draft-ietf-atompub-protocol-17.txt   rfc5023.txt 
Network Working Group J. Gregorio, Ed. Network Working Group J. Gregorio, Ed.
Internet-Draft IBM Request for Comments: 5023 Google
Intended status: Standards Track B. de hOra, Ed. Category: Standards Track B. de hOra, Ed.
Expires: January 10, 2008 July 09, 2007 NewBay Software
October 2007
The Atom Publishing Protocol The Atom Publishing Protocol
draft-ietf-atompub-protocol-17.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at Status of This Memo
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 10, 2008.
Copyright Notice
Copyright (C) The IETF Trust (2007). This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Abstract Abstract
The Atom Publishing Protocol (APP) is an application-level protocol The Atom Publishing Protocol (AtomPub) is an application-level
for publishing and editing Web resources. The protocol is based on protocol for publishing and editing Web resources. The protocol is
HTTP transfer of Atom-formatted representations. The Atom format is based on HTTP transfer of Atom-formatted representations. The Atom
documented in the Atom Syndication Format. format is documented in the Atom Syndication Format.
Editorial Note
[[anchor1: Remove this section upon publication]]
To provide feedback on this Internet-Draft, join the atom-protocol
mailing list (http://www.imc.org/atom-protocol/index.html) [1].
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 6 1. Introduction ....................................................4
2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 7 2. Notational Conventions ..........................................4
2.1. XML-related Conventions . . . . . . . . . . . . . . . . . 7 2.1. XML-Related Conventions ....................................4
2.1.1. Referring to Information Items . . . . . . . . . . . . 7 2.1.1. Referring to Information Items ......................4
2.1.2. RELAX NG Schema . . . . . . . . . . . . . . . . . . . 7 2.1.2. RELAX NG Schema .....................................4
2.1.3. Use of xml:base and xml:lang . . . . . . . . . . . . . 7 2.1.3. Use of "xml:base" and "xml:lang" ....................5
3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 8 3. Terminology .....................................................5
4. Protocol Model . . . . . . . . . . . . . . . . . . . . . . . . 10 4. Protocol Model ..................................................6
4.1. Identity and Naming . . . . . . . . . . . . . . . . . . . 10 4.1. Identity and Naming ........................................6
4.2. Documents and Resource classification . . . . . . . . . . 10 4.2. Documents and Resource Classification ......................7
4.3. Control and Publishing . . . . . . . . . . . . . . . . . . 12 4.3. Control and Publishing .....................................8
4.4. Client Implementation Considerations . . . . . . . . . . . 12 4.4. Client Implementation Considerations .......................9
5. Protocol Operations . . . . . . . . . . . . . . . . . . . . . 14 5. Protocol Operations .............................................9
5.1. Retrieving a Service Document . . . . . . . . . . . . . . 14 5.1. Retrieving a Service Document .............................10
5.2. Listing Collection Members . . . . . . . . . . . . . . . . 14 5.2. Listing Collection Members ................................10
5.3. Creating a Resource . . . . . . . . . . . . . . . . . . . 15 5.3. Creating a Resource .......................................11
5.4. Editing a Resource . . . . . . . . . . . . . . . . . . . . 15 5.4. Editing a Resource ........................................11
5.4.1. Retrieving a Resource . . . . . . . . . . . . . . . . 15 5.4.1. Retrieving a Resource ..............................11
5.4.2. Editing a Resource . . . . . . . . . . . . . . . . . . 16 5.4.2. Editing a Resource .................................12
5.4.3. Deleting a Resource . . . . . . . . . . . . . . . . . 16 5.4.3. Deleting a Resource ................................12
5.5. Use of HTTP Response codes . . . . . . . . . . . . . . . . 16 5.5. Use of HTTP Response Codes ................................12
6. Protocol Documents . . . . . . . . . . . . . . . . . . . . . . 18 6. Protocol Documents .............................................13
6.1. Document Types . . . . . . . . . . . . . . . . . . . . . . 18 6.1. Document Types ............................................13
6.2. Document Extensibility . . . . . . . . . . . . . . . . . . 18 6.2. Document Extensibility ....................................13
7. Category Documents . . . . . . . . . . . . . . . . . . . . . . 19 7. Category Documents .............................................14
7.1. Example . . . . . . . . . . . . . . . . . . . . . . . . . 19 7.1. Example ...................................................14
7.2. Element Definitions . . . . . . . . . . . . . . . . . . . 19 7.2. Element Definitions .......................................14
7.2.1. The "app:categories" element . . . . . . . . . . . . . 19 7.2.1. The "app:categories" Element .......................14
8. Service Documents . . . . . . . . . . . . . . . . . . . . . . 21 8. Service Documents ..............................................15
8.1. Workspaces . . . . . . . . . . . . . . . . . . . . . . . . 21 8.1. Workspaces ................................................16
8.2. Example . . . . . . . . . . . . . . . . . . . . . . . . . 22 8.2. Example ...................................................16
8.3. Element Definitions . . . . . . . . . . . . . . . . . . . 23 8.3. Element Definitions .......................................17
8.3.1. The "app:service" Element . . . . . . . . . . . . . . 23 8.3.1. The "app:service" Element ..........................17
8.3.2. The "app:workspace" Element . . . . . . . . . . . . . 23 8.3.2. The "app:workspace" Element ........................18
8.3.3. The "app:collection" Element . . . . . . . . . . . . . 24 8.3.3. The "app:collection" Element .......................18
8.3.4. The "app:accept" Element . . . . . . . . . . . . . . . 25 8.3.4. The "app:accept" Element ...........................19
8.3.5. Usage in Atom Feed Documents . . . . . . . . . . . . . 25 8.3.5. Usage in Atom Feed Documents .......................19
8.3.6. The "app:categories" Element . . . . . . . . . . . . . 25 8.3.6. The "app:categories" Element .......................20
9. Creating and Editing Resources . . . . . . . . . . . . . . . . 27 9. Creating and Editing Resources .................................20
9.1. Member URIs . . . . . . . . . . . . . . . . . . . . . . . 27 9.1. Member URIs ...............................................20
9.2. Creating Resources with POST . . . . . . . . . . . . . . . 27 9.2. Creating Resources with POST ..............................20
9.2.1. Example . . . . . . . . . . . . . . . . . . . . . . . 28 9.2.1. Example ............................................21
9.3. Editing Resources with PUT . . . . . . . . . . . . . . . . 29 9.3. Editing Resources with PUT ................................22
9.4. Deleting Resources with DELETE . . . . . . . . . . . . . . 29 9.4. Deleting Resources with DELETE ............................22
9.5. Caching and entity tags . . . . . . . . . . . . . . . . . 29 9.5. Caching and Entity Tags ...................................22
9.5.1. Example . . . . . . . . . . . . . . . . . . . . . . . 29 9.5.1. Example ............................................23
9.6. Media Resources and Media Link Entries . . . . . . . . . . 31 9.6. Media Resources and Media Link Entries ....................25
9.6.1. Examples . . . . . . . . . . . . . . . . . . . . . . . 32 9.6.1. Examples ...........................................26
9.7. The Slug: Header . . . . . . . . . . . . . . . . . . . . . 38 9.7. The Slug Header ...........................................30
9.7.1. Slug: Header syntax . . . . . . . . . . . . . . . . . 39 9.7.1. Slug Header Syntax .................................31
9.7.2. Example . . . . . . . . . . . . . . . . . . . . . . . 39 9.7.2. Example ............................................31
10. Listing Collections . . . . . . . . . . . . . . . . . . . . . 40 10. Listing Collections ...........................................32
10.1. Collection partial lists . . . . . . . . . . . . . . . . . 40 10.1. Collection Partial Lists .................................32
10.2. The "app:edited" Element . . . . . . . . . . . . . . . . . 41 10.2. The "app:edited" Element .................................33
11. Atom Format Link Relation Extensions . . . . . . . . . . . . . 42 11. Atom Format Link Relation Extensions ..........................34
11.1. The "edit" Link Relation . . . . . . . . . . . . . . . . . 42 11.1. The "edit" Link Relation .................................34
11.2. The "edit-media" Link Relation . . . . . . . . . . . . . . 42 11.2. The "edit-media" Link Relation ...........................34
12. The Atom Format Type Parameter . . . . . . . . . . . . . . . . 43 12. The Atom Format Type Parameter ................................34
12.1. The 'type' parameter . . . . . . . . . . . . . . . . . . . 43 12.1. The "type" parameter .....................................34
12.1.1. Conformance . . . . . . . . . . . . . . . . . . . . . 43 12.1.1. Conformance .......................................35
13. Atom Publishing Controls . . . . . . . . . . . . . . . . . . . 44 13. Atom Publishing Controls ......................................35
13.1. The "app:control" Element . . . . . . . . . . . . . . . . 44 13.1. The "app:control" Element ................................35
13.1.1. The "app:draft" Element . . . . . . . . . . . . . . . 44 13.1.1. The "app:draft" Element ...........................36
14. Securing the Atom Publishing Protocol . . . . . . . . . . . . 45 14. Securing the Atom Publishing Protocol .........................36
15. Security Considerations . . . . . . . . . . . . . . . . . . . 46 15. Security Considerations .......................................37
15.1. Denial of Service . . . . . . . . . . . . . . . . . . . . 46 15.1. Denial of Service ........................................37
15.2. Replay Attacks . . . . . . . . . . . . . . . . . . . . . . 46 15.2. Replay Attacks ...........................................37
15.3. Spoofing Attacks . . . . . . . . . . . . . . . . . . . . . 46 15.3. Spoofing Attacks .........................................37
15.4. Linked Resources . . . . . . . . . . . . . . . . . . . . . 46 15.4. Linked Resources .........................................38
15.5. Digital Signatures and Encryption . . . . . . . . . . . . 46 15.5. Digital Signatures and Encryption ........................38
15.6. URIs and IRIs . . . . . . . . . . . . . . . . . . . . . . 47 15.6. URIs and IRIs ............................................38
15.7. Code Injection and Cross Site Scripting . . . . . . . . . 47 15.7. Code Injection and Cross Site Scripting ..................39
16. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 48 16. IANA Considerations ...........................................39
16.1. Content-type registration for 'application/atomcat+xml' . 48 16.1. Content-Type Registration for 'application/atomcat+xml' ..39
16.2. Content-type registration for 'application/atomsvc+xml' . 49 16.2. Content-Type Registration for 'application/atomsvc+xml' ..40
16.3. Header field registration for 'SLUG' . . . . . . . . . . . 50 16.3. Header Field Registration for 'SLUG' .....................42
16.4. The Link Relation registration "edit" . . . . . . . . . . 51 16.4. The Link Relation Registration "edit" ....................42
16.5. The Link Relation registration "edit-media" . . . . . . . 51 16.5. The Link Relation Registration "edit-media" ..............42
16.6. The Atom Format Media Type Parameter . . . . . . . . . . . 51 16.6. The Atom Format Media Type Parameter .....................43
17. References . . . . . . . . . . . . . . . . . . . . . . . . . . 52 17. References ....................................................43
17.1. Normative References . . . . . . . . . . . . . . . . . . . 52 17.1. Normative References .....................................43
17.2. Informative References . . . . . . . . . . . . . . . . . . 53 17.2. Informative References ...................................44
Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 55 Appendix A. Contributors ..........................................46
Appendix B. RELAX NG Compact Schema . . . . . . . . . . . . . . . 56 Appendix B. RELAX NG Compact Schema ...............................46
Appendix C. Revision History . . . . . . . . . . . . . . . . . . 62
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 66
Intellectual Property and Copyright Statements . . . . . . . . . . 67
1. Introduction 1. Introduction
The Atom Publishing Protocol is an application-level protocol for The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web Resources using HTTP [RFC2616] and XML 1.0 publishing and editing Web Resources using HTTP [RFC2616] and XML 1.0
[REC-xml]. The protocol supports the creation of Web Resources and [REC-xml]. The protocol supports the creation of Web Resources and
provides facilities for: provides facilities for:
o Collections: Sets of Resources, which can be retrieved in whole or o Collections: Sets of Resources, which can be retrieved in whole or
in part. in part.
skipping to change at page 7, line 11 skipping to change at page 4, line 29
The Atom Publishing Protocol is different from many contemporary The Atom Publishing Protocol is different from many contemporary
protocols in that the server is given wide latitude in processing protocols in that the server is given wide latitude in processing
requests from clients. See Section 4.4 for more details. requests from clients. See Section 4.4 for more details.
2. Notational Conventions 2. Notational Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
2.1. XML-related Conventions 2.1. XML-Related Conventions
2.1.1. Referring to Information Items 2.1.1. Referring to Information Items
Atom Protocol Document formats are specified in terms of the XML Atom Protocol Document formats are specified in terms of the XML
Information Set [REC-xml-infoset], serialized as XML 1.0 [REC-xml]. Information Set [REC-xml-infoset], serialized as XML 1.0 [REC-xml].
The Infoset terms "Element Information Item" and "Attribute The Infoset terms "Element Information Item" and "Attribute
Information Item" are shortened to "element" and "attribute" Information Item" are shortened to "element" and "attribute"
respectively. Therefore, when this specification uses the term respectively. Therefore, when this specification uses the term
"element", it is referring to an Element Information Item, and when "element", it is referring to an Element Information Item, and when
it uses the term "attribute", it is referring to an Attribute it uses the term "attribute", it is referring to an Attribute
Information Item. Information Item.
2.1.2. RELAX NG Schema 2.1.2. RELAX NG Schema
Some sections of this specification are illustrated with fragments of Some sections of this specification are illustrated with fragments of
a non-normative RELAX NG Compact schema [RNC]. However, the text of a non-normative RELAX NG Compact schema [RNC]. However, the text of
this specification provides the definition of conformance. Complete this specification provides the definition of conformance. Complete
schemas appear in Appendix B. schemas appear in Appendix B.
2.1.3. Use of xml:base and xml:lang 2.1.3. Use of "xml:base" and "xml:lang"
XML elements defined by this specification MAY have an xml:base XML elements defined by this specification MAY have an "xml:base"
attribute [REC-xmlbase]. When xml:base is used, it serves the attribute [REC-xmlbase]. When xml:base is used, it serves the
function described in Section 5.1.1 of URI Generic Syntax [RFC3986], function described in Section 5.1.1 of URI Generic Syntax [RFC3986],
by establishing the base URI (or IRI) for resolving relative by establishing the base URI (or IRI, Internationalized Resource
references found within the scope of the xml:base attribute. Identifier [RFC3987]) for resolving relative references found within
the scope of the "xml:base" attribute.
Any element defined by this specification MAY have an xml:lang Any element defined by this specification MAY have an "xml:lang"
attribute, whose content indicates the natural language for the attribute, whose content indicates the natural language for the
element and its descendants. Requirements regarding the content and element and its descendants. Requirements regarding the content and
interpretation of xml:lang are specified in Section 2.12 of XML 1.0 interpretation of "xml:lang" are specified in Section 2.12 of XML 1.0
[REC-xml]. [REC-xml].
