Network Working Group R. Sayre Internet-Draft October 3, 2005 Expires: April 6, 2006 The Atom Publishing Protocol (Basic) draft-sayre-atompub-protocol-basic-02.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. This document may not be modified, and derivative works of it may not be created. This document may only be posted in an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 6, 2006. Copyright Notice Copyright (C) The Internet Society (2005). Abstract This memo presents a protocol for using XML (Extensible Markup Language) and HTTP (HyperText Transport Protocol) to edit content. The Atom Publishing Protocol is an application-level protocol for publishing and editing Web resources belonging to periodically updated websites. The Atom format is documented in the Atom Syndication Format (draft-ietf-atompub-format-11.txt). Sayre Expires April 6, 2006 [Page 1] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 Editorial Note To provide feedback on this Internet-Draft, join the atom-protocol mailing list . Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Notational Conventions . . . . . . . . . . . . . . . . . . . 4 3. The Atom Publishing Protocol Model . . . . . . . . . . . . . 5 4. Collections . . . . . . . . . . . . . . . . . . . . . . . . 9 5. Media Collections . . . . . . . . . . . . . . . . . . . . . 12 6. Service Outlines . . . . . . . . . . . . . . . . . . . . . . 14 7. Selection . . . . . . . . . . . . . . . . . . . . . . . . . 16 8. Security Considerations . . . . . . . . . . . . . . . . . . 18 9. Normative References . . . . . . . . . . . . . . . . . . . . 18 Author's Address . . . . . . . . . . . . . . . . . . . . . . 19 A. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 20 Intellectual Property and Copyright Statements . . . . . . . 21 Sayre Expires April 6, 2006 [Page 2] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 1. Introduction The Atom Publishing Protocol (APP) is an application-level protocol for publishing and editing Web resources using HTTP [RFC2616] and XML [W3C.REC-xml-20040204]. Sayre Expires April 6, 2006 [Page 3] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 2. Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. The APP namespace is "http://purl.org/atom/app#". This specification refers to it by using the prefix "pub", but that prefix is arbitrary. The terms 'URI' and 'IRI' are shorthand for the identifiers specified in [RFC3986] and [RFC3987]. Sayre Expires April 6, 2006 [Page 4] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 3. The Atom Publishing Protocol Model The Atom Publishing Protocol operates on collections of Web resources. All collections support the same basic interactions, as do the resources within the collections. The patterns of interaction are based on the common HTTP verbs. This section illustrates the editing cycle for Atom entries. o GET is used to retrieve a representation of a resource or perform a read-only query. o POST is used to create a new, dynamically-named resource. o PUT is used to update a known resource. o DELETE is used to remove a resource. 3.1 Collections The APP groups resources into "Collections", which are analogous to the "folders" or "directories" found in many file systems. 3.2 Discovery To discover the location of the collections exposed by an APP service, the client must locate and request a Service Outline (Section 6). Service Outlines describe the layout of an APP service. Client Server | | | 1.) GET Outline URI | |------------------------------->| | | | 2.) Service Outline Doc | |<-------------------------------| | | 1. The client sends a GET request to the Service Outline Resource. 2. The server responds with a Service Outline Document containing the locations of collections provided by the service. The content of this document can vary based on aspects of the client request, including, but not limited to, authentication credentials. Sayre Expires April 6, 2006 [Page 5] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 3.3 Listing Once the client has discovered the location of a collection in the outline, it can request a listing of the collection's membership. However, collections might be extremely large, so servers are likely to list a small subset of the collection by default. Clients that wish to exercise greater control over the subset returned by the server can check for an "app:select" template (see Section 7). Client Server | | | 1.) GET to Collection URI | |------------------------------->| | | | 2.) 200 OK, Atom Feed Doc | |<-------------------------------| | | 1. The client sends a GET request to the Collection's URI. 2. The server responds with an Atom Feed Document containing a full or partial listing of the collection's membership. 