contents="http://example.net/booklist" title="Books"
         href="http://example.org/reilly/books" />
     </workspace>
   </service>

8.1.1  Element Definitions

8.1.1.1  The 'app:service' Element

   The "service" element {index} criterion MUST be a pair of non-negative
   integer indices separated by a dash character.  One or other index
   MAY omitted, in which case the range is understood as stretching to
   zero, or infinity.

    index-specifier = [index] "-" [index]

   For example, suppose the client is supplied this {index} URI
   template:

    http://example.org/blog/edit/{index}

   If the client wants the first 15 entries in the Collection it would
   substitute the brace-delimited parameter {index}, with the value
   1-15, giving:

    http://example.org/blog/edit/1-15

11.2.2  \{daterange\} URI template variable

   A URI Template with the document element of a Service Document,
   acting as a container variable 'daterange' allows querying for service data associated with one or more
   workspaces.

   appService       element app:service {
         ( appWorkspace*
           & anyElement* )
      } Atom
   Entries in a Collection according to their 'atom:updated' property.

   The following child elements are defined by this specification:

   o  app:service elements MAY contain any number value of app:workspace
      elements.

8.1.1.2  The 'app:workspace' Element

   The 'workspace' element element contains information elements about the collections {daterange} criterion should be a pair of resources available for editing.

   appWorkspace       element app:workspace {
         attribute title { text },
         ( appCollection*
           & anyElement* )
      }

   The following attributes and child elements are defined ISO
   formatted dates separated by this
   specification:

   o  app:workspace elements MUST contain a 'title' attribute, dash character; either index may be
   optionally omitted, in which
      conveys a human-readable name for case the workspace

   o  app:workspace elements MAY contain any number of app:collection
      elements.

8.1.1.3  The 'app:collection' Element range is understood as
   stretching to infinity on that end.

    daterange-specifier = [iso-date] "," [iso-date]

   The 'app:collection' element describes collections [iso-date] terminal MUST conform to the "date-time" production in
   [RFC3339].  In addition, an uppercase "T" character MUST be used to
   separate date and their member
   resources.

   [[anchor19: We have a collection element that's different than time, and an uppercase "Z" character MUST be
   present in the
   root element absence of a numeric time zone offset.

   For example, suppose the client is supplied this {daterange} URI
   Template:

    http://example.org/blog/edit/{daterange}

   If the client wants the entries in the collection document.  Messy. --R.  Sayre]]

   appCollection       element app:collection {
         attribute title { text },
         attribute contents { text },
         attribute href { text },
         anyElement*
      } between January and
   February 2006 it would substitute the brace-delimited parameter
   {daterange} with the desired selection value, giving this URI:

    http://example.org/blog/edit/2006-01-01T00:00:00Z,\
        2006-02-01T00:00:00Z

11.2.3  Other URI Template parameters

   Other specifications MAY define new parameters for use in URI
   templates and declared in the app:uri-template element.

12.  Atom Entry Extensions

   This specification adds three new values to the Registry of Link
   Relations.

   The following attributes are defined by this specification:

   o  app:collection elements MUST contain a 'title' attribute, whose value conveys a human-readable name for of 'collection' signifies that the workspace

   o  app:collection elements IRI in the value of the
   href is the Collection that this Entry belongs to.  Any entry MAY
   contain a 'contents' attribute
      (Section 8.1.1.3.1).  If it is not present, it's link with a relation of 'collection'.

   The value of 'edit' signifies that the IRI in the value of the href
   attribute identifies the resource that is
      considered used to be 'generic'.

   o  app:collection elements MUST contain an 'href' attribute, whose
      value conveys edit the entry.
   That is, it is the URI of the collection.

8.1.1.3.1  The 'contents' Attribute Entry as an Editable Resource.

   The 'contents' value of 'srcedit' signifies that the IRI in the value of the
   href attribute conveys identifies the nature resource that is used to edit the
   resource pointed to by the 'src' attribute of a collection's member
   resources.  This specification defines two initial values for the
   'contents' attribute:

   o  entry

   o  generic

   Extensibility for 'content' values atom:content
   element.  That is, it is handled [[anchor20: Same the IRI of the atom:content@src as
   atom:link]].

8.1.1.3.1.1  entry

   A value an
   Editable Resource.  If a link element with a relation of 'entry' for "srcedit" is
   not given, then it's value defaults to the contents "src" attribute indicates of the
   content element.  List Resources for Generic Collections MUST return
   entries that have 'srcedit' links or MUST have a atom:content@src
   value.

   If the
   Collection "srcedit" link is present, and it's value is an Entry Collection (Section 6).

8.1.1.3.1.2  generic

   A empty string,
   then there is no URI that can be treated in the way such a value
   would be treated.