3. Terminology 3. Terminology
For convenience, this protocol can be referred to as the "Atom For convenience, this protocol can be referred to as the "Atom
Protocol" or "APP". The following terminology is used by this Protocol" or "AtomPub". The following terminology is used by this
specification: specification:
o URI - A Uniform Resource Identifier as defined in [RFC3986]. In o URI - A Uniform Resource Identifier as defined in [RFC3986]. In
this specification the phrase "the URI of a document" is shorthand this specification, the phrase "the URI of a document" is
for "a URI which, when dereferenced, is expected to produce that shorthand for "a URI which, when dereferenced, is expected to
document as a representation". produce that document as a representation".
o IRI - An Internationalized Resource Identifier as defined in o IRI - An Internationalized Resource Identifier as defined in
[RFC3987]. Before an IRI found in a document is used by HTTP, the [RFC3987]. Before an IRI found in a document is used by HTTP, the
IRI is first converted to a URI. See Section 4.1. IRI is first converted to a URI. See Section 4.1.
o Resource - A network-accessible data object or service identified o Resource - A network-accessible data object or service identified
by an IRI, as defined in [RFC2616]. See [REC-webarch] for further by an IRI, as defined in [RFC2616]. See [REC-webarch] for further
discussion on Resources. discussion on Resources.
o relation (or "relation of") - Refers to the "rel" attribute value o relation (or "relation of") - Refers to the "rel" attribute value
skipping to change at page 8, line 44 skipping to change at page 6, line 16
Collection by an atom:link element with a relation of "edit" or Collection by an atom:link element with a relation of "edit" or
"edit-media". See Section 9.1. The protocol defines two kinds of "edit-media". See Section 9.1. The protocol defines two kinds of
Members: Members:
* Entry Resource - Members of a Collection that are represented * Entry Resource - Members of a Collection that are represented
as Atom Entry Documents, as defined in [RFC4287]. as Atom Entry Documents, as defined in [RFC4287].
* Media Resource - Members of a Collection that have * Media Resource - Members of a Collection that have
representations other than Atom Entry Documents. representations other than Atom Entry Documents.
o Media Link Entry - an Entry Resource that contains metadata about o Media Link Entry - An Entry Resource that contains metadata about
a Media Resource. See Section 9.6. a Media Resource. See Section 9.6.
o Workspace - A named group of Collections. See Section 8.1. o Workspace - A named group of Collections. See Section 8.1.
o Service Document - A document that describes the location and o Service Document - A document that describes the location and
capabilities of one or more Collections, grouped into Workspaces. capabilities of one or more Collections, grouped into Workspaces.
See Section 8. See Section 8.
o Category Document - A document that describes the categories o Category Document - A document that describes the categories
allowed in a Collection. See Section 7. allowed in a Collection. See Section 7.
4. Protocol Model 4. Protocol Model
The Atom Protocol specifies operations for publishing and editing The Atom Protocol specifies operations for publishing and editing
Resources using HTTP. It uses Atom-formatted representations to Resources using HTTP. It uses Atom-formatted representations to
describe the state and metadata of those Resources. It defines how describe the state and metadata of those Resources. It defines how
Collections of Resources can be organized, and specifies formats to Collections of Resources can be organized, and it specifies formats
support their discovery, grouping and categorization. to support their discovery, grouping and categorization.
4.1. Identity and Naming 4.1. Identity and Naming
Atom Protocol documents allow the use of IRIs [RFC3987], as well as Atom Protocol documents allow the use of IRIs [RFC3987] as well as
URIs [RFC3986] to identify Resources. Before an IRI in a document is URIs [RFC3986] to identify Resources. Before an IRI in a document is
used by HTTP, the IRI is first converted to a URI according to the used by HTTP, the IRI is first converted to a URI according to the
procedure defined in Section 3.1 of [RFC3987]. In accordance with procedure defined in Section 3.1 of [RFC3987]. In accordance with
that specification, the conversion SHOULD be applied as late as that specification, the conversion SHOULD be applied as late as
possible. Conversion does not imply Resource creation - the IRI and possible. Conversion does not imply Resource creation -- the IRI and
the URI into which it is converted identify the same Resource. the URI into which it is converted identify the same Resource.
While the Atom Protocol specifies the formats of the representations While the Atom Protocol specifies the formats of the representations
that are exchanged and the actions that can be performed on the IRIs that are exchanged and the actions that can be performed on the IRIs
embedded in those representations, it does not constrain the form of embedded in those representations, it does not constrain the form of
the URIs that are used. HTTP [RFC2616] specifies that the URI space the URIs that are used. HTTP [RFC2616] specifies that the URI space
of each server is controlled by that server, and this protocol of each server is controlled by that server, and this protocol
imposes no further constraints on that control. imposes no further constraints on that control.
4.2. Documents and Resource classification 4.2. Documents and Resource Classification
A Resource whose IRI is listed in a Collection is called a Member A Resource whose IRI is listed in a Collection is called a Member
Resource. The protocol defines two kinds of Member Resources - Entry Resource. The protocol defines two kinds of Member Resources --
Resources and Media Resources. Entry Resources are represented as Entry Resources and Media Resources. Entry Resources are represented
Atom Entry Documents [RFC4287]. Media Resources can have as Atom Entry Documents [RFC4287]. Media Resources can have
representations in any media type. A Media Resource is described representations in any media type. A Media Resource is described
within a Collection using an Entry called a Media Link Entry. This within a Collection using an Entry called a Media Link Entry. This
diagram shows the classification of Resources within the Atom diagram shows the classification of Resources within the Atom
Protocol: Protocol:
Member Resources Member Resources
| |
----------------- -----------------
| | | |
Entry Resources Media Resources Entry Resources Media Resources
skipping to change at page 11, line 9 skipping to change at page 7, line 33
The Atom Protocol defines Collection Resources for managing and The Atom Protocol defines Collection Resources for managing and
organizing both kinds of Member Resource. A Collection is organizing both kinds of Member Resource. A Collection is
represented by an Atom Feed Document. A Collection Feed's Entries represented by an Atom Feed Document. A Collection Feed's Entries
contain the IRIs of, and metadata about, the Collection's Member contain the IRIs of, and metadata about, the Collection's Member
Resources. A Collection Feed can contain any number of Entries, Resources. A Collection Feed can contain any number of Entries,
which might represent all the Members of the Collection, or an which might represent all the Members of the Collection, or an
ordered subset of them (see Section 10.1). In the diagram of a ordered subset of them (see Section 10.1). In the diagram of a
Collection below, there are two Entries. The first contains the IRI Collection below, there are two Entries. The first contains the IRI
of an Entry Resource. The second contains the IRIs of both a Media of an Entry Resource. The second contains the IRIs of both a Media
Resource and a Media Link Entry Resource, which contains the metadata Resource and a Media Link Entry, which contains the metadata for that
for that Media Resource: Media Resource:
Collection Collection
| |
o- Entry o- Entry
| | | |
| o- Member Entry IRI (Entry Resource) | o- Member Entry IRI (Entry Resource)
| |
o- Entry o- Entry
| |
o- Member Entry IRI (Media Link Entry) o- Member Entry IRI (Media Link Entry)
| |
o- Media IRI (Media Resource) o- Media IRI (Media Resource)
The Atom Protocol does not make a distinction between Feeds used for The Atom Protocol does not make a distinction between Feeds used for
Collections and other Atom Feeds. The only mechanism that this Collections and other Atom Feeds. The only mechanism that this
specification supplies for indicating a Feed is a Collection Feed is specification supplies for indicating that a Feed is a Collection
the presence of its IRI in a Service Document. Feed is the presence of the Feed's IRI in a Service Document.
Service Documents represent server-defined groups of Collections, and Service Documents represent server-defined groups of Collections, and
are used to initialize the process of creating and editing Resources. are used to initialize the process of creating and editing Resources.
These groups of Collections are called Workspaces. Workspaces have These groups of Collections are called Workspaces. Workspaces have
names, but no IRIs, and no specified processing model. The Service names, but no IRIs, and no specified processing model. The Service
Document can indicate which media types, and which categories, a Document can indicate which media types, and which categories, a
Collection will accept. In the diagram below, there are two Collection will accept. In the diagram below, there are two
Workspaces each describing the IRIs, acceptable media types, and Workspaces each describing the IRIs, acceptable media types, and
categories for a Collection: categories for a Collection:
skipping to change at page 12, line 12 skipping to change at page 8, line 34
| |
o- IRI, categories, media types o- IRI, categories, media types
4.3. Control and Publishing 4.3. Control and Publishing
The Atom Publishing Protocol uses HTTP methods to author Member The Atom Publishing Protocol uses HTTP methods to author Member
Resources as follows: Resources as follows:
o GET is used to retrieve a representation of a known Resource. o GET is used to retrieve a representation of a known Resource.
o POST is used to create a new, dynamically-named, Resource. When o POST is used to create a new, dynamically named, Resource. When
the client submits non-Atom-Entry representations to a Collection the client submits non-Atom-Entry representations to a Collection
for creation, two Resources are always created - a Media Entry for for creation, two Resources are always created -- a Media Entry
the requested Resource, and a Media Link Entry for metadata about for the requested Resource, and a Media Link Entry for metadata
the Resource that will appear in the Collection. about the Resource that will appear in the Collection.
o PUT is used to edit a known Resource. It is not used for Resource o PUT is used to edit a known Resource. It is not used for Resource
creation. creation.
o DELETE is used to remove a known Resource. o DELETE is used to remove a known Resource.
The Atom Protocol only covers the creating, editing, and deleting of The Atom Protocol only covers the creating, editing, and deleting of
Entry and Media Resources. Other Resources could be created, edited Entry and Media Resources. Other Resources could be created, edited,
and deleted as the result of manipulating a Collection, but the and deleted as the result of manipulating a Collection, but the
number of those Resources, their media-types, and effects of Atom number of those Resources, their media types, and effects of Atom
Protocol operations on them are outside the scope of this Protocol operations on them are outside the scope of this
specification. specification.
Since all aspects of client-server interaction are defined in terms Since all aspects of client-server interaction are defined in terms
of HTTP, [RFC2616] should be consulted for any areas not covered in of HTTP, [RFC2616] should be consulted for any areas not covered in
this specification. this specification.
4.4. Client Implementation Considerations 4.4. Client Implementation Considerations
The Atom Protocol imposes few restrictions on the actions of servers. The Atom Protocol imposes few restrictions on the actions of servers.
Unless a constraint is specified here, servers can be expected to Unless a constraint is specified here, servers can be expected to
vary in behavior, in particular around the manipulation of Atom vary in behavior, in particular around the manipulation of Atom
Entries sent by clients. For example, although this specification Entries sent by clients. For example, although this specification
only defines the expected behavior of Collections with respect to GET only defines the expected behavior of Collections with respect to GET
and POST, this does not imply that PUT, DELETE, PROPPATCH and others and POST, this does not imply that PUT, DELETE, PROPPATCH, and others
are forbidden on Collection Resources - only that this specification are forbidden on Collection Resources -- only that this specification
does not define what the server's response would be to those methods. does not define what the server's response would be to those methods.
Similarly while some HTTP status codes are mentioned explicitly, Similarly, while some HTTP status codes are mentioned explicitly,
clients ought to be prepared to handle any status code from a server. clients ought to be prepared to handle any status code from a server.
Servers can choose to accept, reject, delay, moderate, censor, Servers can choose to accept, reject, delay, moderate, censor,
reformat, translate, relocate or re-categorize the content submitted reformat, translate, relocate, or re-categorize the content submitted
to them. Only some of these choices are immediately relayed back to to them. Only some of these choices are immediately relayed back to
the client in responses to client requests; other choices may only the client in responses to client requests; other choices may only
become apparent later, in the feed or published entries. The same become apparent later, in the feed or published entries. The same
series of requests to two different publishing sites can result in a series of requests to two different publishing sites can result in a
different series of HTTP responses, different resulting feeds or different series of HTTP responses, different resulting feeds, or
different entry contents. different entry contents.
As a result, client software has to be written flexibly to accept As a result, client software has to be written flexibly to accept
what the server decides are the results of its submissions. Any what the server decides are the results of its submissions. Any
server response or server content modification not explicitly server response or server content modification not explicitly
forbidden by this specification or HTTP [RFC2616] is therefore forbidden by this specification or HTTP [RFC2616] is therefore
allowed. allowed.
5. Protocol Operations 5. Protocol Operations
While specific HTTP status codes are shown in the interaction While specific HTTP status codes are shown in the interaction
diagrams below, an APP client should be prepared to handle any status diagrams below, an AtomPub client should be prepared to handle any
code. For example, a PUT to a Member URI could result in the return status code. For example, a PUT to a Member URI could result in the
of a "204 No Content" status code, which still indicates success. return of a "204 No Content" status code, which still indicates
success.
5.1. Retrieving a Service Document 5.1. Retrieving a Service Document
Client Server Client Server
| | | |
| 1.) GET to Service Document URI | | 1.) GET to Service Document URI |
|------------------------------------------>| |------------------------------------------>|
| | | |
| 2.) 200 Ok | | 2.) 200 Ok |
| Service Document | | Service Document |
skipping to change at page 14, line 35 skipping to change at page 10, line 28
Document. Document.
2. The server responds with a Service Document enumerating the IRIs 2. The server responds with a Service Document enumerating the IRIs
of a group of Collections and the capabilities of those of a group of Collections and the capabilities of those
Collections supported by the server. The content of this Collections supported by the server. The content of this
document can vary based on aspects of the client request, document can vary based on aspects of the client request,
including, but not limited to, authentication credentials. including, but not limited to, authentication credentials.
5.2. Listing Collection Members 5.2. Listing Collection Members
To list the members of a Collection, the client sends a GET request To list the Members of a Collection, the client sends a GET request
to the URI of a Collection. An Atom Feed Document is returned whose to the URI of a Collection. An Atom Feed Document is returned whose
Entries contain the IRIs of Member Resources. The returned Feed may Entries contain the IRIs of Member Resources. The returned Feed may
describe all, or only a partial list, of the Members in a Collection describe all, or only a partial list, of the Members in a Collection
(see Section 10). (see Section 10).
Client Server Client Server
| | | |
| 1.) GET to Collection URI | | 1.) GET to Collection URI |
|------------------------------->| |------------------------------->|
| | | |
| 2.) 200 Ok | | 2.) 200 Ok |
| Atom Feed | | Atom Feed Document |
|<-------------------------------| |<-------------------------------|
| | | |
1. The client sends a GET request to the URI of the Collection. 1. The client sends a GET request to the URI of the Collection.
2. The server responds with an Atom Feed Document containing the 2. The server responds with an Atom Feed Document containing the
IRIs of the Collection Members. IRIs of the Collection Members.