3.4 Authoring After locating a collection, a client can add entries by sending a request to the collection; other changes are accomplished by sending HTTP requests to its member resources. 3.4.1 Create Client Server | | | 1.) POST to Collection URI | |------------------------------->| | | | 2.) 201 Created @ Location | |<-------------------------------| | | 1. The client sends a representation of a member to the server via HTTP POST. The Request URI is that of the Collection. 2. The server responds with a response of "201 Created" and a "Location" header containing the URI of the newly-created resource. Sayre Expires April 6, 2006 [Page 6] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 3.4.2 Read Client Server | | | 1.) GET or HEAD to Member URI | |------------------------------->| | | | 2.) 200 OK Atom Entry | |<-------------------------------| | | 1. The client sends a GET (or HEAD) request to the member's URI. 2. The server responds with an Atom Entry document. 3.4.3 Update Client Server | | | 1.) PUT to Member URI | |------------------------------->| | | | 2.) 200 OK | |<-------------------------------| 1. The client PUTs an updated representation to the member's URI. 2. The server responds with a representation of the member's new state. 3.4.4 Delete Client Server | | | 1.) DELETE to Member URI | |------------------------------->| | | | 2.) 204 No Content | |<-------------------------------| | | 1. The client sends a DELETE request to the member's URI. 2. The server responds with successful status code. Sayre Expires April 6, 2006 [Page 7] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 3.5 Success and Failure HTTP defines classes of response. HTTP status codes of the form 2xx signal that a request was successful. HTTP status codes of the form 4xx or 5xx signal that an error has occurred, and the request has failed. Consult the HTTP specification for more detailed definitions of each status code. Sayre Expires April 6, 2006 [Page 8] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 4. Collections An Atom Collection is a set of related resources represented by one or more Atom Feed documents [AtomFormat]. Atom Collections are ordered the date their members were updated, with the most recently updated member appearing first. 4.1 GET Collections can contain extremely large numbers of resources. A naive client such as a web spider or web browser would be overwhelmed if the response to a GET reflected the full membership of the collection, and the server would waste large amounts of bandwidth and processing time on clients unable to handle the response. As a result, responses to a simple GET request represent a server- determined subset of the collection's membership. Collections MAY provide parameterized GET requests (see Section 7). An example collection feed: My Posts1 urn:uuid:ce61592c-14e2-4557-978e-dfbd444aefa6 2005-12-21T04:11:00-08:00 title 25 2005-12-21T04:11:00-08:00 Foo urn:uuid:941e12b4-6eeb-4753-959d-0cbc51875387 ... Each member is represented by an Atom Entry, but those entries are not an editable representation of the entry. To retrieve the source representation of the entry, clients send a GET request to the URI found in each entry's pub:edit element (see Section 4.3.1). Derived resources are located by examining an entry's atom:link elements. Sayre Expires April 6, 2006 [Page 9] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 4.2 POST In addition to GET, a Collection Resource also accepts POST requests. The client POSTs a representation of the desired resource to the Collection Resource. Note that some collections only allow members of a specific media-type and a POST MAY generate a response with a status code of 415 ("Unsupported Media Type"). In the case of a successful creation, the status code MUST be 201 ("Created"). Example request creating a resource in a collection. POST /collection HTTP/1.1 Host: example.org User-Agent: Cosimo/1.0 Content-Type: application/atom+xml Content-Length: nnnn ...data... Example response. HTTP/1.1 201 Created Date: Mon, 21 Mar 2005 19:20:19 GMT Server: CountBasic/2.0 ETag: "4c083-268-423f1dc6" Location: http://example.org/stuff/foo13241234.atom 4.3 Entry Collections Entry Collections are Collections that restrict their membership to Atom entries. The entries are edited by sending HTTP requests to the URI found in an individual entry's pub:edit element. Servers can determine the processing necessary to interpret a request by examining the request's HTTP method. 