idnits 2.17.1 

draft-ietf-webdav-redirectref-protocol-06.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Looks like you're using RFC 2026 boilerplate.  This must be updated to
     follow RFC 3978/3979, as updated by RFC 4748.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  == No 'Intended status' indicated for this document; assuming Proposed
     Standard


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The abstract seems to contain references ([2], [1]), which it shouldn't.
      Please replace those with straight textual mentions of the documents in
     question.

  == There are 6 instances of lines with non-RFC2606-compliant FQDNs in the
     document.


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
     match the current year

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (October 20, 2003) is 7491 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Missing Reference: 'WebDAV' is mentioned on line 1801, but not defined

  ** Obsolete normative reference: RFC 2396 (Obsoleted by RFC 3986)

  ** Obsolete normative reference: RFC 2518 (Obsoleted by RFC 4918)

  ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231,
     RFC 7232, RFC 7233, RFC 7234, RFC 7235)

  -- Possible downref: Non-RFC (?) normative reference: ref. 'XML'

  -- Possible downref: Non-RFC (?) normative reference: ref. '1'

  -- Possible downref: Non-RFC (?) normative reference: ref. '2'

  -- Possible downref: Non-RFC (?) normative reference: ref. '3'

  -- Possible downref: Non-RFC (?) normative reference: ref. '4'

  -- Possible downref: Non-RFC (?) normative reference: ref. '5'

  -- Possible downref: Non-RFC (?) normative reference: ref. '6'

  -- Possible downref: Non-RFC (?) normative reference: ref. '7'

  -- Possible downref: Non-RFC (?) normative reference: ref. '8'

  -- Possible downref: Non-RFC (?) normative reference: ref. '9'

  -- Possible downref: Non-RFC (?) normative reference: ref. '10'

  -- Possible downref: Non-RFC (?) normative reference: ref. '11'

  -- Possible downref: Non-RFC (?) normative reference: ref. '12'

  -- Possible downref: Non-RFC (?) normative reference: ref. '13'

  -- Possible downref: Non-RFC (?) normative reference: ref. '14'

  -- Possible downref: Non-RFC (?) normative reference: ref. '15'

  -- Possible downref: Non-RFC (?) normative reference: ref. '16'

  -- Possible downref: Non-RFC (?) normative reference: ref. '17'

  -- Possible downref: Non-RFC (?) normative reference: ref. '18'

  -- Possible downref: Non-RFC (?) normative reference: ref. '19'

  -- Possible downref: Non-RFC (?) normative reference: ref. '20'

  -- Possible downref: Non-RFC (?) normative reference: ref. '21'

  -- Possible downref: Non-RFC (?) normative reference: ref. '22'

  -- Possible downref: Non-RFC (?) normative reference: ref. '23'

  -- Possible downref: Non-RFC (?) normative reference: ref. '24'

  -- Possible downref: Non-RFC (?) normative reference: ref. '25'

  -- Possible downref: Non-RFC (?) normative reference: ref. '26'

  -- Possible downref: Non-RFC (?) normative reference: ref. '27'

  -- Possible downref: Non-RFC (?) normative reference: ref. '28'

  -- Possible downref: Non-RFC (?) normative reference: ref. '29'

  -- Possible downref: Non-RFC (?) normative reference: ref. '30'


     Summary: 5 errors (**), 0 flaws (~~), 4 warnings (==), 33 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	WEBDAV Working Group                                        J. Whitehead
3	Internet-Draft                                           U.C. Santa Cruz
4	Expires: April 19, 2004                                         G. Clemm
5	                                                                     IBM
6	                                                         J. Reschke, Ed.
7	                                                              greenbytes
8	                                                        October 20, 2003

10	                  WebDAV Redirect Reference Resources
11	               draft-ietf-webdav-redirectref-protocol-06

13	Status of this Memo

15	   This document is an Internet-Draft and is in full conformance with
16	   all provisions of Section 10 of RFC2026.

18	   Internet-Drafts are working documents of the Internet Engineering
19	   Task Force (IETF), its areas, and its working groups. Note that other
20	   groups may also distribute working documents as Internet-Drafts.

22	   Internet-Drafts are draft documents valid for a maximum of six months
23	   and may be updated, replaced, or obsoleted by other documents at any
24	   time. It is inappropriate to use Internet-Drafts as reference
25	   material or to cite them other than as "work in progress."

27	   The list of current Internet-Drafts can be accessed at http://
28	   www.ietf.org/ietf/1id-abstracts.txt.

30	   The list of Internet-Draft Shadow Directories can be accessed at
31	   http://www.ietf.org/shadow.html.

33	   This Internet-Draft will expire on April 19, 2004.

35	Copyright Notice

37	   Copyright (C) The Internet Society (2003). All Rights Reserved.

39	Abstract

41	   This specification defines redirect reference resources.  A redirect
42	   reference resource is a resource whose default response is an HTTP/
43	   1.1 302 (Found) status code, redirecting the client to a different
44	   resource, the target resource.  A redirect reference makes it
45	   possible to access the target resource indirectly, through any URI
46	   mapped to the redirect reference resource.  There are no integrity
47	   guarantees associated with redirect reference resources.