5.3. Creating a Resource 5.3. Creating a Resource
Client Server Client Server
| | | |
| 1.) POST to Collection URI | | 1.) POST to Collection URI |
skipping to change at page 15, line 26 skipping to change at page 11, line 22
| | | |
| 2.) 201 Created | | 2.) 201 Created |
| Location: Member Entry URI | | Location: Member Entry URI |
|<------------------------------------------| |<------------------------------------------|
| | | |
1. The client POSTs a representation of the Member to the URI of the 1. The client POSTs a representation of the Member to the URI of the
Collection. Collection.
2. If the Member Resource was created successfully, the server 2. If the Member Resource was created successfully, the server
responds with a status code of 201 and a Location: header that responds with a status code of 201 and a Location header that
contains the IRI of the newly created Entry Resource. Media contains the IRI of the newly created Entry Resource. Media
Resources could have also been created and their IRIs can be Resources could have also been created and their IRIs can be
found through the Entry Resource. See Section 9.6 for more found through the Entry Resource. See Section 9.6 for more
details. details.
5.4. Editing a Resource 5.4. Editing a Resource
Once a Resource has been created and its Member URI is known, that Once a Resource has been created and its Member URI is known, that
URI can be used to retrieve, edit, and delete the Resource. URI can be used to retrieve, edit, and delete the Resource. Section
Section 11 describes extensions to the Atom Syndication Format used 11 describes extensions to the Atom Syndication Format used in the
in the Atom Protocol for editing purposes. Atom Protocol for editing purposes.
5.4.1. Retrieving a Resource 5.4.1. Retrieving a Resource
Client Server Client Server
| | | |
| 1.) GET to Member URI | | 1.) GET to Member URI |
|------------------------------------------>| |------------------------------------------>|
| | | |
| 2.) 200 Ok | | 2.) 200 Ok |
| Member Representation | | Member Representation |
skipping to change at page 16, line 41 skipping to change at page 12, line 36
| 1.) DELETE to Member URI | | 1.) DELETE to Member URI |
|------------------------------------------>| |------------------------------------------>|
| | | |
| 2.) 200 OK | | 2.) 200 OK |
|<------------------------------------------| |<------------------------------------------|
| | | |
1. The client sends a DELETE request to the URI of a Member 1. The client sends a DELETE request to the URI of a Member
Resource. Resource.
2. If the deletion is successful the server responds with a status 2. If the deletion is successful, the server responds with a status
code of 200. code of 200.
A different approach is taken for deleting Media Resources; see A different approach is taken for deleting Media Resources; see
Section 9.6 for details. Section 9.4 for details.
5.5. Use of HTTP Response codes 5.5. Use of HTTP Response Codes
The Atom Protocol uses the response status codes defined in HTTP to The Atom Protocol uses the response status codes defined in HTTP to
indicate the success or failure of an operation. Consult the HTTP indicate the success or failure of an operation. Consult the HTTP
specification [RFC2616] for detailed definitions of each status code. specification [RFC2616] for detailed definitions of each status code.
Implementers are asked to note that according to the HTTP Implementers are asked to note that according to the HTTP
specification, HTTP 4xx and 5xx response entities SHOULD include a specification, HTTP 4xx and 5xx response entities SHOULD include a
human-readable explanation of the error. human-readable explanation of the error.
6. Protocol Documents 6. Protocol Documents
6.1. Document Types 6.1. Document Types
This specification defines two kinds of documents - Category This specification defines two kinds of documents -- Category
Documents and Service Documents. Documents and Service Documents.
A Category Document (Section 7) contains lists of categories A Category Document (Section 7) contains lists of categories
specified using the "atom:category" element from the Atom Syndication specified using the "atom:category" element from the Atom Syndication
Format (see Section 4.2.2 of [RFC4287]). Format (see Section 4.2.2 of [RFC4287]).
A Service Document (Section 8) groups available Collections into A Service Document (Section 8) groups available Collections into
Workspaces. Workspaces.
The namespace name [REC-xml-names] for either kind of document is: The namespace name [REC-xml-names] for either kind of document is:
skipping to change at page 18, line 46 skipping to change at page 13, line 46
Unrecognized markup in an Atom Publishing Protocol document is Unrecognized markup in an Atom Publishing Protocol document is
considered "foreign markup" as defined in Section 6 of the Atom considered "foreign markup" as defined in Section 6 of the Atom
Syndication Format [RFC4287]. Foreign markup can be used anywhere Syndication Format [RFC4287]. Foreign markup can be used anywhere
within a Category or Service Document unless it is explicitly within a Category or Service Document unless it is explicitly
forbidden. Processors that encounter foreign markup MUST NOT stop forbidden. Processors that encounter foreign markup MUST NOT stop
processing and MUST NOT signal an error. Clients SHOULD preserve processing and MUST NOT signal an error. Clients SHOULD preserve
foreign markup when transmitting such documents. foreign markup when transmitting such documents.
The namespace name "http://www.w3.org/2007/app" is reserved for The namespace name "http://www.w3.org/2007/app" is reserved for
forward compatible revisions of the Category and Service Document forward-compatible revisions of the Category and Service Document
types - this does not exclude the addition of elements and attributes types. This does not exclude the addition of elements and attributes
that might not be recognized by processors conformant to this that might not be recognized by processors conformant to this
specification. Such unrecognized markup from the specification. Such unrecognized markup from the
"http://www.w3.org/2007/app" namespace MUST be treated as foreign "http://www.w3.org/2007/app" namespace MUST be treated as foreign
markup. markup.
7. Category Documents 7. Category Documents
Category Documents contain lists of categories described using the Category Documents contain lists of categories described using the
"atom:category" element from the Atom Syndication Format [RFC4287]. "atom:category" element from the Atom Syndication Format [RFC4287].
Categories can also appear in Service Documents, where they indicate Categories can also appear in Service Documents, where they indicate
skipping to change at page 19, line 38 skipping to change at page 14, line 38
terms 'animal', 'vegetable', and 'mineral'. None of the categories terms 'animal', 'vegetable', and 'mineral'. None of the categories
use the "label" attribute defined in [RFC4287]. They all inherit the use the "label" attribute defined in [RFC4287]. They all inherit the
"http://example.com/cats/big3" "scheme" attribute declared on the "http://example.com/cats/big3" "scheme" attribute declared on the
app:categories element. Therefore if the 'mineral' category were to app:categories element. Therefore if the 'mineral' category were to
appear in an Atom Entry or Feed Document, it would appear as: appear in an Atom Entry or Feed Document, it would appear as:
<atom:category scheme="http://example.com/cats/big3" term="mineral"/> <atom:category scheme="http://example.com/cats/big3" term="mineral"/>
7.2. Element Definitions 7.2. Element Definitions
7.2.1. The "app:categories" element 7.2.1. The "app:categories" Element
The root of a Category Document is the "app:categories" element. An The root of a Category Document is the "app:categories" element. An
app:categories element can contain zero or more "atom:category" app:categories element can contain zero or more atom:category
elements from the Atom Syndication Format [RFC4287] namespace elements from the Atom Syndication Format [RFC4287] namespace
("http://www.w3.org/2005/Atom"). ("http://www.w3.org/2005/Atom").
An atom:category child element that has no "scheme" attribute An atom:category child element that has no "scheme" attribute
inherits the attribute from its app:categories parent. An atom: inherits the attribute from its app:categories parent. An atom:
category child element with an existing "scheme" attribute does not category child element with an existing "scheme" attribute does not
inherit the "scheme" value of its "app:categories" parent element. inherit the "scheme" value of its app:categories parent element.
atomCategory = atomCategory =
element atom:category { element atom:category {
atomCommonAttributes, atomCommonAttributes,
attribute term { text }, attribute term { text },
attribute scheme { atomURI }?, attribute scheme { atomURI }?,
attribute label { text }?, attribute label { text }?,
undefinedContent undefinedContent
} }
skipping to change at page 24, line 24 skipping to change at page 18, line 30
8.3.2.1. The "atom:title" Element 8.3.2.1. The "atom:title" Element
The app:workspace element MUST contain one "atom:title" element (as The app:workspace element MUST contain one "atom:title" element (as
defined in [RFC4287]), giving a human-readable title for the defined in [RFC4287]), giving a human-readable title for the
Workspace. Workspace.
8.3.3. The "app:collection" Element 8.3.3. The "app:collection" Element
The "app:collection" element describes a Collection. The app: The "app:collection" element describes a Collection. The app:
collection Element MUST contain one "atom:title" element. collection element MUST contain one atom:title element.
The app:collection element MAY contain any number of app:accept The app:collection element MAY contain any number of app:accept
elements, indicating the types of representations accepted by the elements, indicating the types of representations accepted by the
Collection. The order of such elements is not significant. Collection. The order of such elements is not significant.
The app:collection element MAY contain any number of app:categories The app:collection element MAY contain any number of app:categories
elements. elements.
appCollection = appCollection =
element app:collection { element app:collection {
skipping to change at page 24, line 50 skipping to change at page 19, line 7
& extensionSansTitleElement* ) & extensionSansTitleElement* )
} }
8.3.3.1. The "href" Attribute 8.3.3.1. The "href" Attribute
The app:collection element MUST contain an "href" attribute, whose The app:collection element MUST contain an "href" attribute, whose
value gives the IRI of the Collection. value gives the IRI of the Collection.
8.3.3.2. The "atom:title" Element 8.3.3.2. The "atom:title" Element
The "atom:title" element is defined in [RFC4287], and gives a human- The "atom:title" element is defined in [RFC4287] and gives a human-
readable title for the Collection. readable title for the Collection.
8.3.4. The "app:accept" Element 8.3.4. The "app:accept" Element
The content of an "app:accept" element value is a media-range as The content of an "app:accept" element value is a media range as
defined in [RFC2616]. The media range specifies a type of defined in [RFC2616]. The media range specifies a type of
representation that can be POSTed to a Collection. representation that can be POSTed to a Collection.
The app:accept element is similar to the HTTP Accept request-header The app:accept element is similar to the HTTP Accept request-header
[RFC2616]. Media type parameters are allowed within app:accept, but [RFC2616]. Media type parameters are allowed within app:accept, but
app:accept has no notion of preference - "accept-params" or "q" app:accept has no notion of preference -- "accept-params" or "q"
arguments, as specified in Section 14.1 of [RFC2616] are not arguments, as specified in Section 14.1 of [RFC2616] are not
significant. significant.
White space (as defined in [REC-xml]) around the app:accept element's White space (as defined in [REC-xml]) around the app:accept element's
media-range is insignificant and MUST be ignored. media range is insignificant and MUST be ignored.
A value of "application/atom+xml;type=entry" MAY appear in any app: A value of "application/atom+xml;type=entry" MAY appear in any app:
accept list of media-ranges and indicates that Atom Entry Documents accept list of media ranges and indicates that Atom Entry Documents
can be POSTed to the Collection. If no app:accept element is can be POSTed to the Collection. If no app:accept element is
present, clients SHOULD treat this as equivalent to an app:accept present, clients SHOULD treat this as equivalent to an app:accept
element with the content "application/atom+xml;type=entry". element with the content "application/atom+xml;type=entry".
If one accept element exists and is empty, clients SHOULD assume that If one app:accept element exists and is empty, clients SHOULD assume
the Collection does not support the creation of new Entries. that the Collection does not support the creation of new Entries.
appAccept = appAccept =
element app:accept { element app:accept {
appCommonAttributes, appCommonAttributes,
( text? ) ( text? )
} }
8.3.5. Usage in Atom Feed Documents 8.3.5. Usage in Atom Feed Documents
The app:collection element MAY appear as a child of an atom:feed or The app:collection element MAY appear as a child of an atom:feed or
skipping to change at page 25, line 51 skipping to change at page 20, line 12
collection element is considered foreign markup as defined in Section collection element is considered foreign markup as defined in Section
6 of [RFC4287]. 6 of [RFC4287].
8.3.6. The "app:categories" Element 8.3.6. The "app:categories" Element
The "app:categories" element provides a list of the categories that The "app:categories" element provides a list of the categories that
can be applied to the members of a Collection. See Section 7.2.1 for can be applied to the members of a Collection. See Section 7.2.1 for
the detailed definition of app:categories. the detailed definition of app:categories.
The server MAY reject attempts to create or store members whose The server MAY reject attempts to create or store members whose
categories are not present in its categories list. Collections that categories are not present in its categories list. A Collection that
indicate the category set is open SHOULD NOT reject otherwise indicates the category set is open SHOULD NOT reject otherwise
acceptable members whose categories are not in its categories list. acceptable members whose categories are not in its categories list.
The absence of an "app:categories" element means that the category The absence of an app:categories element means that the category
handling of the Collection is unspecified. A "fixed" category list handling of the Collection is unspecified. A "fixed" category list
that contains zero categories indicates the Collection does not that contains zero categories indicates the Collection does not
accept category data. accept category data.
9. Creating and Editing Resources 9. Creating and Editing Resources
9.1. Member URIs 9.1. Member URIs
The Member URI allows clients to retrieve, edit and delete a Member The Member URI allows clients to retrieve, edit, and delete a Member
Resource using HTTP's GET, PUT and DELETE methods. Entry Resources Resource using HTTP's GET, PUT, and DELETE methods. Entry Resources
are represented as Atom Entry documents. are represented as Atom Entry documents.
Member URIs appear in two places. They are returned in a Location Member URIs appear in two places. They are returned in a Location
header after successful Resource creation using POST, as described in header after successful Resource creation using POST, as described in
Section 9.2 below. They can also appear in a Collection Feed's Section 9.2 below. They can also appear in a Collection Feed's
entries, as atom:link elements with a link relation of "edit". Entries, as atom:link elements with a link relation of "edit".
A Member Entry SHOULD contain such an atom:link element with a link A Member Entry SHOULD contain such an atom:link element with a link
relation of "edit", which indicates the Member URI. relation of "edit", which indicates the Member URI.
9.2. Creating Resources with POST 9.2. Creating Resources with POST
To add members to a Collection, clients send POST requests to the URI To add members to a Collection, clients send POST requests to the URI
of the Collection. of the Collection.
Successful member creation is indicated with a 201 ("Created") Successful member creation is indicated with a 201 ("Created")
response code. When the Collection responds with a status code of response code. When the Collection responds with a status code of
201, it SHOULD also return a response body, which MUST be an Atom 201, it SHOULD also return a response body, which MUST be an Atom
Entry Document representing the newly-created Resource. Since the Entry Document representing the newly created Resource. Since the
server is free to alter the POSTed Entry, for example by changing the server is free to alter the POSTed Entry, for example, by changing
content of the atom:id element, returning the Entry can be useful to the content of the atom:id element, returning the Entry can be useful
the client, enabling it to correlate the client and server views of to the client, enabling it to correlate the client and server views
the new Entry. of the new Entry.
When a Member Resource is created, its Member Entry URI MUST be When a Member Resource is created, its Member Entry URI MUST be
returned in a Location header in the Collection's response. returned in a Location header in the Collection's response.