   Clients SHOULD use the "srcedit" value to manipulate the resource
   within the context of 'generic' for the contents attribute indicates that APP itself.  Clients SHOULD prefer the
   "atom:content@src" value in any other context.  For example, if the
   Collection
   resource is a Generic Collection (Section 7).

8.2  Introspection Resource

   To retrieve an Introspection Document, the image, a client sends may replace the image data using a GET request
   to its URI.

   GET /service-desc HTTP/1.1
   Host: example.org
   User-Agent: Cosimo/1.0
   Accept: application/atomserv+xml

   The server responds to PUT
   on the "srcedit" value, and may even display a GET request preview of the image
   by returning an Introspection
   Document in fetching the message body.

   HTTP/1.1 200 OK
   Date: Mon, 21 Mar 2005 19:20:19 GMT
   Server: CountBasic/2.0
   Last-Modified: Mon, 21 Mar 2005 19:17:26 GMT
   ETag: "4c083-268-423f1dc6"
   Content-Length: nnnn
   Content-Type: application/atomserv+xml

   <?xml version="1.0" encoding='utf-8'?>
   <service xmlns="http://purl.org/atom/app#">
       ...
   </service>

8.2.1  Discovery

   [[anchor24: Add in desc of an HTML link element that points "srcedit" URI.  But when creating a public, read-only
   reference to the
   Introspection Resource, or add it to same image resource, the autodisco draft]]

9. client should use the
   "atom:content@src" value.

13.  Securing the Atom Protocol

   All instances of publishing Atom entries SHOULD be protected by
   authentication to prevent posting or editing by unknown sources.
   Atom servers and clients MUST support one of the following
   authentication mechanisms, and SHOULD support both.

   o  HTTP Digest Authentication [RFC2617]

   o  [@@TBD@@ CGI Authentication ref]

   Atom servers and clients MAY support encryption of the Atom session
   using TLS [RFC2246].

   There are cases where an authentication mechanism may not be
   required, such as a publicly editable Wiki, or when using the PostURI
   to post comments to a site that does not require authentication to
   create comments.

9.1

13.1  [@@TBD@@ CGI Authentication]

   This authentication method is included as part of the protocol to
   allow Atom servers and clients that cannot use HTTP Digest
   Authentication but where the user can both insert its own HTTP
   headers and create a CGI program to authenticate entries to the
   server.  This scenario is common in environments where the user
   cannot control what services the server employs, but the user can
   write their own HTTP services.

10.

14.  Security Considerations

   Because Atom is a publishing protocol, it is important that only
   authorized users can create and edit entries.

   The security of Atom is based on HTTP Digest Authentication and/or
   [@@TBD@@ CGI Authentication].  Any weaknesses in either of these
   authentication schemes will obviously affect the security of the Atom
   Publishing Protocol.

   Both HTTP Digest Authentication and [@@TBD@@ CGI Authentication] are
   susceptible to dictionary-based attacks on the shared secret.  If the
   shared secret is a password (instead of a random string with
   sufficient entropy), an attacker can determine the secret by
   exhaustively comparing the authenticating string with hashed results
   of the public string and dictionary entries.

   See RFC 2617 for more detailed description of the security properties
   of HTTP Digest Authentication.

   @@TBD@@ Talk here about using HTTP basic and digest authentication.

   @@TBD@@ Talk here about denial of service attacks using large XML
   files, or the billion laughs DTD attack.

11.

15.  IANA Considerations

   A Atom Collection Document, when serialized as XML 1.0, can be
   identified with the following media type:

   MIME media type name: application

   MIME subtype name: atomcoll+xml

   Mandatory parameters: None.

   Optional parameters:

      "charset": This parameter has identical semantics to the charset
         parameter of the "application/xml" media type as specified in
         [RFC3023].

   Encoding considerations: Identical to those of "application/xml" as
      described in [RFC3023], section 3.2.

   Security considerations: As defined in this specification.
      [[anchor28:
      [[anchor31: update upon publication]]

      In addition, as this media type uses the "+xml" convention, it
      shares the same security considerations as described in [RFC3023],
      section 10.

   Interoperability considerations: There are no known interoperability
      issues.

   Published specification: This specification. [[anchor29: [[anchor32: update upon
      publication]]

   Applications that use this media type: No known applications
      currently use this media type.

   Additional information:

   Magic number(s): As specified for "application/xml" in [RFC3023],
      section 3.2.

   File extension: .atomcoll

   Fragment identifiers: As specified for "application/xml" in
      [RFC3023], section 5.

   Base URI: As specified in [RFC3023], section 6.

   Macintosh File Type code: TEXT

   Person and email address to contact for further information: Joe
      Gregorio <joe@bitworking.org>

   Intended usage: COMMON

   Author/Change controller: IESG

   An Atom Introspection Document, when serialized as XML 1.0, can be
   identified with the following media type:

   MIME media type name: application

   MIME subtype name: atomserv+xml

   Mandatory parameters: None.

