idnits 2.17.1 draft-ietf-opes-rules-p-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There are 133 instances of lines with control characters in the document. == There are 2 instances of lines with non-RFC2606-compliant FQDNs in the document. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 251: '... Interpreters MUST NOT silently conv...' RFC 2119 keyword, line 514: '...ct. Interpreters MUST supply two modul...' RFC 2119 keyword, line 529: '...ad, interpreters MUST provide access t...' RFC 2119 keyword, line 534: '... specification SHOULD contain a glob...' RFC 2119 keyword, line 578: '..., an interpreter MAY support loading o...' (2 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (September 21, 2003) is 7523 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC2616' is defined on line 902, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2234 (Obsoleted by RFC 4234) ** Obsolete normative reference: RFC 2396 (Obsoleted by RFC 3986) ** Downref: Normative reference to an Informational draft: draft-ietf-opes-architecture (ref. 'I-D.ietf-opes-architecture') -- Obsolete informational reference (is this intentional?): RFC 2616 (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235) Summary: 7 errors (**), 0 flaws (~~), 4 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Open Pluggable Edge Services A. Beck 3 Internet-Draft Lucent Technologies 4 Expires: March 21, 2004 A. Rousskov 5 The Measurement Factory 6 September 21, 2003 8 P: Message Processing Language 9 draft-ietf-opes-rules-p-01 11 Status of this Memo 13 This document is an Internet-Draft and is in full conformance with 14 all provisions of Section 10 of RFC2026. 16 Internet-Drafts are working documents of the Internet Engineering 17 Task Force (IETF), its areas, and its working groups. Note that other 18 groups may also distribute working documents as Internet-Drafts. 20 Internet-Drafts are draft documents valid for a maximum of six months 21 and may be updated, replaced, or obsoleted by other documents at any 22 time. It is inappropriate to use Internet-Drafts as reference 23 material or to cite them other than as "work in progress." 25 The list of current Internet-Drafts can be accessed at http:// 26 www.ietf.org/ietf/1id-abstracts.txt. 28 The list of Internet-Draft Shadow Directories can be accessed at 29 http://www.ietf.org/shadow.html. 31 This Internet-Draft will expire on March 21, 2004. 33 Copyright Notice 35 Copyright (C) The Internet Society (2003). All Rights Reserved. 37 Abstract 39 P is a simple configuration language designed for specification of 40 message processing instructions at application proxies. P can be used 41 to instruct an intermediary how to manipulate the application message 42 being proxied. Such instructions are needed in an Open Pluggable Edge 43 Services (OPES) context. 45 Table of Contents 47 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 48 2. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 49 3. Language elements . . . . . . . . . . . . . . . . . . . . . . 7 50 3.1 Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 51 3.2 Type conversion . . . . . . . . . . . . . . . . . . . . . . . 8 52 3.3 Operators . . . . . . . . . . . . . . . . . . . . . . . . . . 8 53 3.4 Expressions . . . . . . . . . . . . . . . . . . . . . . . . . 11 54 3.5 Statements . . . . . . . . . . . . . . . . . . . . . . . . . . 11 55 3.6 Assignments . . . . . . . . . . . . . . . . . . . . . . . . . 12 56 4. Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 57 4.1 Interpreter-module interface . . . . . . . . . . . . . . . . . 15 58 4.2 Modules and namespace . . . . . . . . . . . . . . . . . . . . 15 59 5. OPES Services . . . . . . . . . . . . . . . . . . . . . . . . 17 60 6. Failures . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 61 7. Security Considerations . . . . . . . . . . . . . . . . . . . 20 62 8. Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . 21 63 A. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 64 B. To-do . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 65 C. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 25 66 D. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 26 67 Normative References . . . . . . . . . . . . . . . . . . . . . 27 68 Informative References . . . . . . . . . . . . . . . . . . . . 28 69 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 28 70 Intellectual Property and Copyright Statements . . . . . . . . 29 72 1. Introduction 74 The Open Pluggable Edge Services (OPES) architecture 75 [I-D.ietf-opes-architecture], enables cooperative application 76 services (OPES services) between a data provider, a data consumer, 77 and zero or more OPES processors. The application services under 78 consideration analyze and possibly transform application-level 79 messages exchanged between the data provider and the data consumer. 