If the creation request contained an Atom Entry Document, and the If the creation request contained an Atom Entry Document, and the
subsequent response from the server contains a Content-Location subsequent response from the server contains a Content-Location
header that matches the Location header character-for-character, then header that matches the Location header character-for-character, then
the client is authorized to interpret the response entity as being a the client is authorized to interpret the response entity as being a
complete representation of the newly created Entry. Without a complete representation of the newly created Entry. Without a
matching Content-Location header, the client MUST NOT assume the matching Content-Location header, the client MUST NOT assume the
returned entity is a complete representation of the created Resource. returned entity is a complete representation of the created Resource.
The request body sent with the POST need not be an Atom Entry. For The request body sent with the POST need not be an Atom Entry. For
example, it might be a picture, or a movie. Collections MAY return a example, it might be a picture or a movie. Collections MAY return a
response with a status code of 415 ("Unsupported Media Type") to response with a status code of 415 ("Unsupported Media Type") to
indicate that the media-type of the POSTed entity is not allowed or indicate that the media type of the POSTed entity is not allowed or
supported by the Collection. For a discussion of the issues in supported by the Collection. For a discussion of the issues in
creating such content, see Section 9.6. creating such content, see Section 9.6.
9.2.1. Example 9.2.1. Example
Below, the client sends a POST request containing an Atom Entry Below, the client sends a POST request containing an Atom Entry
representation using the URI of the Collection: representation using the URI of the Collection:
POST /edit/ HTTP/1.1 POST /edit/ HTTP/1.1
Host: example.org Host: example.org
skipping to change at page 28, line 28 skipping to change at page 21, line 43
<?xml version="1.0"?> <?xml version="1.0"?>
<entry xmlns="http://www.w3.org/2005/Atom"> <entry xmlns="http://www.w3.org/2005/Atom">
<title>Atom-Powered Robots Run Amok</title> <title>Atom-Powered Robots Run Amok</title>
<id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id> <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id>
<updated>2003-12-13T18:30:02Z</updated> <updated>2003-12-13T18:30:02Z</updated>
<author><name>John Doe</name></author> <author><name>John Doe</name></author>
<content>Some text.</content> <content>Some text.</content>
</entry> </entry>
The server signals a successful creation with a status code of 201. The server signals a successful creation with a status code of 201.
The response includes a Location: header indicating the Member Entry The response includes a Location header indicating the Member Entry
URI of the Atom Entry, and a representation of that Entry in the body URI of the Atom Entry, and a representation of that Entry in the body
of the response. of the response.
HTTP/1.1 201 Created HTTP/1.1 201 Created
Date: Fri, 7 Oct 2005 17:17:11 GMT Date: Fri, 7 Oct 2005 17:17:11 GMT
Content-Length: nnn Content-Length: nnn
Content-Type: application/atom+xml;type=entry;charset="utf-8" Content-Type: application/atom+xml;type=entry;charset="utf-8"
Location: http://example.org/edit/first-post.atom Location: http://example.org/edit/first-post.atom
ETag: "c180de84f991g8" ETag: "c180de84f991g8"
<?xml version="1.0"?> <?xml version="1.0"?>
<entry xmlns="http://www.w3.org/2005/Atom"> <entry xmlns="http://www.w3.org/2005/Atom">
<title>Atom-Powered Robots Run Amok</title> <title>Atom-Powered Robots Run Amok</title>
<id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id> <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id>
<updated>2003-12-13T18:30:02Z</updated> <updated>2003-12-13T18:30:02Z</updated>
<author><name>John Doe</name></author> <author><name>John Doe</name></author>
<content>Some text.</content> <content>Some text.</content>
<link rel="edit" <link rel="edit"
href="http://example.org/edit/first-post.atom"/> href="http://example.org/edit/first-post.atom"/>
</entry> </entry>
skipping to change at page 28, line 52 skipping to change at page 22, line 17
<id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id> <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id>
<updated>2003-12-13T18:30:02Z</updated> <updated>2003-12-13T18:30:02Z</updated>
<author><name>John Doe</name></author> <author><name>John Doe</name></author>
<content>Some text.</content> <content>Some text.</content>
<link rel="edit" <link rel="edit"
href="http://example.org/edit/first-post.atom"/> href="http://example.org/edit/first-post.atom"/>
</entry> </entry>
The Entry created and returned by the Collection might not match the The Entry created and returned by the Collection might not match the
Entry POSTed by the client. A server MAY change the values of Entry POSTed by the client. A server MAY change the values of
various elements in the Entry, such as the atom:id, atom:updated and various elements in the Entry, such as the atom:id, atom:updated, and
atom:author values, and MAY choose to remove or add other elements atom:author values, and MAY choose to remove or add other elements
and attributes, or change element content and attribute values. and attributes, or change element content and attribute values.
9.3. Editing Resources with PUT 9.3. Editing Resources with PUT
To edit a Member Resource, clients send PUT requests to its Member To edit a Member Resource, a client sends a PUT request to its Member
URI, as specified in [RFC2616]. URI, as specified in [RFC2616].
To avoid unintentional loss of data when editing Member Entries or To avoid unintentional loss of data when editing Member Entries or
Media Link Entries, Atom Protocol clients SHOULD preserve all Media Link Entries, an Atom Protocol client SHOULD preserve all
metadata that has not been intentionally modified, including unknown metadata that has not been intentionally modified, including unknown
foreign markup as defined in Section 6 of [RFC4287]. foreign markup as defined in Section 6 of [RFC4287].
9.4. Deleting Resources with DELETE 9.4. Deleting Resources with DELETE
To delete a Member Resource, clients send a DELETE request to its To delete a Member Resource, a client sends a DELETE request to its
Member URI, as specified in [RFC2616]. The deletion of a Media Link Member URI, as specified in [RFC2616]. The deletion of a Media Link
Entry SHOULD result in the deletion of the corresponding Media Entry SHOULD result in the deletion of the corresponding Media
Resource. Resource.
9.5. Caching and entity tags 9.5. Caching and Entity Tags
Implementers are advised to pay attention to cache controls, and to Implementers are advised to pay attention to cache controls and to
make use of the mechanisms available in HTTP when editing Resources, make use of the mechanisms available in HTTP when editing Resources,
in particular entity-tags as outlined in [NOTE-detect-lost-update]. in particular, entity-tags as outlined in [NOTE-detect-lost-update].
Clients are not assured to receive the most recent representations of Clients are not assured to receive the most recent representations of
Collection Members using GET if the server is authorizing Collection Members using GET if the server is authorizing
intermediaries to cache them. intermediaries to cache them.
9.5.1. Example 9.5.1. Example
Below, the client creates a Member Entry using POST: Below, the client creates a Member Entry using POST:
POST /myblog/entries HTTP/1.1 POST /myblog/entries HTTP/1.1
Host: example.org Host: example.org
skipping to change at page 30, line 4 skipping to change at page 23, line 24
Slug: First Post Slug: First Post
<?xml version="1.0" ?> <?xml version="1.0" ?>
<entry xmlns="http://www.w3.org/2005/Atom"> <entry xmlns="http://www.w3.org/2005/Atom">
<title>Atom-Powered Robots Run Amok</title> <title>Atom-Powered Robots Run Amok</title>
<id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id> <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id>
<updated>2007-02-123T17:09:02Z</updated> <updated>2007-02-123T17:09:02Z</updated>
<author><name>Captain Lansing</name></author> <author><name>Captain Lansing</name></author>
<content>It's something moving... solid metal</content> <content>It's something moving... solid metal</content>
</entry> </entry>
The server signals a successful creation with a status code of 201, The server signals a successful creation with a status code of 201,
and returns an ETag header in the response. Because, in this case, and returns an ETag header in the response. Because, in this case,
the server returned a Content-Location and Location header with the the server returned a Content-Location header and Location header
same value, the returned Entry representation can be understood to be with the same value, the returned Entry representation can be
a complete representation of the newly created Entry (see understood to be a complete representation of the newly created Entry
Section 9.2). (see Section 9.2).
HTTP/1.1 201 Created HTTP/1.1 201 Created
Date: Fri, 23 Feb 2007 21:17:11 GMT Date: Fri, 23 Feb 2007 21:17:11 GMT
Content-Length: nnn Content-Length: nnn
Content-Type: application/atom+xml;type=entry Content-Type: application/atom+xml;type=entry
Location: http://example.org/edit/first-post.atom Location: http://example.org/edit/first-post.atom
Content-Location: http://example.org/edit/first-post.atom Content-Location: http://example.org/edit/first-post.atom
ETag: "e180ee84f0671b1" ETag: "e180ee84f0671b1"
<?xml version="1.0" ?> <?xml version="1.0" ?>
skipping to change at page 30, line 31 skipping to change at page 23, line 52
<title>Atom-Powered Robots Run Amok</title> <title>Atom-Powered Robots Run Amok</title>
<id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id> <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id>
<updated>2007-02-123T17:09:02Z</updated> <updated>2007-02-123T17:09:02Z</updated>
<author><name>Captain Lansing</name></author> <author><name>Captain Lansing</name></author>
<content>It's something moving... solid metal</content> <content>It's something moving... solid metal</content>
</entry> </entry>
The client can, if it wishes, use the returned ETag value to later The client can, if it wishes, use the returned ETag value to later
construct a "Conditional GET" as defined in [RFC2616]. In this case, construct a "Conditional GET" as defined in [RFC2616]. In this case,
prior to editing, the client sends the ETag value for the Member prior to editing, the client sends the ETag value for the Member
using the If-None-Match: header. using the If-None-Match header.
GET /edit/first-post.atom HTTP/1.1 GET /edit/first-post.atom HTTP/1.1
Host: example.org Host: example.org
Authorization: Basic ZGFmZnk6c2VjZXJldA== Authorization: Basic ZGFmZnk6c2VjZXJldA==
If-None-Match: "e180ee84f0671b1" If-None-Match: "e180ee84f0671b1"
If the Entry has not been modified, the response will be a status If the Entry has not been modified, the response will be a status
code of 304 (Not Modified). This allows the client to determine it code of 304 ("Not Modified"). This allows the client to determine
still has the most recent representation of the Entry at the time of whether it still has the most recent representation of the Entry at
editing. the time of editing.
HTTP/1.1 304 Not Modified HTTP/1.1 304 Not Modified
Date: Sat, 24 Feb 2007 13:17:11 GMT Date: Sat, 24 Feb 2007 13:17:11 GMT
After editing, the client can PUT the Entry and send the ETag entity After editing, the client can PUT the Entry and send the ETag entity
value in an If-Match header, informing the server to accept the entry value in an If-Match header, informing the server to accept the entry
on the condition the entity value sent still matches the server's. on the condition that the entity value sent still matches the
server's.
PUT /edit/first-post.atom HTTP/1.1 PUT /edit/first-post.atom HTTP/1.1
Host: example.org Host: example.org
Authorization: Basic ZGFmZnk6c2VjZXJldA== Authorization: Basic ZGFmZnk6c2VjZXJldA==
Content-Type: application/atom+xml;type=entry Content-Type: application/atom+xml;type=entry
Content-Length: nnn Content-Length: nnn
If-Match: "e180ee84f0671b1" If-Match: "e180ee84f0671b1"
<?xml version="1.0" ?> <?xml version="1.0" ?>
<entry xmlns="http://www.w3.org/2005/Atom"> <entry xmlns="http://www.w3.org/2005/Atom">
<title>Atom-Powered Robots Run Amok</title> <title>Atom-Powered Robots Run Amok</title>
<id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id> <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id>
<updated>2007-02-24T16:34:06Z</updated> <updated>2007-02-24T16:34:06Z</updated>
<author><name>Captain Lansing</name></author> <author><name>Captain Lansing</name></author>
<content>Update: it's a hoax!</content> <content>Update: it's a hoax!</content>
</entry> </entry>
The server however has since received a more recent copy than the The server however has since received a more recent copy than the
client's, and responds with a status code of 412 (Precondition client's, and it responds with a status code of 412 ("Precondition
Failed). Failed").
HTTP/1.1 412 Precondition Failed HTTP/1.1 412 Precondition Failed
Date: Sat, 24 Feb 2007 16:34:11 GMT Date: Sat, 24 Feb 2007 16:34:11 GMT
This informs the client that the server has a more recent version of This informs the client that the server has a more recent version of
the Entry and will not allow the sent entity to be stored. the Entry and will not allow the sent entity to be stored.
9.6. Media Resources and Media Link Entries 9.6. Media Resources and Media Link Entries
A client can POST Media Resources as well as Entry Resources to a A client can POST Media Resources as well as Entry Resources to a
Collection. If a server accepts such a request, then it MUST create Collection. If a server accepts such a request, then it MUST create
two new Resources - one that corresponds to the entity sent in the two new Resources -- one that corresponds to the entity sent in the
request, called the Media Resource, and an associated Member Entry, request, called the Media Resource, and an associated Member Entry,
called the Media Link Entry. Media Link Entries are represented as called the Media Link Entry. Media Link Entries are represented as
Atom Entries, and appear in the Collection. Atom Entries, and appear in the Collection.
The Media Link Entry contains the metadata and IRI of the (perhaps The Media Link Entry contains the metadata and IRI of the (perhaps
non-textual) Media Resource. The Media Link Entry thus makes the non-textual) Media Resource. The Media Link Entry thus makes the
metadata about the Media Resource separately available for retrieval metadata about the Media Resource separately available for retrieval
and alteration. and alteration.
The server can signal the media types it will accept using the app: The server can signal the media types it will accept using the app:
accept element in the Service Document, as specified in accept element in the Service Document, as specified in Section
Section 8.3.4. 8.3.4.
Successful responses to creation requests MUST include the URI of the Successful responses to creation requests MUST include the URI of the
Media Link Entry in the Location header. The Media Link Entry SHOULD Media Link Entry in the Location header. The Media Link Entry SHOULD
contain an atom:link element with a link relation of "edit-media" contain an atom:link element with a link relation of "edit-media"
that contains the Media Resource IRI. The Media Link Entry MUST have that contains the Media Resource IRI. The Media Link Entry MUST have
an atom:content element with a "src" attribute. The value of the an atom:content element with a "src" attribute. The value of the
"src" attribute is an IRI for the newly created Media Resource. It "src" attribute is an IRI for the newly created Media Resource. It
is OPTIONAL that the IRI of the "src" attribute on the atom:content is OPTIONAL that the IRI of the "src" attribute on the atom:content
element be the same as the Media Resource IRI. For example, the element be the same as the Media Resource IRI. For example, the
"src" attribute value might instead be a link into a static cache or "src" attribute value might instead be a link into a static cache or
content distribution network and not the Media Resource IRI. content distribution network and not the Media Resource IRI.