   Optional parameters:

      "charset": This parameter has identical semantics to the charset
         parameter of the "application/xml" media type as specified in
         [RFC3023].

   Encoding considerations: Identical to those of "application/xml" as
      described in [RFC3023], section 3.2.

   Security considerations: As defined in this specification.
      [[anchor30:
      [[anchor33: update upon publication]]

      In addition, as this media type uses the "+xml" convention, it
      shares the same security considerations as described in [RFC3023],
      section 10.

   Interoperability considerations: There are no known interoperability
      issues.

   Published specification: This specification. [[anchor31: [[anchor34: update upon
      publication]]

   Applications that use this media type: No known applications
      currently use this media type.

   Additional information:

   Magic number(s): As specified for "application/xml" in [RFC3023],
      section 3.2.

   File extension: .atomsrv

   Fragment identifiers: As specified for "application/xml" in
      [RFC3023], section 5.

   Base URI: As specified in [RFC3023], section 6.

   Macintosh File Type code: TEXT

   Person and email address to contact for further information: Joe
      Gregorio <joe@bitworking.org>

   Intended usage: COMMON

   Author/Change controller: This specification's author(s). [[anchor32: [[anchor35:
      update upon publication]]

12.

16.  References

12.1

16.1  Normative References

   [AtomFormat]
              Nottingham, M. and R. Sayre, "The Atom Syndication
              Format",  work-in-progress, April  1.0, July 2005.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2246]  Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
              RFC 2246, January 1999.

   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

   [RFC2617]  Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
              Leach, P., Luotonen, A., and L. Stewart, "HTTP
              Authentication: Basic and Digest Access Authentication",
              RFC 2617, June 1999.

   [RFC3023]  Murata, M., St. Laurent, S., and D. Kohn, "XML Media
              Types", RFC 3023, January 2001.

   [RFC3339]  Klyne, G. and C. Newman, "Date and Time on the Internet:
              Timestamps", RFC 3339, July 2002.

   [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
              Resource Identifier (URI): Generic Syntax", STD 66,
              RFC 3986, January 2005.

   [RFC3987]  Duerst, M. and M. Suignard, "Internationalized Resource
              Identifiers (IRIs)", RFC 3987, January 2005.

   [W3C.REC-soap12-part1-20030624]
              Nielsen, H., Mendelsohn, N., Gudgin, M., Hadley, M., and
              J. Moreau, "SOAP Version 1.2 Part 1: Messaging Framework",
              W3C REC REC-soap12-part1-20030624, June 2003.

   [W3C.REC-soap12-part2-20030624]
              Nielsen, H., Hadley, M., Moreau, J., Mendelsohn, N., and
              M. Gudgin, "SOAP Version 1.2 Part 2: Adjuncts", W3C
              REC REC-soap12-part2-20030624, June 2003.

   [W3C.REC-xml-20040204]
              Yergeau, F., Paoli, J., Sperberg-McQueen, C., Bray, T.,
              and E. Maler, "Extensible Markup Language (XML) 1.0 (Third
              Edition)", W3C REC REC-xml-20040204, February 2004.

12.2

   [W3C.REC-xml-names-19990114]
              Hollander, D., Bray, T., and A. Layman, "Namespaces in
              XML", W3C REC REC-xml-names-19990114, January 1999.

16.2  Informative References

   [RNC]      Clark, J., "RELAX NG Compact Syntax", December 2001.

   [W3C.REC-webarch-20041215]
              Walsh, N. and I. Jacobs, "Architecture of the World Wide
              Web, Volume One", W3C REC REC-webarch-20041215,
              December 2004.

URIs

   [1]  <http://www.imc.org/atom-protocol/index.html>

Authors' Addresses

   Joe Gregorio (editor)
   BitWorking, Inc
   1002 Heathwood Dairy Rd.
   Apex, NC  27502
   US

   Phone: +1 919 272 3764
   Email: joe@bitworking.com
   URI:   http://bitworking.com/

   Robert Sayre

   Bill de hOra (editor)
   Propylon Ltd.
   45 Blackbourne Square, Rathfarnham Gate
   Dublin, Dublin  D14
   IE

   Phone: +353-1-4927444
   Email: rfsayre@boswijck.com bill.dehora@propylon.com
   URI:   http://boswijck.com   http://www.propylon.com/

Appendix A.  Contributors

   The content and concepts within are a product of the Atom community
   and the Atompub Working Group.  Robert Sayre was an editor for drafts
   00-04.