80 OPES processors need to be told what services are to be applied to 81 what application messages. P language can be used for this 82 configuration task. 84 In other words, P language primary objective is to express statements 85 similar to: 87 if message meets criteria C, 88 then apply service S; 90 Figure 1 92 Thus, P programs mostly deal with formulating message-dependent 93 conditions and executing services. 95 P design attempts to satisfy several conflicting goals: 97 flexibility: Application intermediaries deal with a wide range of 98 applications and protocols (SMTP, HTTP, RTSP, IM, etc.). The 99 language must be able to accommodate virtually all known tasks in 100 selecting a desired adaptation service for a message of a known 101 application protocol (and conceivable future applications). 103 efficiency: Language interpretation must be efficient enough to be 104 comparable with other message processing overheads at a typical 105 application proxy (e.g., interpreting HTTP headers to determine 106 response cachability). 108 simplicity: Typical configurations must be easy to write and 109 understand for a typical OPES system administrator. 111 correctness: Many message handling configurations are written without 112 direct access to intermediaries that will use those 113 configurations. The extent of off-line (compile-time) correctness 114 checks should catch all syntax errors and many common semantic 115 errors such as undefined values and type conflicts. 117 compactness: It is possible that some processing instructions will be 118 piggybacked as headers/metadata to messages they refer to, placing 119 stringent size requirements on language code. 121 security: It should be difficult if not impossible to write malicious 122 code that would result in security vulnerability of compliant 123 language interpreter. 125 While P addresses OPES needs, its design is meant to be applicable 126 for a variety of similar intermediary configuration tasks such as 127 access control list (ACL) specification and message routing in proxy 128 meshes or load-balancing environments. 130 P design is based on a minimal useful subset of features from several 131 programming languages such as R (S), Smalltalk, and C++. Technically 132 speaking, P is a single-assignment, lazy evaluation, strongly typed 133 functional programming language. 135 2. Syntax 137 P syntax is defined by the following Augmented Backus-Naur Form 138 (ABNF) [RFC2234]: 140 code = *statement 142 statement = 143 expression-statement / 144 assignment-statement / 145 compound-statement / 146 if-statement / 147 comment / 148 ";" 150 if-statement = if-head *if-alt [if-tail] 151 if-head = "if" "(" expression ")" "{" code "}" 152 if-alt = "elsif" "(" expression ")" "{" code "}" 153 if-tail = "else" "{" code "}" 155 compound-statement = "{" code "}" 157 assignment = identifier ":=" expression ";" 159 expression-statement = expression ";" 161 expression = 162 constant-expression / 163 name / 164 function-call / 165 "{" code "}" / 166 unary-op expression / 167 expression binary-op expression 169 constant-expression = boolean / number / string 171 name = identifier *( "." identifier) 173 function-call = name "(" [call-parameters] ")" 175 call-parameters = expression *( "," expression) 177 identifier = (ALPHA / "_") *(ALPHA / DIGIT / "_") 179 unary-op = 180 "+" / "-" / 181 identifier 182 binary-op = 183 "==" / "!=" / 184 "<" / ">" / ">=" / "<=" / 185 "+" / "-" / "*" / "/" / "%" / 186 identifier 188 comment = "/*" OCTET "*/" ; no nesting allowed 190 boolean = "true" / "false" 192 number = 1*DIGIT ; no leading zeros 194 string = DQUOTE *string-char DQUOTE 196 string-char = 197 %x00-21 / %x23-5B / %x5D-FF / ; any but quote and backslash 198 escape-sequence ; C++ or XML escape sequence? XXX 200 Figure 2 202 3. Language elements 204 3.1 Objects 206 P is centered around the concept of an "object" that is similar to 207 objects from other object-oriented languages. An object is, 208 essentially, a piece of data or information. The value of an object 209 is indistinguishable from the object itself. Object type is defined 210 by the semantics of applicable operations and manipulations. Almost 211 everything in P is an object, even a piece of code. Here are a few P 212 objects, listed one per line: 214 0 215 "http://www.ietf.org/" 216 Core 217 { a := 1/0; } 219 Many objects contain other objects, often called members. Members 220 are accessible by their name, using the member access operator ("."). 