Implementers are asked to note that [RFC4287] specifies that Atom Implementers are asked to note that [RFC4287] specifies that Atom
Entries MUST contain an atom:summary element. Thus, upon successful Entries MUST contain an atom:summary element. Thus, upon successful
creation of a Media Link Entry, a server MAY choose to populate the creation of a Media Link Entry, a server MAY choose to populate the
atom:summary element (as well as any other mandatory elements such as atom:summary element (as well as any other mandatory elements such as
atom:id, atom:author and atom:title) with content derived from the atom:id, atom:author, and atom:title) with content derived from the
POSTed entity or from any other source. A server might not allow a POSTed entity or from any other source. A server might not allow a
client to modify the server selected values for these elements. client to modify the server-selected values for these elements.
For Resource creation this specification only defines cases where the For Resource creation, this specification only defines cases where
POST body has an Atom Entry entity declared as an Atom media type the POST body has an Atom Entry entity declared as an Atom media type
("application/atom+xml"), or a non-Atom entity declared as a non-Atom ("application/atom+xml"), or a non-Atom entity declared as a non-Atom
media type. When a client is POSTing an Atom Entry to a collection, media type. When a client is POSTing an Atom Entry to a Collection,
it may use a media-type of either "application/atom+xml" or it may use a media type of either "application/atom+xml" or
"application/atom +xml;type=entry". This specification does not "application/atom +xml;type=entry". This specification does not
specify any request semantics or server behavior in the case where specify any request semantics or server behavior in the case where
the POSTed media-type is "application/atom+xml" but the body is the POSTed media type is "application/atom+xml" but the body is
something other than an Atom Entry. In particular, what happens on something other than an Atom Entry. In particular, what happens on
POSTing an Atom Feed Document to a Collection using the "application/ POSTing an Atom Feed Document to a Collection using the "application/
atom+xml" media type is undefined. atom+xml" media type is undefined.
The Atom Protocol does not specify a means to create multiple The Atom Protocol does not specify a means to create multiple
representations of the same Resource (for example a PNG and a JPG of representations of the same Resource (for example, a PNG and a JPG of
the same image) either on creation or editing. the same image) either on creation or editing.
9.6.1. Examples 9.6.1. Examples
Below, the client sends a POST request containing a PNG image to the Below, the client sends a POST request containing a PNG image to the
URI of a Collection that accepts PNG images: URI of a Collection that accepts PNG images:
POST /edit/ HTTP/1.1 POST /edit/ HTTP/1.1
Host: media.example.org Host: media.example.org
Content-Type: image/png Content-Type: image/png
Slug: The Beach Slug: The Beach
Authorization: Basic ZGFmZnk6c2VjZXJldA== Authorization: Basic ZGFmZnk6c2VjZXJldA==
Content-Length: nnn Content-Length: nnn
...binary data... ...binary data...
The server signals a successful creation with a status code of 201. The server signals a successful creation with a status code of 201.
The response includes a Location header indicating the Member URI of The response includes a Location header indicating the Member URI of
the Media Link Entry and a representation of that entry in the body the Media Link Entry and a representation of that entry in the body
of the response. The Media Link Entry includes a content element of the response. The Media Link Entry includes a content element
with a src attribute. It also contains a link with a link relation with a "src" attribute. It also contains a link with a link relation
of "edit-media", specifying the IRI to be used for modifying the of "edit-media", specifying the IRI to be used for modifying the
Media Resource. Media Resource.
HTTP/1.1 201 Created HTTP/1.1 201 Created
Date: Fri, 7 Oct 2005 17:17:11 GMT Date: Fri, 7 Oct 2005 17:17:11 GMT
Content-Length: nnn Content-Length: nnn
Content-Type: application/atom+xml;type=entry;charset="utf-8" Content-Type: application/atom+xml;type=entry;charset="utf-8"
Location: http://example.org/media/edit/the_beach.atom Location: http://example.org/media/edit/the_beach.atom
<?xml version="1.0"?> <?xml version="1.0"?>
skipping to change at page 35, line 35 skipping to change at page 28, line 35
<link rel="edit" <link rel="edit"
href="http://example.org/media/edit/the_beach.atom" /> href="http://example.org/media/edit/the_beach.atom" />
</entry> </entry>
The update was successful. The update was successful.
HTTP/1.1 200 Ok HTTP/1.1 200 Ok
Date: Fri, 7 Oct 2005 17:19:11 GMT Date: Fri, 7 Oct 2005 17:19:11 GMT
Content-Length: 0 Content-Length: 0
Multiple media Resources can be added to the Collection. Multiple Media Resources can be added to the Collection.
POST /edit/ HTTP/1.1 POST /edit/ HTTP/1.1
Host: media.example.org Host: media.example.org
Content-Type: image/png Content-Type: image/png
Slug: The Pier Slug: The Pier
Authorization: Basic ZGFmZnk6c2VjZXJldA== Authorization: Basic ZGFmZnk6c2VjZXJldA==
Content-Length: nnn Content-Length: nnn
...binary data... ...binary data...
skipping to change at page 38, line 37 skipping to change at page 30, line 37
</xhtml:div> </xhtml:div>
</content> </content>
<link rel="edit" <link rel="edit"
href="http://example.org/blog/edit/a-day-at-the-beach.atom"/> href="http://example.org/blog/edit/a-day-at-the-beach.atom"/>
<link rel="alternate" type="text/html" <link rel="alternate" type="text/html"
href="http://example.org/blog/a-day-at-the-beach.html"/> href="http://example.org/blog/a-day-at-the-beach.html"/>
</entry> </entry>
Note that the returned Entry contains a link with a relation of Note that the returned Entry contains a link with a relation of
"alternate" that points to the associated HTML page that was created "alternate" that points to the associated HTML page that was created
- this is not required by this specification, but is included to show -- this is not required by this specification, but is included to
the kinds of changes a server can make to an Entry. show the kinds of changes a server can make to an Entry.
9.7. The Slug: Header 9.7. The Slug Header
Slug is an HTTP entity-header whose presence in a POST to a Slug is an HTTP entity-header whose presence in a POST to a
Collection constitutes a request by the client to use the header's Collection constitutes a request by the client to use the header's
value as part of any URIs that would normally used to retrieve the value as part of any URIs that would normally be used to retrieve the
to-be-created Entry or Media resources. to-be-created Entry or Media Resources.
Servers MAY use the value of the Slug header when creating the Member Servers MAY use the value of the Slug header when creating the Member
URI of the newly-created Resource, for instance, by using some or all URI of the newly created Resource, for instance, by using some or all
of the words in the value for the last URI segment. Servers MAY also of the words in the value for the last URI segment. Servers MAY also
use the value when creating the atom:id, or as the title of a Media use the value when creating the atom:id, or as the title of a Media
Link Entry (see Section 9.6.). Link Entry (see Section 9.6).
Servers MAY choose to ignore the Slug entity-header. Servers MAY Servers MAY choose to ignore the Slug entity-header. Servers MAY
alter the header value before using it. For instance, a server might alter the header value before using it. For instance, a server might
filter out some characters or replace accented letters with non- filter out some characters or replace accented letters with non-
accented ones, replace spaces with underscores, change case, and so accented ones, replace spaces with underscores, change case, and so
on. on.
9.7.1. Slug: Header syntax 9.7.1. Slug Header Syntax
The syntax of the Slug header is defined using the augmented BNF The syntax of the Slug header is defined using the augmented BNF
syntax defined in Section 2.1 of [RFC2616]: syntax defined in Section 2.1 of [RFC2616]:
LWS = <defined in Section 2.2 of [RFC2616]> LWS = <defined in Section 2.2 of [RFC2616]>
slugtext = %x20-7E | LWS slugtext = %x20-7E | LWS
Slug = "Slug" ":" *slugtext Slug = "Slug" ":" *slugtext
The field-value is the percent-encoded value of the UTF-8 encoding of The field value is the percent-encoded value of the UTF-8 encoding of
the character sequence to be included (see Section 2.1 of [RFC3986] the character sequence to be included (see Section 2.1 of [RFC3986]
for the definition of percent encoding, and [RFC3629] for the for the definition of percent encoding, and [RFC3629] for the
definition of the UTF-8 encoding). definition of the UTF-8 encoding).
Implementation note: to produce the field value from a character Implementation note: to produce the field value from a character
sequence, first encode it using the UTF-8 encoding, then encode all sequence, first encode it using the UTF-8 encoding, then encode all
octets outside the ranges %20-24 and %26-7E using percent encoding octets outside the ranges %20-24 and %26-7E using percent encoding
(%25 is the ASCII encoding of "%", thus it needs to be escaped). To (%25 is the ASCII encoding of "%", thus it needs to be escaped). To
consume the field value first reverse the percent encoding, then run consume the field value, first reverse the percent encoding, then run
the resulting octet sequence through a UTF-8 decoding process. the resulting octet sequence through a UTF-8 decoding process.
9.7.2. Example 9.7.2. Example
Here is an example of the Slug: header that uses percent-encoding to Here is an example of the Slug header that uses percent-encoding to
represent the Unicode character U+00E8 (LATIN SMALL LETTER E WITH represent the Unicode character U+00E8 (LATIN SMALL LETTER E WITH
GRAVE): GRAVE):
POST /myblog/entries HTTP/1.1 POST /myblog/entries HTTP/1.1
Host: example.org Host: example.org
Content-Type: image/png Content-Type: image/png
Slug: The Beach at S%C3%A8te Slug: The Beach at S%C3%A8te
Authorization: Basic ZGFmZnk6c2VjZXJldA== Authorization: Basic ZGFmZnk6c2VjZXJldA==
Content-Length: nnn Content-Length: nnn
...binary data... ...binary data...
See Section 9.2.1 for an example of the Slug: header applied to the See Section 9.2.1 for an example of the Slug header applied to the
creation of an Entry Resource. creation of an Entry Resource.
10. Listing Collections 10. Listing Collections
Collection Resources MUST provide representations in the form of Atom Collection Resources MUST provide representations in the form of Atom
Feed documents whose Entries contain the IRIs of the Members in the Feed Documents whose Entries contain the IRIs of the Members in the
Collection. No distinction is made between Collection Feeds and Collection. No distinction is made between Collection Feeds and
other kinds of Feeds - a Feed might act both as a 'public' feed for other kinds of Feeds -- a Feed might act both as a 'public' feed for
subscription purposes and as a Collection Feed. subscription purposes and as a Collection Feed.
Each Entry in the Feed Document SHOULD have an atom:link element with Each Entry in the Feed Document SHOULD have an atom:link element with
a relation of "edit" (See Section 11.1). a relation of "edit" (see Section 11.1).
The Entries in the returned Atom Feed SHOULD be ordered by their The Entries in the returned Atom Feed SHOULD be ordered by their
"app:edited" property, with the most recently edited Entries coming "app:edited" property, with the most recently edited Entries coming
first in the document order. The app:edited value is not equivalent first in the document order. The app:edited value is not equivalent
to the HTTP Last-Modified: header and cannot be used to determine the to the HTTP Last-Modified header and cannot be used to determine the
freshness of cached responses. freshness of cached responses.
Clients MUST NOT assume that an Atom Entry returned in the Feed is a Clients MUST NOT assume that an Atom Entry returned in the Feed is a
full representation of an Entry Resource and SHOULD perform a GET on full representation of an Entry Resource and SHOULD perform a GET on
the URI of the Member Entry before editing it. See Section 9.5 for a the URI of the Member Entry before editing it. See Section 9.5 for a
discussion on the implications of cache control directives when discussion on the implications of cache control directives when
obtaining entries. obtaining entries.
10.1. Collection partial lists 10.1. Collection Partial Lists
Collections can contain large numbers of Resources. A client such as Collections can contain large numbers of Resources. A client such as
a web spider or web browser might be overwhelmed if the response to a a web spider or web browser might be overwhelmed if the response to a
GET contained every Entry in a Collection - in turn the server might GET contained every Entry in a Collection -- in turn the server might
also waste bandwidth and processing time on generating a response also waste bandwidth and processing time on generating a response
that cannot be handled. For this reason, servers MAY respond to that cannot be handled. For this reason, servers MAY respond to
Collection GET requests with a Feed Document containing a partial Collection GET requests with a Feed Document containing a partial
list of the Collection's members, and a link to the next partial list list of the Collection's members, and a link to the next partial list
feed, if it exists. The first such partial list returned MUST feed, if it exists. The first such partial list returned MUST
contain the most recently edited member Resources and MUST have an contain the most recently edited member Resources and MUST have an
atom:link with a "next" relation whose "href" value is the URI of the atom:link with a "next" relation whose "href" value is the URI of the
next partial list of the Collection. This next partial list will next partial list of the Collection. This next partial list will
contain the next most recently edited set of Member Resources (and an contain the next most recently edited set of Member Resources (and an
atom:link to the following partial list if it exists). atom:link to the following partial list if it exists).
In addition to the "next" relation, partial list feeds MAY contain In addition to the "next" relation, partial list feeds MAY contain
link elements with "rel" attribute values of "previous", "first", and link elements with "rel" attribute values of "previous", "first", and
"last", that can be used to navigate through the complete set of "last", that can be used to navigate through the complete set of
entries in the Collection. entries in the Collection.
For instance, suppose a client is supplied the URI For instance, suppose a client is supplied the URI
"http://example.org/entries/go" of a Collection of Member entries, "http://example.org/entries/go" of a Collection of Member Entries,
where the server as a matter of policy avoids generating feed where the server as a matter of policy avoids generating Feed
documents containing more than 10 Entries. The Atom Feed Document Documents containing more than 10 Entries. The Atom Feed Document
for the Collection will then represent the first partial list of a for the Collection will then represent the first partial list of a
set of 10 linked feed documents. The "first" relation will reference set of 10 linked Feed Documents. The "first" relation references the
the initial Feed Document in the set and the "last" relation initial Feed Document in the set and the "last" relation references
references the final Feed Document in the set. Within each document, the final Feed Document in the set. Within each document, the
the "next" and "previous" link relations reference the preceding and "previous" and "next" link relations reference the preceding and
subsequent documents. subsequent documents.
<feed xmlns="http://www.w3.org/2005/Atom"> <feed xmlns="http://www.w3.org/2005/Atom">
<link rel="first" <link rel="first"
href="http://example.org/entries/go" /> href="http://example.org/entries/go" />
<link rel="next" <link rel="next"
href="http://example.org/entries/2" /> href="http://example.org/entries/2" />
<link rel="last" <link rel="last"
href="http://example.org/entries/10" /> href="http://example.org/entries/10" />
... ...
</feed> </feed>
The "next" and "previous" link elements for the partial list feed The "previous" and "next" link elements for the partial list feed
located at "http://example.org/entries/2" would look like this: located at "http://example.org/entries/2" would look like this:
<feed xmlns="http://www.w3.org/2005/Atom"> <feed xmlns="http://www.w3.org/2005/Atom">
<link rel="first" <link rel="first"
href="http://example.org/entries/go" /> href="http://example.org/entries/go" />
<link rel="previous" <link rel="previous"
href="http://example.org/entries/go" /> href="http://example.org/entries/go" />
<link rel="next" <link rel="next"
href="http://example.org/entries/3" /> href="http://example.org/entries/3" />
<link rel="last" <link rel="last"
href="http://example.org/entries/10" /> href="http://example.org/entries/10" />
... ...