4.3.1 The 'pub:edit' Element The pub:edit element has one attribute, 'href'. The value of this attribute is an IRI reference interpreted relative to xml:base. 4.3.2 Role of Atom Entry Elements During Editing The elements of an Atom Entry Document are either a 'Writable Element' or a 'Round Trip Element'. Sayre Expires April 6, 2006 [Page 10] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 Writable Element - An element of an Atom Entry whose value is editable by the client and not enforced by the server. Round Trip Element - An element of an Atom Entry whose value is enforced by the server and not editable by the client. That categorization determines the elements' disposition during editing. +--------------------+------------+ | Atom Entry Element | Property | +--------------------+------------+ | atom:author | Writable | | | | | atom:category | Writable | | | | | atom:content | Writable | | | | | atom:contributor | Writable | | | | | atom:id | Round Trip | | | | | atom:link | Writable | | | | | atom:published | Writable | | | | | atom:source | Writable | | | | | atom:summary | Writable | | | | | atom:title | Writable | | | | | atom:updated | Round Trip | +--------------------+------------+ Table 1 Sayre Expires April 6, 2006 [Page 11] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 5. Media Collections Media Collections are Collections that do not have uniform restrictions on the representations of the member resources. For example, they might contain JPEG images, text documents, MPEG movies, and any other type of resource the server allows. 5.1 GET Media Collections return an Atom feed much like Entry Collections, but with a few additions. The listing MUST also contain an atom: content element with a 'src' attribute pointing to the media resource. This URI can be used to edit the uploaded media resource, using PUT and DELETE. Such entries MAY contain pub:edit elements used to edit the entry metadata. As with other collection members, derived resources can be located by inspecting an entry's atom:link elements. An example Media Collection feed: My Posts1 Foo urn:uuid:ce61592c-14e2-4557-978e-dfbd444aefa6 2005-12-21T04:11:00-08:00 title 25 2005-12-21T04:11:00-08:00 urn:uuid:941e12b4-6eeb-4753-959d-0cbc51875387 this was awesome ... The Atom Syndication Format requires that each such entry contain an atom:title and atom:summary element. This requirement can be challenging to meet without requiring users to enter tedious Sayre Expires April 6, 2006 [Page 12] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 metadata, but servers SHOULD attempt to provide textual data about the resource in the interests of accessibility. The atom:title element will likely be provided by the client, as way for users to associate their local resources with those they have uploaded to the server (see POST below). 5.2 POST To create media resources, clients POST the resource to the Media Collection's URI. Clients SHOULD provide a 'Title' request header to provide the server with a short string identifying the resource to users. Clients MAY include a 'Content-Description' header [RFC2045] providing a more complete description of the content. In addition, servers MAY inspect the POSTed entity for additional metadata to be exposed in an atom:entry when listed in a Media Collection. For example, the server might inspect a JPEG file for EXIF headers containing creator data. An example request. POST /collection HTTP/1.1 Host: example.org User-Agent: Cosimo/1.0 Content-Type: image/jpg Content-Length: nnnn Title: A Trip to the beach Content-Description: It was so fun. ...binary data... An example request. HTTP/1.1 201 Created Date: Mon, 21 Mar 2005 19:20:19 GMT Server: CountBasic/2.0 ETag: "4c083-268-423f1dc6" Location: http://example.org/stuff/beach.jpg Sayre Expires April 6, 2006 [Page 13] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 6. Service Outlines In order for authoring to commence, a client must first discover the capabilities and locations of collections offered. The Service Outline Document is a XOXO outline [XOXO]. The top level list items describe distinct groups of resources offered by the service. For example, a user with an account containing three blogs would have 3 items at the top of the outline. There is no requirement that servers support multiple top-level items, and a collection may appear in more than one location in the document. Clients can read entries contained in a collection by visiting an the URI located in the 'href' attribute of a XOXO outline item. This URI also serves as the location a client POSTs new entries to. The 'rel' attribute of the XHTML anchor element conveys the nature of a collection's member resources. This specification defines two initial values for the 'rel' attribute: o entry o media These values correspond to the two types of collection defined by this specification. Extensibility for 'rel' values is specified in XHTML Modularization [W3C.REC-xhtml-modularization-20010410]. 