221 Member access operator has a single parameter: the name of the member 222 to access. All P objects support "." operator, but not all objects 223 have members. Here are a few examples: 225 Http.message.headers 226 Core.interpreter.stop 227 "string".nosuchmember 229 Many objects support operators other than member access. For example, 230 member objects that support function call "()" operator are often 231 call methods. 233 Http.message.headers.have(header) 234 Core.interpreter.stop() 235 1 / 0 236 "string" + "string" 238 P operators are described in Section 3.3. below. 240 P does not have built-in facilities for describing object types. When 241 writing a P program, only objects known to interpreter (e.g., Core) 242 and objects generated by known objects (e.g., Http.message.headers) 243 can be used. P supports loadable modules that can be used to add 244 objects to support new application protocols. In fact, P core 245 supports no application protocols directly. Instead, modules like 246 "HTTP" can be used to process messages depending on application 247 protocol being proxied. 249 3.2 Type conversion 251 Interpreters MUST NOT silently convert (cast) object types. When 252 explicit conversion (casting) is needed objects should provide 253 polymorphic methods (methods with the same name but different formal 254 parameter types). 256 3.3 Operators 258 Operators are used in P to denote common operations on built-in 259 object types and language constructs. No operators are defined for 260 objects provided by modules. P operators do not modify their 261 operands. Note that all operators may result a failure. 263 Unary Operators 265 +--------------+-------------+-------------+------------------------+ 266 | operator | operand | result type | semantics | 267 | | type | | | 268 +--------------+-------------+-------------+------------------------+ 269 | + | number | number | returns operand | 270 | | | | | 271 | - | number | number | returns zero minus | 272 | | | | operand | 273 | | | | | 274 | import | string | module | imports module members | 275 | | | | into global namespace | 276 | | | | and returns a module | 277 | | | | object that can be | 278 | | | | used to access this | 279 | | | | module members | 280 | | | | explicitly; operand is | 281 | | | | module identifier, a | 282 | | | | URI; fails on any | 283 | | | | error | 284 | | | | | 285 | not | boolean | boolean | logical negation | 286 | | | | | 287 | try | code | boolean | interpret operand and | 288 | | | | return true or fail; | 289 | | | | try is the only | 290 | | | | operator defined for | 291 | | | | code; try never | 292 | | | | returns false | 293 +--------------+-------------+-------------+------------------------+ 294 Binary Operators 296 +-------------+-----------+----------+------------------------------+ 297 | operator | operands | result | semantics | 298 | | type | type | | 299 +-------------+-----------+----------+------------------------------+ 300 | == | boolean | boolean | simple value equality | 301 | | or | | | 302 | | integer | | | 303 | | | | | 304 | != | boolean | boolean | simple value inequality | 305 | | or number | | | 306 | | | | | 307 | < | number | boolean | less than; ">", "<=" and | 308 | | | | ">=" are defined similarly | 309 | | | | | 310 | equal | string | boolean | left string equals right | 311 | | | | string | 312 | | | | | 313 | contains | string | boolean | left contains right | 314 | | | | | 315 | begins_with | string | boolean | left string begins with the | 316 | | | | right string | 317 | | | | | 318 | ends_with | string | boolean | left string ends with the | 319 | | | | right string | 320 | | | | | 321 | and | boolean | boolean | short-circuited logical | 322 | | | | conjunction: the right | 323 | | | | expression is evaluated only | 324 | | | | if the left expression is | 325 | | | | true | 326 | | | | | 327 | or | boolean | boolean | short-circuited logical | 328 | | | | disjunction: the right | 329 | | | | expression is evaluated only | 330 | | | | if the left expression is | 331 | | | | false | 332 | | | | | 333 | xor | boolean | boolean | exclusive logical | 334 | | | | conjunction; cannot be | 335 | | | | short-circuited: both | 336 | | | | operands are evaluated | 337 | | | | | 338 | otherwise | statement | any | short-circuited failure | 339 | | | | detection: the right | 340 | | | | expression is evaluated only | 341 | | | | if the left expression | 342 | | | | fails; returns the value of | 343 | | | | the last expression | 344 | | | | evaluated | 345 | | | | | 346 | - | number | number | arithmetic