</feed> </feed>
10.2. The "app:edited" Element 10.2. The "app:edited" Element
The "app:edited" element is a Date construct (as defined by The "app:edited" element is a Date construct (as defined by
[RFC4287]), whose content indicates the last time an Entry was [RFC4287]), whose content indicates the last time an Entry was
edited. If the entry has not been edited yet, the content indicates edited. If the entry has not been edited yet, the content indicates
the time it was created. Atom Entry elements in Collection documents the time it was created. Atom Entry elements in Collection Documents
SHOULD contain one "app:edited" element, and MUST NOT contain more SHOULD contain one app:edited element, and MUST NOT contain more than
than one. one.
appEdited = element app:edited ( atomDateConstruct ) appEdited = element app:edited ( atomDateConstruct )
The server SHOULD change the value of this element every time an The server SHOULD change the value of this element every time an
Entry Resource or an associated Media Resource has been edited. Entry Resource or an associated Media Resource has been edited.
11. Atom Format Link Relation Extensions 11. Atom Format Link Relation Extensions
11.1. The "edit" Link Relation 11.1. The "edit" Link Relation
This specification adds the value "edit" to the Atom Registry of Link This specification adds the value "edit" to the Atom Registry of Link
Relations (see section 7.1 of [RFC4287]). The value of "edit" Relations (see Section 7.1 of [RFC4287]). The value of "edit"
specifies that the value of the href attribute is the IRI of an specifies that the value of the href attribute is the IRI of an
editable Member Entry. When appearing within an atom:entry, the href editable Member Entry. When appearing within an atom:entry, the href
IRI can be used to retrieve, update and delete the Resource IRI can be used to retrieve, update, and delete the Resource
represented by that Entry. An atom:entry MUST NOT contain more than represented by that Entry. An atom:entry MUST NOT contain more than
one "edit" link relation. one "edit" link relation.
11.2. The "edit-media" Link Relation 11.2. The "edit-media" Link Relation
This specification adds the value "edit-media" to the Atom Registry This specification adds the value "edit-media" to the Atom Registry
of Link Relations (see section 7.1 of [RFC4287]). When appearing of Link Relations (see Section 7.1 of [RFC4287]). When appearing
within an atom:entry, the value of the href attribute is an IRI that within an atom:entry, the value of the href attribute is an IRI that
can be used to modify a Media Resource associated with that Entry. can be used to modify a Media Resource associated with that Entry.
An atom:entry element MAY contain zero or more "edit-media" link An atom:entry element MAY contain zero or more "edit-media" link
relations. An atom:entry MUST NOT contain more than one atom:link relations. An atom:entry MUST NOT contain more than one atom:link
element with a rel attribute value of "edit-media" that has the same element with a "rel" attribute value of "edit-media" that has the
"type" and "hreflang" attribute values. All "edit-media" link same "type" and "hreflang" attribute values. All "edit-media" link
relations in the same Entry reference the same Resource. If a client relations in the same Entry reference the same Resource. If a client
encounters multiple "edit-media" link relations in an Entry then it encounters multiple "edit-media" link relations in an Entry then it
SHOULD choose a link based on the client preferences for "type" and SHOULD choose a link based on the client preferences for "type" and
"hreflang". If a client encounters multiple "edit-media" link "hreflang". If a client encounters multiple "edit-media" link
relations in an Entry and has no preference based on the "type" and relations in an Entry and has no preference based on the "type" and
"hreflang" attributes then the client SHOULD pick the first "edit- "hreflang" attributes then the client SHOULD pick the first "edit-
media" link relation in document order. media" link relation in document order.
12. The Atom Format Type Parameter 12. The Atom Format Type Parameter
The Atom Syndication Format [RFC4287] defines the "application/ The Atom Syndication Format [RFC4287] defines the "application/
atom+xml" media type to identify both Atom Feed and Atom Entry atom+xml" media type to identify both Atom Feed and Atom Entry
Documents. Implementation experience has demonstrated that Atom Feed Documents. Implementation experience has demonstrated that Atom Feed
and Entry Documents can have different processing models and that and Entry Documents can have different processing models and that
there are situations where they need to be differentiated. This there are situations where they need to be differentiated. This
specification defines a "type" parameter used to differentiate the specification defines a "type" parameter used to differentiate the
two types of Atom documents. two types of Atom documents.
12.1. The 'type' parameter 12.1. The "type" parameter
This specification defines a new "type" parameter for use with the This specification defines a new "type" parameter for use with the
"application/atom+xml" media type. The "type" parameter has a value "application/atom+xml" media type. The "type" parameter has a value
of "entry" or "feed". of "entry" or "feed".
Neither the parameter name nor its value are case sensitive. Neither the parameter name nor its value are case sensitive.
The value "entry" indicates that the media type identifies an Atom The value "entry" indicates that the media type identifies an Atom
Entry Document. The root element of the document MUST be atom:entry. Entry Document. The root element of the document MUST be atom:entry.
skipping to change at page 44, line 35 skipping to change at page 36, line 14
The "app:control" element MAY appear as a child of an atom:entry that The "app:control" element MAY appear as a child of an atom:entry that
is being created or updated via the Atom Publishing Protocol. The is being created or updated via the Atom Publishing Protocol. The
app:control element MUST appear only once in an Entry. The app: app:control element MUST appear only once in an Entry. The app:
control element is considered foreign markup as defined in Section 6 control element is considered foreign markup as defined in Section 6
of [RFC4287]. of [RFC4287].
The app:control element and its child elements MAY be included in The app:control element and its child elements MAY be included in
Atom Feed or Entry Documents. Atom Feed or Entry Documents.
The app:control element can contain an "app:draft" element as defined The app:control element can contain an "app:draft" element as defined
below, and can contain extension elements as defined in Section 6 of below, and it can contain extension elements as defined in Section 6
[RFC4287]. of [RFC4287].
13.1.1. The "app:draft" Element 13.1.1. The "app:draft" Element
The inclusion of the "app:draft" element represents a request by the The inclusion of the "app:draft" element represents a request by the
client to control the visibility of a Member Resource. The app:draft client to control the visibility of a Member Resource. The app:draft
element MAY be ignored by the server. element MAY be ignored by the server.
The number of app:draft elements in app:control MUST be zero or one. The number of app:draft elements in app:control MUST be zero or one.
The content of an app:draft element MUST be one of "yes" or "no". If The content of an app:draft element MUST be one of "yes" or "no". If
the element contains "no" this indicates a client request that the the element contains "no", this indicates a client request that the
Member Resource be made publicly visible. If the app:draft element Member Resource be made publicly visible. If the app:draft element
is not present then servers that support the extension MUST behave as is not present, then servers that support the extension MUST behave
though an app:draft element containing "no" was sent. as though an app:draft element containing "no" was sent.
14. Securing the Atom Publishing Protocol 14. Securing the Atom Publishing Protocol
The Atom Publishing Protocol is based on HTTP. Authentication The Atom Publishing Protocol is based on HTTP. Authentication
requirements for HTTP are covered in Section 11 of [RFC2616]. requirements for HTTP are covered in Section 11 of [RFC2616].
The use of authentication mechanisms to prevent POSTing or editing by The use of authentication mechanisms to prevent POSTing or editing by
unknown or unauthorized clients is RECOMMENDED but not required. unknown or unauthorized clients is RECOMMENDED but not required.
When authentication is not used, clients and servers are vulnerable When authentication is not used, clients and servers are vulnerable
to trivial spoofing, denial of service, and defacement attacks. to trivial spoofing, denial-of-service, and defacement attacks.
However, in some contexts, this is an acceptable risk. However, in some contexts, this is an acceptable risk.
The type of authentication deployed is a local decision made by the The type of authentication deployed is a local decision made by the
server operator. Clients are likely to face authentication schemes server operator. Clients are likely to face authentication schemes
that vary across server deployments. At a minimum, client and server that vary across server deployments. At a minimum, client and server
implementations MUST be capable of being configured to use HTTP Basic implementations MUST be capable of being configured to use HTTP Basic
Authentication [RFC2617] in conjunction with a connection made with Authentication [RFC2617] in conjunction with a connection made with
TLS 1.0 [RFC2246] or a subsequent standards-track version of TLS, TLS 1.0 [RFC2246] or a subsequent standards-track version of TLS
supporting the conventions for using HTTP over TLS described in (such as [RFC4346]), supporting the conventions for using HTTP over
[RFC2818]. TLS described in [RFC2818].
The choice of authentication mechanism will impact interoperability. The choice of authentication mechanism will impact interoperability.
The minimum level of security referenced above (Basic Authentication The minimum level of security referenced above (Basic Authentication
with TLS) is considered good practice for Internet applications at with TLS) is considered good practice for Internet applications at
the time of publication of this specification and sufficient for the time of publication of this specification and sufficient for
establishing a baseline for interoperability. Implementers are establishing a baseline for interoperability. Implementers are
encouraged to investigate and use alternative mechanisms regarded as encouraged to investigate and use alternative mechanisms regarded as
equivalently good or better at the time of deployment. It is equivalently good or better at the time of deployment. It is
RECOMMENDED that clients be implemented in such a way that new RECOMMENDED that clients be implemented in such a way that new
authentication schemes can be deployed. authentication schemes can be deployed.
skipping to change at page 46, line 20 skipping to change at page 37, line 36
The threats listed in this section apply to many protocols that run The threats listed in this section apply to many protocols that run
under HTTP. The Atompub Working Group decided that the protection under HTTP. The Atompub Working Group decided that the protection
afforded by running authenticated HTTP under TLS (as described in afforded by running authenticated HTTP under TLS (as described in
Section 14) was sufficient to mitigate many of the problems presented Section 14) was sufficient to mitigate many of the problems presented
by the attacks listed in this section. by the attacks listed in this section.
15.1. Denial of Service 15.1. Denial of Service
Atom Publishing Protocol server implementations need to take adequate Atom Publishing Protocol server implementations need to take adequate
precautions to ensure malicious clients cannot consume excessive precautions to ensure malicious clients cannot consume excessive
server resources (CPU, memory, disk, etc). server resources (CPU, memory, disk, etc.).
15.2. Replay Attacks 15.2. Replay Attacks
Atom Publishing Protocol server implementations are susceptible to Atom Publishing Protocol server implementations are susceptible to
replay attacks. Specifically, this specification does not define a replay attacks. Specifically, this specification does not define a
means of detecting duplicate requests. Accidentally sent duplicate means of detecting duplicate requests. Accidentally sent duplicate
requests are indistinguishable from intentional and malicious replay requests are indistinguishable from intentional and malicious replay
attacks. attacks.
15.3. Spoofing Attacks 15.3. Spoofing Attacks
Atom Publishing Protocol implementations are susceptible to a variety Atom Publishing Protocol implementations are susceptible to a variety
of spoofing attacks. Malicious clients might send Atom Entries of spoofing attacks. Malicious clients might send Atom Entries
containing inaccurate information anywhere in the document. containing inaccurate information anywhere in the document.
15.4. Linked Resources 15.4. Linked Resources
Atom Feed and Entry documents can contain XML External Entities as Atom Feed and Entry Documents can contain XML External Entities as
defined in Section 4.2.2 of [REC-xml]. Atom implementations are not defined in Section 4.2.2 of [REC-xml]. Atom implementations are not
required to load external entities. External entities are subject to required to load external entities. External entities are subject to
the same security concerns as any network operation and can alter the the same security concerns as any network operation and can alter the
semantics of an Atom document. The same issues exist for Resources semantics of an Atom document. The same issues exist for Resources
linked to by Atom elements such as atom:link and atom:content. linked to by Atom elements such as atom:link and atom:content.
15.5. Digital Signatures and Encryption 15.5. Digital Signatures and Encryption
Atom Entry and Feed Documents can contain XML Digital Signatures Atom Entry and Feed Documents can contain XML Digital Signatures
[REC-xmldsig-core] and can be encrypted using XML Encryption [REC-xmldsig-core] and can be encrypted using XML Encryption
[REC-xmlenc-core] as specified in Section 5 of [RFC4287]. Handling [REC-xmlenc-core] as specified in Section 5 of [RFC4287]. Handling
of signatures and encrypted elements in Atom documents is discussed of signatures and encrypted elements in Atom documents is discussed
in sections 5 and 6.3 of [RFC4287]. in Sections 5 and 6.3 of [RFC4287].
Neither servers nor clients are under any obligation to support Neither servers nor clients are under any obligation to support
encryption and digital signature of entries or feeds, although it is encryption and digital signature of Entries or Feeds, although it is
certainly possible that in some installations, clients or servers certainly possible that in some installations, clients or servers
might require signing or encrypting of the documents exchanged in the might require signing or encrypting of the documents exchanged in the
Atom protocol. Atom Protocol.
Because servers are allowed (and in some cases expected) to modify Because servers are allowed (and in some cases, expected) to modify
the contents of an Entry Document before publishing it, signatures the contents of an Entry Document before publishing it, signatures
within an entry are only likely to be useful to the server to which within an entry are only likely to be useful to the server to which
the entry is being sent. Clients cannot assume that the signature the entry is being sent. Clients cannot assume that the signature
will be valid when viewed by a third party, or even that the server will be valid when viewed by a third party, or even that the server
will publish the client's signature. will publish the client's signature.
A server is allowed to strip client-applied signatures, to strip A server is allowed to strip client-applied signatures, to strip
client-applied signatures and then re-sign with its own public key, client-applied signatures and then re-sign with its own public key,
and to oversign an entry with its own public key. The meaning to a and to oversign an entry with its own public key. The meaning to a
third party of a signature applied by a server is the same as a third party of a signature applied by a server is the same as a
skipping to change at page 47, line 40 skipping to change at page 39, line 11
Atom Publishing Protocol implementations handle URIs and IRIs. See Atom Publishing Protocol implementations handle URIs and IRIs. See
Section 7 of [RFC3986] and Section 8 of [RFC3987] for security Section 7 of [RFC3986] and Section 8 of [RFC3987] for security
considerations related to their handling and use. considerations related to their handling and use.
The Atom Publishing Protocol leaves the server in control of minting The Atom Publishing Protocol leaves the server in control of minting
URIs. The use of any client-supplied data for creating new URIs is URIs. The use of any client-supplied data for creating new URIs is
subject to the same concerns as described in the next section. subject to the same concerns as described in the next section.
15.7. Code Injection and Cross Site Scripting 15.7. Code Injection and Cross Site Scripting
Atom Feed and Entry documents can contain a broad range of content Atom Feed and Entry Documents can contain a broad range of content
types including code that might be executable in some contexts. types including code that might be executable in some contexts.
Malicious clients could attempt to attack servers or other clients by Malicious clients could attempt to attack servers or other clients by
injecting code into a Collection Document's Entry or Media Resources. injecting code into a Collection Document's Entry or Media Resources.