6.1 The 'app:select' Attribute Anchor elements in Service Outlines MAY also include an "app:select" attribute. When present, this attribute provides a template for the parameterized GET requests described in Section 7. After substitution of the appropriate parameters, the resulting URI reference is interpreted relative to the in-scope base URI. Sayre Expires April 6, 2006 [Page 14] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 An example Service Outline: Sayre Expires April 6, 2006 [Page 15] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 7. Selection Some clients require more precise control over the server's response. For example, the client might wish to construct a record of the collection's complete membership without generating a very large number of requests. Another possibility is that the client might wish to limit the results to a small number of entries. 'count': the maximum number of Atom Entries to be included in the response. The field is an integer. 'offset': the offset at which to begin the sequence of entries that match a given request. The field is an integer. 'begin': Atom entries in the returned feed MUST have an atom: updated date later in time than the 'begin' date. The field MUST match the syntax of an Atom Date Construct [AtomFormat]. 'end': Atom entries in the returned feed MUST have an atom:updated date equal or earlier in time than the 'end' date. The field MUST match the syntax of an Atom Date Construct [AtomFormat]. None of the parameters are required. Example Selection URI (disregard line break) http://example.com/foo?begin=2003-12-13T18:30:02Z\ &end=2003-12-25T18:30:02Z&offset=2&count=4 Selection URIs are templated by surrounding the field names in brackets. For example, the 'count' field would appear as '{count}' in a template. An example selection template. http://example.com/entries?b={begin}&e={end}&i={offset}&c={count} If no 'end' field is present: The 'end' date is considered to be the updated date of the collection's most recently updated member resource. If no 'begin' field is present: The 'begin' date is considered to be the update date of the collection's least recently updated member resource. If no 'offset' field is present: The 'offset' integer is considered to be 0. Sayre Expires April 6, 2006 [Page 16] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 If no 'count' field is present: The 'count' integer is determined by the server. Sayre Expires April 6, 2006 [Page 17] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 8. Security Considerations APP relies on HTTP Authentication. See [RFC2617] for a more detailed description of the security properties of HTTP Authentication. 9. Normative References [AtomFormat] Nottingham, M. and R. Sayre, "The Atom Syndication Format", work-in-progress, August 2005. [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies", RFC 2045, November 1996. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. [RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, "HTTP Authentication: Basic and Digest Access Authentication", RFC 2617, June 1999. [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, January 2005. [RFC3987] Duerst, M. and M. Suignard, "Internationalized Resource Identifiers (IRIs)", RFC 3987, January 2005. [W3C.REC-xhtml-modularization-20010410] Altheim, M., Boumphrey, F., McCarron, S., Dooley, S., Schnitzenbaumer, S., and T. Wugofski, "Modularization of XHTML", W3C REC REC-xhtml-modularization-20010410, April 2001. [W3C.REC-xml-20040204] Yergeau, F., Paoli, J., Sperberg-McQueen, C., Bray, T., and E. Maler, "Extensible Markup Language (XML) 1.0 (Third Edition)", W3C REC REC-xml-20040204, February 2004. [XOXO] Marks, K., Celik, T., Pilgrim, M., and M. Peterson, "XOXO 1.0: Extensible Open XHTML Outlines", October 2004. Sayre Expires April 6, 2006 [Page 18] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 Author's Address Robert Sayre Email: rfsayre@boswijck.com URI: http://boswijck.com Sayre Expires April 6, 2006 [Page 19] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 Appendix A. Contributors This draft is a variant of the in-progress Atom Publishing Protocol specification from the IETF Atompub WG, and owes a debt to the WG's members. Sayre Expires April 6, 2006 [Page 20] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. The IETF has been notified of intellectual property rights claimed in regard to some or all of the specification contained in this document. For more information consult the online list of claimed rights. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Sayre Expires April 6, 2006 [Page 21] Internet-Draft The Atom Publishing Protocol (Basic) October 2005 Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Sayre Expires April 6, 2006 [Page 22]