difference | 347 | | | | | 348 | + | number | number | arithmetic sum | 349 | | | | | 350 | * | number | number | arithmetic product | 351 | | | | | 352 | / | number | number | arithmetic ratio; rounded to | 353 | | | | the closest integer (XXX?) | 354 | | | | | 355 | % | number | number | arithmetic modulo | 356 | | | | | 357 | . | name | object | object member access; fails | 358 | | | member | if the object produced by | 359 | | | | expression on the right does | 360 | | | | not have the member named by | 361 | | | | the expression on the left. | 362 +-------------+-----------+----------+------------------------------+ 364 A function call is an n-ary operator. Besides the function name, it 365 takes zero or more actual parameters as operands. 367 All string operators described above are case-sensitive and come with 368 the corresponding case-insensitive operators: EqualS, ContainS, 369 Begins_witH, and Ends_witH (XXX: bad idea to name using case?) (XXX: 370 should we force programmers to pick the right variant instead of 371 providing efficient, but usually wrong default: contains_s and 372 contains_i?) 374 Operator precedence defines natural evaluation order used in 375 mathematics and many programming languages. In the following list, 376 operators are ordered based on their precedence. Operators with 377 smaller precedence index are evaluated first. Operators with the same 378 precedence index are evaluated in the left-to-right order of 379 occurrence in an expression. 381 1. . 383 2. () 385 3. not 387 4. * / 389 5. + - 390 6. all binary operators on string: equals, contains, ... 392 7. import 394 8. == != < <= > >= 396 9. and 398 10. or 400 11. xor (XXX: misplaced?) 402 12. try (XXX: misplaced?) 404 13. otherwise 406 3.4 Expressions 408 P expressions are used in if-statements to specify the condition for 409 the if-statement body to be interpreted. 411 if (Http.request.method == "GET" and time.current() > time.noon) { 412 ... 413 } 415 Figure 6 417 Evaluation of an expression stops when the value of an expression is 418 known and cannot be changed by further evaluation. This 419 short-circuiting optimization technique is common to many programming 420 languages. In the following example, the value of A will never be 421 interpreted when C is interpreted, regardless of the context where C 422 is used: 424 C := false and A; 425 if (C) { ... }; 426 if (!C) { ... }; 427 ... 429 Figure 7 431 3.5 Statements 433 Objects are manipulated using if-statements and function-calls. 435 if (Http.request.method == "GET") { 436 Services.applyOne(serviceFoo); 437 } 439 Figure 8 441 3.6 Assignments 443 Most procedural programming languages use variables to store 444 intermediate processing results. In such languages, a variable is 445 essentially a named piece of memory that can be assigned a value and 446 can be updated with new values as needed. P does not have such 447 variables. Instead, P uses a "single assignment" approach: an 448 expression can be tagged with a name and that name can be reused many 449 times in the program. On the surface, this is equivalent to having 450 all "traditional" variables declared as "constant". The following two 451 if-statements are semantically equivalent in P: 453 if (Http.request.headers.have(Http.makeHeader("Client-IP"))) {...} 455 h := Http.makeHeader("Client-IP"); 456 hs := Http.request.headers(); 457 if (hs.have(h)) {...} 459 Figure 9 461 If the expression changes, a new name must be used to tag the new 462 expression. After an assignment statement, the value of the name is 463 not the value of the expression, but the expression itself. Thus, 464 the following two code fragments are equivalent and make no sense in 465 P (the first fragment would make sense in languages such as C++): 467 h := Http.makeHeader("Client-IP"); 468 h := Http.makeHeader("Server-IP"); 470 h := Http.makeHeader("Client-IP"); 471 Http.makeHeader("Client-IP") := Http.makeHeader("Server-IP"); 473 Figure 10 475 The interpreter can but does not have to evaluate the expression 476 named in the assignment statement until the name is actually used in 477 an expression that requires evaluation (e.g., as a parameter of a 478 function call statement). This allows for optional performance 479 optimizations where only used expressions are evaluated. 481 P does not have user-defined functions. However, some code reuse is 482 possible because P code is a valid expression and, hence, can be 483 named and reused: 485 code := { ... complicated service action ... }; 486 if (condition1) { code; }; 487 ... 488 if (condition2) { code; }; 490 Figure 11 492 XXX: document whether expression has to be evaluated in the 493 assignment context or use context. 