Appendix B.  Revision History

   draft-ietf-atompub-protocol-05 - Added: Contributors section.  Added:
   de hOra to editors.  Fixed: typos.  Added diagrams and description to
   model section.  Incorporates PaceAppDocuments, PaceAppDocuments2,
   PaceSimplifyCollections2 (large-sized chunks of it anyhow: the
   notions of Entry and Generic resources, the section 4 language on the
   Protocol Model, 4.1 through 4.5.2, the notion of a Collection
   document, as in Section 5 through 5.3, Section 7 "Collection
   resources", Selection resources (modified from pace which talked
   about search); results in major mods to Collection Documents, Section
   9.2 "Title: Header" and brokeout para to section 9.1 Editing Generic
   Resources).  Added XML namespace and language section.  Some cleanup
   of front matter.  Added Language Sensitivity to some attributes.
   Removed resource descriptions from terminology.  Some juggling of
   sections.  See:
   http://www.imc.org/atom-protocol/mail-archive/msg01812.html.

   draft-ietf-atompub-protocol-04 - Add ladder diagrams, reorganize, add
   SOAP interactions

   draft-ietf-atompub-protocol-03 - Incorporates PaceSliceAndDice3 and
   PaceIntrospection.

   draft-ietf-atompub-protocol-02 - Incorporates Pace409Response,
   PacePostLocationMust, and PaceSimpleResourcePosting.

   draft-ietf-atompub-protocol-01 - Added in sections on Responses for
   the EditURI.  Allow 2xx for response to EditURI PUTs.  Elided all
   mentions of WSSE.  Started adding in some normative references.
   Added the section "Securing the Atom Protocol".  Clarified that it is
   possible that the PostURI and FeedURI could be the same URI.  Cleaned
   up descriptions for Response codes 400 and 500.

   Rev draft-ietf-atompub-protocol-00 - 5Jul2004 - Renamed the file and
   re-titled the document to conform to IETF submission guidelines.
   Changed MIME type to match the one selected for the Atom format.
   Numerous typographical fixes.  We used to have two 'Introduction'
   sections.  One of them was moved into the Abstract the other absorbed
   the Scope section.  IPR and copyright notifications were added.

   Rev 09 - 10Dec2003 - Added the section on SOAP enabled clients and
   servers.

   Rev 08 - 01Dec2003 - Refactored the specification, merging the
   Introspection file into the feed format.  Also dropped the
   distinction between the type of URI used to create new entries and
   the kind used to create comments.  Dropped user preferences.

   Rev 07 - 06Aug2003 - Removed the use of the RSD file for auto-
   discovery.  Changed copyright until a final standards body is chosen.
   Changed query parameters for the search facet to all begin with atom-
   to avoid name collisions.  Updated all the Entries to follow the 0.2
   version.  Changed the format of the search results and template file
   to a pure element based syntax.

   Rev 06 - 24Jul2003 - Moved to PUT for updating Entries.  Changed all
   the mime-types to application/x.atom+xml.  Added template editing.
   Changed 'edit-entry' to 'create-entry' in the Introspection file to
   more accurately reflect it's purpose.

   Rev 05 - 17Jul2003 - Renamed everything Echo into Atom.  Added
   version numbers in the Revision history.  Changed all the mime-types
   to application/atom+xml.

   Rev 04 - 15Jul2003 - Updated the RSD version used from 0.7 to 1.0.
   Change the method of deleting an Entry from POSTing <delete/> to
   using the HTTP DELETE verb.  Also changed the query interface to GET
   instead of POST.  Moved Introspection Discovery to be up under
   Introspection.  Introduced the term 'facet' for the services listed
   in the Introspection file.

   Rev 03 - 10Jul2003 - Added a link to the Wiki near the front of the
   document.  Added a section on finding an Entry.  Retrieving an Entry
   now broken out into it's own section.  Changed the HTTP status code
   for a successful editing of an Entry to 205.

   Rev 02 - 7Jul2003 - Entries are no longer returned from POSTs,
   instead they are retrieved via GET.  Cleaned up figure titles, as
   they are rendered poorly in HTML.  All content-types have been
   changed to application/atom+xml.

   Rev 01 - 5Jul2003 - Renamed from EchoAPI.html to follow the more
   commonly used format: draft-gregorio-NN.html.  Renamed all references
   to URL to URI.  Broke out introspection into it's own section.  Added
   the Revision History section.  Added more to the warning that the
   example URIs are not normative.

Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.

   The IETF has been notified of intellectual property rights claimed in
   regard to some or all of the specification contained in this
   document.  For more information consult the online list of claimed
   rights.

Disclaimer of Validity

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Copyright Statement

   Copyright (C) The Internet Society (2005).  This document is subject
   to the rights, licenses and restrictions contained in BCP 78, and
   except as set forth therein, the authors retain all their rights.

Acknowledgment

   Funding for the RFC Editor function is currently provided by the
   Internet Society.