Server implementations are strongly encouraged to verify that client Server implementations are strongly encouraged to verify that client-
supplied content is safe prior to accepting, processing or publishing supplied content is safe prior to accepting, processing, or
it. In the case of HTML, experience indicates that verification publishing it. In the case of HTML, experience indicates that
based on a white list of acceptable content is more effective than a verification based on a white list of acceptable content is more
black list of forbidden content. effective than a black list of forbidden content.
Additional information about XHTML and HTML content safety can be Additional information about XHTML and HTML content safety can be
found in Section 8.1 of [RFC4287] found in Section 8.1 of [RFC4287].
16. IANA Considerations 16. IANA Considerations
This specification uses two new media types that conform to the This specification uses two new media types that conform to the
registry mechanism described in [RFC4288], a new message header that registry mechanism described in [RFC4288], a new message header that
conforms to the registry mechanism described in [RFC3864], and two conforms to the registry mechanism described in [RFC3864], and two
new link relations that conform to the registry mechanism described new link relations that conform to the registry mechanism described
in [RFC4287]. in [RFC4287].
16.1. Content-type registration for 'application/atomcat+xml' 16.1. Content-Type Registration for 'application/atomcat+xml'
An Atom Publishing Protocol Category Document, when serialized as XML An Atom Publishing Protocol Category Document, when serialized as XML
1.0, can be identified with the following media type: 1.0, can be identified with the following media type:
MIME media type name: application MIME media type name: application
MIME subtype name: atomcat+xml MIME subtype name: atomcat+xml
Mandatory parameters: None. Required parameters: None.
Optional parameters: Optional parameters:
"charset": This parameter has identical semantics to the charset "charset": This parameter has identical semantics to the charset
parameter of the "application/xml" media type as specified in parameter of the "application/xml" media type as specified in
[RFC3023]. [RFC3023].
Encoding considerations: Identical to those of "application/xml" as Encoding considerations: Identical to those of "application/xml" as
described in [RFC3023], section 3.2. described in [RFC3023], Section 3.2.
Security considerations: As defined in this specification. Security considerations: As defined in RFC 5023.
[[anchor30: update upon publication]]
In addition, as this media type uses the "+xml" convention, it In addition, as this media type uses the "+xml" convention, it
shares the same security considerations as described in [RFC3023], shares the same security considerations as described in [RFC3023],
section 10. Section 10.
Interoperability considerations: There are no known interoperability Interoperability considerations: There are no known interoperability
issues. issues.
Published specification: This specification. [[anchor31: update upon Published specification: RFC 5023.
publication]]
Applications that use this media type: No known applications Applications that use this media type: No known applications
currently use this media type. currently use this media type.
Additional information: Additional information:
Magic number(s): As specified for "application/xml" in [RFC3023], Magic number(s): As specified for "application/xml" in [RFC3023],
section 3.2. Section 3.2.
File extension: .atomcat File extension: .atomcat
Fragment identifiers: As specified for "application/xml" in Fragment identifiers: As specified for "application/xml" in
[RFC3023], section 5. [RFC3023], Section 5.
Base URI: As specified in [RFC3023], section 6. Base URI: As specified in [RFC3023], Section 6.
Macintosh File Type code: TEXT Macintosh file type code: TEXT
Person and email address to contact for further information: Joe Person & email address to contact for further information:
Gregorio <joe@bitworking.org> Joe Gregorio <joe@bitworking.org>
Intended usage: COMMON Intended usage: COMMON
Author/Change controller: IETF (iesg@ietf.org) Internet Engineering Author/Change controller: IETF (iesg@ietf.org) Internet Engineering
Task Force Task Force
16.2. Content-type registration for 'application/atomsvc+xml' 16.2. Content-Type Registration for 'application/atomsvc+xml'
An Atom Publishing Protocol Service Document, when serialized as XML An Atom Publishing Protocol Service Document, when serialized as XML
1.0, can be identified with the following media type: 1.0, can be identified with the following media type:
MIME media type name: application MIME media type name: application
MIME subtype name: atomsvc+xml MIME subtype name: atomsvc+xml
Mandatory parameters: None. Required parameters: None.
Optional parameters: Optional parameters:
"charset": This parameter has identical semantics to the charset "charset": This parameter has identical semantics to the charset
parameter of the "application/xml" media type as specified in parameter of the "application/xml" media type as specified in
[RFC3023]. [RFC3023].
Encoding considerations: Identical to those of "application/xml" as Encoding considerations: Identical to those of "application/xml" as
described in [RFC3023], section 3.2. described in [RFC3023], Section 3.2.
Security considerations: As defined in this specification. Security considerations: As defined in RFC 5023.
[[anchor32: update upon publication]]
In addition, as this media type uses the "+xml" convention, it In addition, as this media type uses the "+xml" convention, it
shares the same security considerations as described in [RFC3023], shares the same security considerations as described in [RFC3023],
section 10. Section 10.
Interoperability considerations: There are no known interoperability Interoperability considerations: There are no known interoperability
issues. issues.
Published specification: This specification. [[anchor33: update upon Published specification: RFC 5023.
publication]]
Applications that use this media type: No known applications Applications that use this media type: No known applications
currently use this media type. currently use this media type.
Additional information: Additional information:
Magic number(s): As specified for "application/xml" in [RFC3023], Magic number(s): As specified for "application/xml" in [RFC3023],
section 3.2. Section 3.2.
File extension: .atomsvc File extension: .atomsvc
Fragment identifiers: As specified for "application/xml" in Fragment identifiers: As specified for "application/xml" in
[RFC3023], section 5. [RFC3023], Section 5.
Base URI: As specified in [RFC3023], section 6. Base URI: As specified in [RFC3023], Section 6.
Macintosh File Type code: TEXT Macintosh file type code: TEXT
Person and email address to contact for further information: Joe Person and email address to contact for further information: Joe
Gregorio <joe@bitworking.org> Gregorio <joe@bitworking.org>
Intended usage: COMMON Intended usage: COMMON
Author/Change controller: IETF (iesg@ietf.org) Internet Engineering Author/Change controller: IETF (iesg@ietf.org) Internet Engineering
Task Force Task Force
16.3. Header field registration for 'SLUG' 16.3. Header Field Registration for 'SLUG'
Header field: SLUG Header field name: SLUG
Applicable protocol: http [RFC2616] Applicable protocol: http [RFC2616]
Status: standard. Status: standard.
Author/Change controller: IETF (iesg@ietf.org) Internet Engineering Author/Change controller: IETF (iesg@ietf.org) Internet Engineering
Task Force Task Force
Specification document(s): This specification. [[anchor34: update on Specification document(s): RFC 5023.
rfc number assignment]])
Related information:
16.4. The Link Relation registration "edit" Related information: None.
16.4. The Link Relation Registration "edit"
Attribute Value: edit Attribute Value: edit
Description: An IRI of an editable Member Entry. When appearing Description: An IRI of an editable Member Entry. When appearing
within an atom:entry, the href IRI can be used to retrieve, update within an atom:entry, the href IRI can be used to retrieve,
and delete the Resource represented by that Entry. update, and delete the Resource represented by that Entry.
Expected display characteristics: Undefined; this relation can be Expected display characteristics: Undefined; this relation can be
used for background processing or to provide extended used for background processing or to provide extended
functionality without displaying its value. functionality without displaying its value.
Security considerations: Automated agents should take care when this Security considerations: Automated agents should take care when this
relation crosses administrative domains (e.g., the URI has a relation crosses administrative domains (e.g., the URI has a
different authority than the current document). different authority than the current document).
16.5. The Link Relation registration "edit-media" 16.5. The Link Relation Registration "edit-media"
Attribute Value: edit-media Attribute Value: edit-media
Description: An IRI of an editable Media Resource. When appearing Description: An IRI of an editable Media Resource. When appearing
within an atom:entry, the href IRI can be used to retrieve, update within an atom:entry, the href IRI can be used to retrieve,
and delete the Media Resource associated with that Entry. update, and delete the Media Resource associated with that Entry.
Expected display characteristics: Undefined; this relation can be Expected display characteristics: Undefined; this relation can be
used for background processing or to provide extended used for background processing or to provide extended
functionality without displaying its value. functionality without displaying its value.
Security considerations: Automated agents should take care when this Security considerations: Automated agents should take care when this
relation crosses administrative domains (e.g., the URI has a relation crosses administrative domains (e.g., the URI has a
different authority than the current document). different authority than the current document).
16.6. The Atom Format Media Type Parameter 16.6. The Atom Format Media Type Parameter
IANA is requested to add a reference to this specification in the IANA has added a reference to this specification in the
'application/atom+xml' media type registration. 'application/atom+xml' media type registration.
17. References 17. References
17.1. Normative References 17.1. Normative References
[REC-xml] Yergeau, F., Paoli, J., Bray, T., Sperberg-McQueen, C., [REC-xml] Yergeau, F., Paoli, J., Bray, T., Sperberg-McQueen, C.,
and E. Maler, "Extensible Markup Language (XML) 1.0 and E. Maler, "Extensible Markup Language (XML) 1.0
(Fourth Edition)", World Wide Web Consortium (Fourth Edition)", World Wide Web Consortium
Recommendation REC-xml-20060816, August 2006, Recommendation REC-xml-20060816, August 2006,
skipping to change at page 52, line 24 skipping to change at page 43, line 29
[REC-xml-infoset] [REC-xml-infoset]
Cowan, J. and R. Tobin, "XML Information Set (Second Cowan, J. and R. Tobin, "XML Information Set (Second
Edition)", World Wide Web Consortium Recommendation REC- Edition)", World Wide Web Consortium Recommendation REC-
xml-infoset-20040204, February 2004, xml-infoset-20040204, February 2004,
<http://www.w3.org/TR/2004/REC-xml-infoset-20040204>. <http://www.w3.org/TR/2004/REC-xml-infoset-20040204>.
[REC-xml-names] [REC-xml-names]
Hollander, D., Bray, T., Tobin, R., and A. Layman, Hollander, D., Bray, T., Tobin, R., and A. Layman,
"Namespaces in XML 1.0 (Second Edition)", World Wide Web "Namespaces in XML 1.0 (Second Edition)", World Wide Web
Consortium Recommendation REC-xml-names-20060816, Consortium Recommendation REC-xml-names-20060816, August
August 2006, 2006, <http://www.w3.org/TR/2006/REC-xml-names-20060816>.
<http://www.w3.org/TR/2006/REC-xml-names-20060816>.
[REC-xmlbase] [REC-xmlbase]
Marsh, J., "XML Base", W3C REC W3C.REC-xmlbase-20010627, Marsh, J., "XML Base", W3C REC W3C.REC-xmlbase-20010627,
June 2001. June 2001,
<http://www.w3.org/TR/2001/REC-xmlbase-20010627>.
[REC-xmldsig-core] [REC-xmldsig-core]
Solo, D., Reagle, J., and D. Eastlake, "XML-Signature Solo, D., Reagle, J., and D. Eastlake, "XML-Signature
Syntax and Processing", World Wide Web Consortium Syntax and Processing", World Wide Web Consortium
Recommendation REC-xmldsig-core-20020212, February 2002, Recommendation REC-xmldsig-core-20020212, February 2002,
<http://www.w3.org/TR/2002/REC-xmldsig-core-20020212>. <http://www.w3.org/TR/2002/REC-xmldsig-core-20020212>.
[REC-xmlenc-core] [REC-xmlenc-core]
Eastlake, D. and J. Reagle, "XML Encryption Syntax and Eastlake, D. and J. Reagle, "XML Encryption Syntax and
Processing", World Wide Web Consortium Recommendation REC- Processing", World Wide Web Consortium Recommendation REC-
skipping to change at page 53, line 23 skipping to change at page 44, line 30
Types", RFC 3023, January 2001. Types", RFC 3023, January 2001.
[RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO
10646", STD 63, RFC 3629, November 2003. 10646", STD 63, RFC 3629, November 2003.
[RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration [RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration
Procedures for Message Header Fields", BCP 90, RFC 3864, Procedures for Message Header Fields", BCP 90, RFC 3864,
September 2004. September 2004.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, Resource Identifier (URI): Generic Syntax", STD 66, RFC
RFC 3986, January 2005. 3986, January 2005.
[RFC3987] Duerst, M. and M. Suignard, "Internationalized Resource [RFC3987] Duerst, M. and M. Suignard, "Internationalized Resource
Identifiers (IRIs)", RFC 3987, January 2005. Identifiers (IRIs)", RFC 3987, January 2005.
[RFC4287] Nottingham, M. and R. Sayre, "The Atom Syndication [RFC4287] Nottingham, M. and R. Sayre, "The Atom Syndication
Format", RFC 4287, December 2005. Format", RFC 4287, December 2005.
[RFC4288] Freed, N. and J. Klensin, "Media Type Specifications and [RFC4288] Freed, N. and J. Klensin, "Media Type Specifications and
Registration Procedures", BCP 13, RFC 4288, December 2005. Registration Procedures", BCP 13, RFC 4288, December 2005.
[RFC4346] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.1", RFC 4346, April 2006.
17.2. Informative References 17.2. Informative References
[NOTE-detect-lost-update] [NOTE-detect-lost-update]
Nielsen, H. and D. LaLiberte, "Editing the Web: Detecting Nielsen, H. and D. LaLiberte, "Editing the Web: Detecting
the Lost Update Problem Using Unreserved Checkout", World the Lost Update Problem Using Unreserved Checkout", World
Wide Web Consortium NOTE NOTE-detect-lost-update, Wide Web Consortium NOTE NOTE-detect-lost-update, May
May 1999, <http://www.w3.org/1999/04/Editing/>. 1999, <http://www.w3.org/1999/04/Editing/>.
[REC-webarch] [REC-webarch]
Walsh, N. and I. Jacobs, "Architecture of the World Wide Walsh, N. and I. Jacobs, "Architecture of the World Wide
Web, Volume One", W3C REC REC-webarch-20041215, Web, Volume One", W3C REC REC-webarch-20041215, December
December 2004. 2004, <http://www.w3.org/TR/2004/REC-webarch-20041215>.
[RNC] Clark, J., "RELAX NG Compact Syntax", December 2001, <http [RNC] Clark, J., "RELAX NG Compact Syntax", December 2001,
://www.oasis-open.org/committees/relax-ng/ <http://www.oasis-open.org/committees/relax-ng/
compact-20021121.html>. compact-20021121.html>.
URIs
[1] <http://www.imc.org/atom-protocol/index.html>
Appendix A. Contributors Appendix A. Contributors
The content and concepts within are a product of the Atom community The content and concepts within are a product of the Atom community
and the Atompub Working Group. and the Atompub Working Group.
Appendix B. RELAX NG Compact Schema Appendix B. RELAX NG Compact Schema
This appendix is informative. This appendix is informative.