495 Names introduced using assignments have global scope. Global scope 496 makes it possible to select among alternative values without 497 user-defined functions or true variables: 499 if (condition) { 500 /* no "service" name exists at this point */ 501 service := Services.findOne(uri1); 502 } else { 503 /* no "service" name exists at this point */ 504 service := Services.findOne(uri2); 505 service.authorization(myAuth); 506 } 507 Services.applyOne(service); /* service name is still visible */ 509 Figure 12 511 4. Modules 513 Application-specific support is available in P via modules. Module is 514 an object. Interpreters MUST supply two modules named Core and 515 Services. The Core module contains members for manipulating built-in 516 P object types such as integers and strings. The Services module 517 manages OPES services. Application specific modules can be loaded 518 into the namespace of a P program via the import operator (see 519 Section 3.3). For example, the following P code imports an HTTP 520 module, names the result (the module itself) "Http", and checks for 521 the presence of a certain HTTP message header: 523 Http := import "http://ietf.org/opes/rules/p/HTTP"; 524 if (Http.message.headers.have("Accept")) { ... } 526 Figure 13 528 It is not possible to import a Core or Services module explicitly. 529 Instead, interpreters MUST provide access to Core and Services 530 members as if those modules were imported just before the program 531 text. 533 Modules are identified by their URIs [RFC2396]. A module 534 specification SHOULD contain a globally unique URI for that module. 535 Module URIs are usually not used to fetch module implementation 536 remotely, but to identify a suitable local copy of a module; they are 537 identifiers, not locators. Interpreters maintain a directory of 538 known-to-them module URIs. When a module needs to be imported, the 539 interpreter checks internal metadata and loads the requested module 540 using module-specific interface. If the module is not known or 541 loading fails, the import operator fails and the failure is 542 propagated using standard failure propagation rules (see Section 6). 543 The following example attempts to import one of the SMTP modules. 545 /* load one of the available SMTP modules */ 546 Smtp := import "http://ietf.org/opes/rules/p/SMTP" otherwise 547 import "http://examle.org/opes/optimized/SMTPv3"; 549 Figure 14 551 Import operation has program scope. It is not possible to "unload" an 552 imported module. 554 { 555 M := import "http://ietf.org/opes/rules/p/HTTP"; 556 ... 557 } 558 /* M and M members are still visible here */ 559 if (M.connection.is_persistent()) { ... } 561 Figure 15 563 4.1 Interpreter-module interface 565 Most modules are not written in P since the language lacks native 566 mechanisms for defining module or function interface. Most modules 567 are tightly integrated with OPES processors because application 568 adaptation requires access to processor's internal state. For 569 example, an HTTP intermediary implemented in C++ can use modules 570 written in C++ and may require that implementors inherit their 571 modules from a given C++ class. Such modules may be loaded using, 572 for example, a "dynamically loadable module" mechanism supported by 573 most modern operating systems. Similarly, a Java OPES processor may 574 require that all modules implement a given Java interface and use 575 Java importing mechanism. This specification does not document any 576 specific interface between an interpreter and third-party modules. 578 Nevertheless, an interpreter MAY support loading of modules written 579 in P (similar to C++ #include directives). The interface for 580 distinguishing URIs of P programs from integrated modules is 581 implementation-dependent and is not described here. For example, an 582 interpreter may assume that all unknown module URIs correspond to raw 583 P programs and attempt to include such a program if the URI scheme is 584 known to the interpreter: 586 MyLibrary := import "file://usr/local/lib/globalrules.p"; 588 Figure 16 590 4.2 Modules and namespace 592 Members of imported modules belong to the global namespace and are 593 directly accessible (visible) without the module name prefix. This 594 simple rule may lead to conflicts when two imported modules contain a 595 member with the same name. Interpreters MUST fail if any name 596 resolution is ambiguous. Interpreters MUST NOT use heuristics to 597 guess programmer's intent. Programmers have to use fully qualified 598 names to resolve ambiguities. 600 For example, all of the import statements below pollute global name 601 space, but the first two provide a way for a programmer to resolve 602 conflicts, if any: 604 /* import HTTP module */ 605 Http := import "http://ietf.org/opes/rules/p/HTTP"; 607 /* import SMTP module */ 608 Smtp := import "http://ietf.org/opes/rules/p/SMTP"; 610 /* import a local file without naming it */ 611 import "file:///usr/local/globalrules.p"; 613 Figure 17 615 In the following example, both the Http and Smtp modules have the 616 same member named "message", and the code leads to an ambiguity, even 617 though Smtp module's message does not have a "method" member: 619 Smtp := import "http://ietf.org/opes/rules/p/SMTP"; 620 Http := import "http://ietf.org/opes/rules/p/HTTP"; 622 method1 := message.method; /* error: HTTP or SMTP "message"? */ 623 method2 := Http.message.method; /* OK: HTTP "message" */ 625 Figure 18 627 5. OPES Services 629 Services module contains basic attributes and methods for searching 630 and executing OPES services: 632 Services.findOne(URI): returns a service object that corresponds to 633 the specified URI. Fails if no corresponding object exists. 635 Services.applyOne(service, ...): applies the specified service to the 636 current application message and optionally supplies 637 service-specific application parameters. XXX: should parameters 638 include the part of the message to be modified or just services 639 metadata? 641 Here is a service application example for a German to French 642 translation service: 644 Http := import("Http"); 645 if (Http.response.language_is("german")) { 646 service := Services.findOne("opes://svs/tran/german/french"); 647 service.toDialect("southern"); 648 Services.applyOne(service, Http.request.headers); 649 } 651 Figure 19 653 XXX: explain how failures are propagated and can be handled 655 XXX: add Core.interpreter.stop and Core.interpreter.restart methods. 657 6. Failures 659 Virtually any P statement may fail: expression denominator may be 660 zero, named members may not exist, functions may not support supplied 661 parameters, service execution may fail, interpreter may ran out of 662 resources during an assignment, etc. A failure immediately stops 663 interpretation of the expression that caused it. 665 Failure is propagated up the expression and statement stack until the 666 stack is empty or an "otherwise" alternative is reached (see Section 667 3.3). If the stack is empty, the entire P program interpretation 668 terminates with a failure. If an "otherwise" alternative is 669 encountered, the failure is forgotten and interpretation resumes with 670 that alternative. 672 Failure propagation rules allow to catch failures, similar to an 673 exception mechanisms in languages like C++ or Java, except that P 674 exceptions are not objects (they carry no information). For example, 675 here is a simple way to introduce a backup/failover service: 677 { 678 ... 679 Services.applyOne(unsafeService); 680 } otherwise { 681 ... 682 Services.applyOne(failoverService); 683 }; 685 Figure 20 687 The "otherwise" operator makes it simple to select among 688 failure-prone alternatives: 690 service := findOne(uri1) otherwise findOne(uri2); 692 Figure 21 694 The following example illustrates how a failure-prone service can be 695 retried twice if needed: 697 code := { 698 /* code executing the service */ 699 }; 700 try code otherwise try code otherwise try code; 702 Figure 22 704 It is possible to force the interpreter to fail using the 705 "Core.interpreter.fail(reason)" call. This is handy when there is a 706 logical failure that the interpreter cannot detect on its own: 708 { 709 /* large piece of code executing several services, 710 each manipulating the current HTTP message ... */ 712 /* checkpoint */ 713 if (!Http.message.headers.have("Content-Length")) { 714 Core.interpreter.fail("services did not set CL"); 715 } 717 /* OK, continue message manipulation ... */ 718 } otherwise { 719 /* recover from failure ... */ 720 } 722 Figure 23 724 This specification has no failure reporting requirements. The extent 725 and form of failure reporting depends on the environment: Developer 726 environments would benefit from extensive and detailed reporting of 727 failures. Stand-alone intermediaries processing P instructions may 728 benefit from some reporting, appropriately implemented not to bring 729 down the proxy due to high volume of failures. User environments, 730 especially mobile and similarly resource-constraint applications 731 should probably conserve scarce resources and produce no reports by 732 default. 