The Relax NG schema explicitly excludes elements in the Atom Protocol The Relax NG schema explicitly excludes elements in the Atom Protocol
namespace which are not defined in this revision of the namespace that are not defined in this revision of the specification.
specification. Requirements for Atom Protocol processors Requirements for Atom Protocol processors encountering such markup
encountering such markup are given in Section 6.2 and Section 6.3 of are given in Sections 6.2 and 6.3 of [RFC4287].
[RFC4287].
The Schema for Service Documents: The Schema for Service Documents:
# -*- rnc -*- # -*- rnc -*- # RELAX NG Compact Syntax Grammar for the Atom Protocol
# RELAX NG Compact Syntax Grammar for the Atom Protocol
namespace app = "http://www.w3.org/2007/app" namespace app = "http://www.w3.org/2007/app"
namespace atom = "http://www.w3.org/2005/Atom" namespace atom = "http://www.w3.org/2005/Atom"
namespace xsd = "http://www.w3.org/2001/XMLSchema" namespace xsd = "http://www.w3.org/2001/XMLSchema"
namespace xhtml = "http://www.w3.org/1999/xhtml" namespace xhtml = "http://www.w3.org/1999/xhtml"
namespace local = "" namespace local = ""
start = appService start = appService
# common:attrs # common:attrs
skipping to change at page 56, line 40 skipping to change at page 46, line 43
atomURI = text atomURI = text
appCommonAttributes = appCommonAttributes =
attribute xml:base { atomURI }?, attribute xml:base { atomURI }?,
attribute xml:lang { atomLanguageTag }?, attribute xml:lang { atomLanguageTag }?,
attribute xml:space {"default"|"preserved"}?, attribute xml:space {"default"|"preserved"}?,
undefinedAttribute* undefinedAttribute*
atomCommonAttributes = appCommonAttributes atomCommonAttributes = appCommonAttributes
undefinedAttribute = undefinedAttribute = attribute * - (xml:base | xml:space | xml:lang
attribute * - (xml:base | xml:space | xml:lang | local:*) { text } | local:*) { text }
atomLanguageTag = xsd:string { atomLanguageTag = xsd:string {
pattern = "([A-Za-z]{1,8}(-[A-Za-z0-9]{1,8})*)?" pattern = "([A-Za-z]{1,8}(-[A-Za-z0-9]{1,8})*)?"
} }
atomDateConstruct = atomDateConstruct =
appCommonAttributes, appCommonAttributes,
xsd:dateTime xsd:dateTime
# app:service # app:service
appService = appService =
element app:service { element app:service {
appCommonAttributes, appCommonAttributes,
( appWorkspace+ ( appWorkspace+
& extensionElement* ) & extensionElement* )
skipping to change at page 59, line 11 skipping to change at page 49, line 17
(text|anyElement)*) (text|anyElement)*)
| (attribute * { text }*, | (attribute * { text }*,
(text?, anyElement+, (text|anyElement)*)) (text?, anyElement+, (text|anyElement)*))
} }
# Other Extensibility # Other Extensibility
extensionSansTitleElement = extensionSansTitleElement =
simpleSansTitleExtensionElement|structuredSansTitleExtensionElement simpleSansTitleExtensionElement|structuredSansTitleExtensionElement
extensionElement = extensionElement = simpleExtensionElement |
simpleExtensionElement | structuredExtensionElement structuredExtensionElement
undefinedContent = (text|anyForeignElement)* undefinedContent = (text|anyForeignElement)*
# Extensions # Extensions
anyElement = anyElement =
element * { element * {
(attribute * { text } (attribute * { text }
| text | text
| anyElement)* | anyElement)*
skipping to change at page 60, line 13 skipping to change at page 50, line 20
xhtmlDiv = element xhtml:div { xhtmlDiv = element xhtml:div {
(attribute * { text } (attribute * { text }
| text | text
| anyXHTML)* | anyXHTML)*
} }
# EOF # EOF
The Schema for Category Documents: The Schema for Category Documents:
# -*- rnc -*- # -*- rnc -*- # RELAX NG Compact Syntax Grammar for the Atom Protocol
# RELAX NG Compact Syntax Grammar for the Atom Protocol
namespace app = "http://www.w3.org/2007/app" namespace app = "http://www.w3.org/2007/app"
namespace atom = "http://www.w3.org/2005/Atom" namespace atom = "http://www.w3.org/2005/Atom"
namespace xsd = "http://www.w3.org/2001/XMLSchema" namespace xsd = "http://www.w3.org/2001/XMLSchema"
namespace local = "" namespace local = ""
start = appCategories start = appCategories
atomCommonAttributes = atomCommonAttributes =
attribute xml:base { atomURI }?, attribute xml:base { atomURI }?,
attribute xml:lang { atomLanguageTag }?, attribute xml:lang { atomLanguageTag }?,
undefinedAttribute* undefinedAttribute*
undefinedAttribute = undefinedAttribute = attribute * - (xml:base | xml:lang | local:*) {
attribute * - (xml:base | xml:lang | local:*) { text } text }
atomURI = text atomURI = text
atomLanguageTag = xsd:string { atomLanguageTag = xsd:string {
pattern = "([A-Za-z]{1,8}(-[A-Za-z0-9]{1,8})*)?" pattern = "([A-Za-z]{1,8}(-[A-Za-z0-9]{1,8})*)?"
} }
atomCategory = atomCategory =
element atom:category { element atom:category {
atomCommonAttributes, atomCommonAttributes,
skipping to change at page 62, line 5 skipping to change at page 52, line 5
anyForeignElement = anyForeignElement =
element * - atom:* { element * - atom:* {
(attribute * { text } (attribute * { text }
| text | text
| anyElement)* | anyElement)*
} }
# EOF # EOF
Appendix C. Revision History
[[anchor39: This section to be removed upon publication.]]
draft-ietf-atompub-protocol-14: typos; removed "The language context
is only significant for elements and attributes declared to be
"Language-Sensitive" by this specification. "; "Successful member
creation is normally indicated with a 201 ("Created") response code."
removed "normally" from that sentence (9.2); Added "Media Link
Entries are represented as Atom Entries and appear in the
Collection." to 9.6; said that an app:accept value of "entry" is
equivalent to "application/atom+xml;type=entry"; double-check spec
terms; Member Entry resource -> Entry Resource; Added MLE, Entry
Resource and Media Resource terms defs; 6.1 para split; 10.1
collection paging, rewrote for clarity; 13.1.1 app:edited rewrote for
clarity/conflict; text for GETting entries and cache handling; 4:
Typo: "And Media Resources IRIs", s/Resources/Resource/; consensus
call: application/atomsvc+xml, extension is .atomsvc; DRY app:
categories; make it clear the app:draft support is optional whether
or not the value is sent; 9.2: put related ideas together into
paragraphs.; 10: partial list editing; security: use elharos text;
app:edited: tweak text suplied by ari; create a section for
workspaces and move the descriptive text there; Moved rfc2818 to non-
normative references. Added the W3C note on lost updates as a
reference.
draft-ietf-atompub-protocol-13: Added Lisa's verbiage. Folded in
James' Atom Format media type 'type' parameter spec. Updated
document references to be more consistent, added URLs to some, and
shortened up their anchors. Debugged rnc.
draft-ietf-atompub-protocol-11: Parts of PaceAppEdited.
PaceSecurityConsiderationsRevised.
draft-ietf-atompub-protocol-10: PaceRemoveTitleHeader2,
PaceSlugHeader4, PaceOnlyMemberURI,PaceOneAppNamespaceOnly,
PaceAppCategories, PaceExtendIntrospection,
UseElementsForAppCollectionTitles3, renamed Introspection to Service,
lots of good editorials suggestions, updated media example with slug,
moved xml conventions to convention sections, renamed XMl related
Conventions to Atom Publishing Protocol Documents, added auth header
to examples, consolidated definition of all resource types into the
model section, added IANA reg info for application/atomcat+xml.
draft-ietf-atompub-protocol-09: PaceWorkspaceMayHaveCollections,
PaceMediaEntries5,
http://www.imc.org/atom-protocol/mail-archive/msg05322.html, and
http://www.imc.org/atom-protocol/mail-archive/msg05272.html
draft-ietf-atompub-protocol-08: added infoset ref; added wording re
IRI/URI; fixed URI/IRI ; next/previous fixed as per Atom
LinkRelations Attribute
(http://www.imc.org/atom-protocol/mail-archive/msg04095.html);
incorporated: PaceEditLinkMustToMay; PaceMissingDraftHasNoMeaning,
PaceRemoveMemberTypeMust, PaceRemoveMemberTypePostMust,
PaceTitleHeaderOnlyInMediaCollections, PacePreserveForeignMarkup,
PaceClarifyTitleHeader, PaceClarifyMediaResourceLinks,
PaceTwoPrimaryCollections;
draft-ietf-atompub-protocol-07: updated Atom refs to RFC4287;
incorporated PaceBetterHttpResponseCode;
PaceClarifyCollectionAndDeleteMethodByWritingLessInsteadOfMore;
PaceRemoveAcceptPostText; PaceRemoveListTemplate2;
PaceRemoveRegistry; PaceRemoveWhoWritesWhat;
PaceSimplifyClarifyBetterfyRemoveBogusValidityText;
PaceCollectionOrderSignificance; PaceFixLostIntrospectionText;
PaceListPaging; PaceCollectionControl; element typo in Listing
collections para3 (was app:member-type, not app:list-template);
changed post atom entry example to be valid. Dropped inline use of
'APP'. Removed nested diagram from section 4. Added ed notes in the
security section.
draft-ietf-atompub-protocol-06 - Removed: Robert Sayre from the
contributors section per his request. Added in
PaceCollectionControl. Fixed all the {daterange} verbage and
examples so they all use a dash. Added full rnc schema. Collapsed
Introspection and Collection documents into a single document.
Removed {dateRange} queries. Renamed search to list. Moved
discussion of media and entry collection until later in the document
and tied the discussion to the Introspection element app:member-type.
draft-ietf-atompub-protocol-05 - Added: Contributors section. Added:
de hOra to editors. Fixed: typos. Added diagrams and description to
model section. Incorporates PaceAppDocuments, PaceAppDocuments2,
PaceSimplifyCollections2 (large-sized chunks of it anyhow: the
notions of Entry and Generic resources, the section 4 language on the
Protocol Model, 4.1 through 4.5.2, the notion of a Collection
document, as in Section 5 through 5.3, Section 7 "Collection
resources", Selection resources (modified from pace which talked
about search); results in major mods to Collection Documents, Section
9.2 "Title: Header" and brokeout para to section 9.1 Editing Generic
Resources). Added XML namespace and language section. Some cleanup
of front matter. Added Language Sensitivity to some attributes.
Removed resource descriptions from terminology. Some juggling of
sections. See:
http://www.imc.org/atom-protocol/mail-archive/msg01812.html.
draft-ietf-atompub-protocol-04 - Add ladder diagrams, reorganize, add
SOAP interactions
draft-ietf-atompub-protocol-03 - Incorporates PaceSliceAndDice3 and
PaceIntrospection.
draft-ietf-atompub-protocol-02 - Incorporates Pace409Response,
PacePostLocationMust, and PaceSimpleResourcePosting.
draft-ietf-atompub-protocol-01 - Added in sections on Responses for
the EditURI. Allow 2xx for response to EditURI PUTs. Elided all
mentions of WSSE. Started adding in some normative references.
Added the section "Securing the Atom Protocol". Clarified that it is
possible that the PostURI and FeedURI could be the same URI. Cleaned
up descriptions for Response codes 400 and 500.
Rev draft-ietf-atompub-protocol-00 - 5Jul2004 - Renamed the file and
re-titled the document to conform to IETF submission guidelines.
Changed MIME type to match the one selected for the Atom format.
Numerous typographical fixes. We used to have two 'Introduction'
sections. One of them was moved into the Abstract the other absorbed
the Scope section. IPR and copyright notifications were added.
Rev 09 - 10Dec2003 - Added the section on SOAP enabled clients and
servers.
Rev 08 - 01Dec2003 - Refactored the specification, merging the
Introspection file into the feed format. Also dropped the
distinction between the type of URI used to create new entries and
the kind used to create comments. Dropped user preferences.
Rev 07 - 06Aug2003 - Removed the use of the RSD file for auto-
discovery. Changed copyright until a final standards body is chosen.
Changed query parameters for the search facet to all begin with atom-
to avoid name collisions. Updated all the Entries to follow the 0.2
version. Changed the format of the search results and template file
to a pure element based syntax.
Rev 06 - 24Jul2003 - Moved to PUT for updating Entries. Changed all
the mime-types to application/x.atom+xml. Added template editing.
Changed 'edit-entry' to 'create-entry' in the Introspection file to
more accurately reflect its purpose.
Rev 05 - 17Jul2003 - Renamed everything Echo into Atom. Added
version numbers in the Revision history. Changed all the mime-types
to application/atom+xml.
Rev 04 - 15Jul2003 - Updated the RSD version used from 0.7 to 1.0.
Change the method of deleting an Entry from POSTing <delete/> to
using the HTTP DELETE verb. Also changed the query interface to GET
instead of POST. Moved Introspection Discovery to be up under
Introspection. Introduced the term 'facet' for the services listed
in the Introspection file.
Rev 03 - 10Jul2003 - Added a link to the Wiki near the front of the
document. Added a section on finding an Entry. Retrieving an Entry
now broken out into its own section. Changed the HTTP status code
for a successful editing of an Entry to 205.
Rev 02 - 7Jul2003 - Entries are no longer returned from POSTs,
instead they are retrieved via GET. Cleaned up figure titles, as
they are rendered poorly in HTML. All content-types have been
changed to application/atom+xml.
Rev 01 - 5Jul2003 - Renamed from EchoAPI.html to follow the more
commonly used format: draft-gregorio-NN.html. Renamed all references
to URL to URI. Broke out introspection into its own section. Added
the Revision History section. Added more to the warning that the
example URIs are not normative.
Authors' Addresses Authors' Addresses
Joe Gregorio (editor) Joe Gregorio (editor)
IBM Google
4205 South Miama Blvd.
Research Triangle Park, NC 27709
US
Phone: +1 919 272 3764 EMail: joe@bitworking.org
Email: joe@bitworking.org URI: http://bitworking.org/
URI: http://ibm.com/
Bill de hOra (editor) Bill de hOra (editor)
NewBay Software
Email: bill@dehora.net EMail: bill@dehora.net
URI: http://dehora.net/ URI: http://dehora.net/
Full Copyright Statement Full Copyright Statement
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors contained in BCP 78, and except as set forth therein, the authors
retain all their rights. retain all their rights.
skipping to change at page 67, line 44 skipping to change at line 2348
attempt made to obtain a general license or permission for the use of attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr. http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at this standard. Please address the information to the IETF at
ietf-ipr@ietf.org. ietf-ipr@ietf.org.
Acknowledgment
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).
 End of changes. 172 change blocks. 
537 lines changed or deleted 331 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/