734 7. Security Considerations 736 XXX: document non-obvious vulnerabilities: too many names, too deep 737 nesting, invalid math, too much error logging; execution of 738 unauthorized services, unauthorized exposure of sensitive information 739 to authorized services. 741 8. Compliance 743 XXX: define what a compliant interpreter is. 745 Appendix A. Examples 747 This appendix contains half-baked examples to illustrate P usage in 748 common OPES environments. Example themes are taken from 749 [I-D.beck-opes-irml] to ease the comparison with IRML. 751 Here is a data provider example: 753 interpreter.languageVersion("1.0"); // fails if incompatible 755 Http := import("Http"); 756 lookup(Http); 758 // Is the requested web document our home page? 759 isHome := request.uri.looksLikeHome(); 761 // Does the user send us a specific cookie? 762 cookie := makeHeader("Cookie", "sew=23"); 763 haveCookie := request.headers.have(cookie); 765 if (isHome and haveCookie) { 766 Services := import("Services"); 767 service := Services.findOne("opes://local.net/add-lcl-content"); 768 service.clientIp(request.clientIp); 769 Services.applyOne(service); 770 } 772 Figure 24 774 Here is a data consumer example: 776 Services := import("Services"); 777 service := Services.findOne("opes://privacy.net/priv-serv"); 778 service.action("remove-referer"); 779 Services.applyOne(service); 781 Figure 25 783 Appendix B. To-do 785 i18n: What are IETF and real-world internationalization requirements 786 for languages? Can we say that everything is Unicode UTF-8 and be 787 done with it? Does UTF have a notion of space characters like 788 ASCII does? If not, how can we separate grammar tokens without 789 requiring them to be ASCII? 791 namespaces: Module lookup facility leads to potential conflicts among 792 identical names from different modules. What is the best way to 793 resolve these conflicts? How other languages do it? 795 security: Write Security Considerations section. A lot can be moved 796 from the IRML security section. Some can be borrowed from OCP 797 Core. 799 module URI: Is there an IETF document that tells us how to assign/ 800 manage URIs for new "things" like modules? For example, do we use 801 http://ietf.org/opes/http for HTTP module? Or do we use iana.org 802 domain name instead? Is http:// a good choice for the scheme or 803 should we use opes:// or even p://?!. Do we use de-facto file:// 804 for local filenames from where raw P code can be included 805 directly? Note that modules like HTTP are not written in P! 807 examples: Add more simple but realistic and illustrative examples: 808 HTTP header anonymization, OPES/HTTP trace entry management (e.g., 809 removing trace entries of a given OPES service), removing a virus 810 attachment from an SMTP message. Ask filtering/ICAP people to 811 supply use cases. 813 interpreter API: Document that we do not document interpreter API -- 814 how, for example, an implemented HTTP module is actually "loaded". 815 Mention that the solution would depend on the interpreter 816 implementation and the same HTTP module is unlikely to be 817 compatible with different interpreters. 819 define interpreter: Add terminology section. Define interpreter to 820 mean compiler, or run-time interpreter, or bytecode generator, or 821 anything of that kind. 823 op keywords: Document that operator names (via identifier BNF entry) 824 are not keywords: object members can use identifiers that clash 825 with operator names since there can be no ambiguity. 827 statement value: Document values of all statements (e.g., 828 compound-statement value is the value of the last statement in a 829 compound)? 831 RE: Decide whether we should support regular expression matching 832 natively. 834 if-else-if: Make if-else-if syntax compact. 836 str ==: Remove "==" for strings in examples. There is no such 837 operator for strings anymore. 839 Appendix C. Acknowledgments 841 The author gratefully acknowledges contributions of: Anwar M. Haneef 842 (Motorola). 844 Appendix D. Change Log 846 Internal WG revision control IDs: $RCSfile: rules-lang.xml,v $ 847 $Revision: 1.20 $. 849 2003/09/21 851 * Explained undocumented relationship between interpreters and 852 third-party modules. 854 2003/09/19 856 * Simplified module importing and lookup facilities. Import is 857 now a built-in operator and not a Core method. Explicit lookup 858 control is gone in favor of always-lookup default. 860 2003/09/18 862 * Completed syntax BNF except for escape sequences. 864 * Distinguish interpretation failure from boolean false: use 865 "otherwise" and "or" operators respectively. With just "or" it 866 was impossible to say whether, say, "h.has(foo)" failed or "h" 867 just does not have "foo". 869 * Use Perl semantics for "otherwise" -- return the value of last 870 evaluated expression, not true/false. 872 * Nearly completed a set of supported operators, including 873 operators for strings. 875 * Operators should only be supported for built-in objects because 876 it is difficult to define how "5 + object" is interpreted 877 without running into problems with "object + object" ("object + 878 5" is easy but we need symmetry). It is unlikely that we are 879 losing much with this limitation anyway -- protocol objects 880 would rarely have good semantics for operators. 882 * Defined scope rules for new names introduced by assignments. 884 * Added Acknowledgments section. 886 Normative References 888 [RFC2234] Crocker, D. and P. Overell, "Augmented BNF for Syntax 889 Specifications: ABNF", RFC 2234, November 1997. 891 [RFC2396] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform 892 Resource Identifiers (URI): Generic Syntax", RFC 2396, 893 August 1998. 895 [I-D.ietf-opes-architecture] 896 Barbir, A., "An Architecture for Open Pluggable Edge 897 Services (OPES)", draft-ietf-opes-architecture-04 (work in 898 progress), December 2002. 900 Informative References 902 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Nielsen, H., 903 Masinter, L., Leach, P. and T. Berners-Lee, "Hypertext 904 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. 906 [I-D.beck-opes-irml] 907 Beck, A. and M. Hofmann, "IRML: A Rule Specification 908 Language for Intermediary Services", 909 draft-beck-opes-irml-03 (work in progress), June 2003. 911 Authors' Addresses 913 Andre Beck 914 Lucent Technologies 915 101 Crawfords Corner Rd. 916 Holmdel, NJ 917 US 919 Phone: +1 732 332-5983 920 EMail: abeck@bell-labs.com 922 Alex Rousskov 923 The Measurement Factory 925 EMail: rousskov@measurement-factory.com 926 URI: http://www.measurement-factory.com/ 928 Intellectual Property Statement 930 The IETF takes no position regarding the validity or scope of any 931 intellectual property or other rights that might be claimed to 932 pertain to the implementation or use of the technology described in 933 this document or the extent to which any license under such rights 934 might or might not be available; neither does it represent that it 935 has made any effort to identify any such rights. Information on the 936 IETF's procedures with respect to rights in standards-track and 937 standards-related documentation can be found in BCP-11. Copies of 938 claims of rights made available for publication and any assurances of 939 licenses to be made available, or the result of an attempt made to 940 obtain a general license or permission for the use of such 941 proprietary rights by implementors or users of this specification can 942 be obtained from the IETF Secretariat. 944 The IETF invites any interested party to bring to its attention any 945 copyrights, patents or patent applications, or other proprietary 946 rights which may cover technology that may be required to practice 947 this standard. Please address the information to the IETF Executive 948 Director. 950 Full Copyright Statement 952 Copyright (C) The Internet Society (2003). All Rights Reserved. 954 This document and translations of it may be copied and furnished to 955 others, and derivative works that comment on or otherwise explain it 956 or assist in its implementation may be prepared, copied, published 957 and distributed, in whole or in part, without restriction of any 958 kind, provided that the above copyright notice and this paragraph are 959 included on all such copies and derivative works. However, this 960 document itself may not be modified in any way, such as by removing 961 the copyright notice or references to the Internet Society or other 962 Internet organizations, except as needed for the purpose of 963 developing Internet standards in which case the procedures for 964 copyrights defined in the Internet Standards process must be 965 followed, or as required to translate it into languages other than 966 English. 968 The limited permissions granted above are perpetual and will not be 969 revoked by the Internet Society or its successors or assignees. 971 This document and the information contained herein is provided on an 972 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 973 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 974 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 975 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 976 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 978 Acknowledgement 980 Funding for the RFC Editor function is currently provided by the 981 Internet Society.