49	   Distribution of this document is unlimited. Please send comments to
50	   the Distributed Authoring and Versioning (WebDAV) working group at
51	   w3c-dist-auth@w3.org [1], which may be joined by sending a message
52	   with subject "subscribe" to w3c-dist-auth-request@w3.org [2].

54	   Discussions of the WEBDAV working group are archived at URL: http://
55	   lists.w3.org/Archives/Public/w3c-dist-auth/.

57	Table of Contents

59	   1.   Introduction . . . . . . . . . . . . . . . . . . . . . . . .   5
60	   2.   Notational Conventions . . . . . . . . . . . . . . . . . . .   7
61	   3.   Terminology  . . . . . . . . . . . . . . . . . . . . . . . .   8
62	   4.   Overview of Redirect Reference Resources . . . . . . . . . .   9
63	   5.   Creating a Redirect Reference Resource . . . . . . . . . . .  10
64	   5.1  MKRESOURCE . . . . . . . . . . . . . . . . . . . . . . . . .  10
65	   5.2  Example: Creating a Redirect Reference Resource with
66	        MKRESOURCE . . . . . . . . . . . . . . . . . . . . . . . . .  11
67	   6.   Operations on Redirect Reference Resources . . . . . . . . .  13
68	   7.   Operations on Collections That Contain Redirect Reference
69	        Resources  . . . . . . . . . . . . . . . . . . . . . . . . .  14
70	   7.1  MOVE and DELETE on Collections That Contain Redirect
71	        References . . . . . . . . . . . . . . . . . . . . . . . . .  14
72	   7.2  LOCK on a Collection That Contains Redirect References . . .  14
73	   7.3  Example: PROPFIND on a Collection with Redirect Reference
74	        Resources  . . . . . . . . . . . . . . . . . . . . . . . . .  15
75	   7.4  Example: PROPFIND with Apply-To-Redirect-Ref on a
76	        Collection with Redirect Reference Resources . . . . . . . .  16
77	   7.5  Example: COPY on a Collection That Contains a Redirect
78	        Reference Resource . . . . . . . . . . . . . . . . . . . . .  18
79	   7.6  Example: LOCK on a Collection That Contains a Redirect
80	        Reference Resource . . . . . . . . . . . . . . . . . . . . .  19
81	   8.   Operations on Targets of Redirect Reference Resources  . . .  22
82	   9.   Relative URIs in DAV:reftarget . . . . . . . . . . . . . . .  23
83	   9.1  Example: Resolving a Relative URI in a Multi-Status
84	        Response . . . . . . . . . . . . . . . . . . . . . . . . . .  23
85	   10.  Redirect References to Collections . . . . . . . . . . . . .  25
86	   11.  Headers  . . . . . . . . . . . . . . . . . . . . . . . . . .  27
87	   11.1 Redirect-Ref Response Header . . . . . . . . . . . . . . . .  27
88	   11.2 Apply-To-Redirect-Ref Request Header . . . . . . . . . . . .  27
89	   12.  Properties . . . . . . . . . . . . . . . . . . . . . . . . .  28
90	   12.1 reftarget Property . . . . . . . . . . . . . . . . . . . . .  28
91	   12.2 location Pseudo-Property . . . . . . . . . . . . . . . . . .  28
92	   13.  XML Elements . . . . . . . . . . . . . . . . . . . . . . . .  29
93	   13.1 redirectref XML Element  . . . . . . . . . . . . . . . . . .  29
94	   14.  Extensions to the DAV:response XML Element for
95	        Multi-Status Responses . . . . . . . . . . . . . . . . . . .  30
96	   15.  Capability Discovery . . . . . . . . . . . . . . . . . . . .  31
97	   15.1 Example: Discovery of Support for Redirect Reference
98	        Resources  . . . . . . . . . . . . . . . . . . . . . . . . .  31
99	   16.  Security Considerations  . . . . . . . . . . . . . . . . . .  32
100	   16.1 Privacy Concerns . . . . . . . . . . . . . . . . . . . . . .  32
101	   16.2 Redirect Loops . . . . . . . . . . . . . . . . . . . . . . .  32
102	   16.3 Redirect Reference Resources and Denial of Service . . . . .  32
103	   16.4 Revealing Private Locations  . . . . . . . . . . . . . . . .  32
104	   17.  Internationalization Considerations  . . . . . . . . . . . .  34
105	   18.  IANA Considerations  . . . . . . . . . . . . . . . . . . . .  35
106	   19.  Contributors . . . . . . . . . . . . . . . . . . . . . . . .  36
107	   20.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . .  37
108	        Normative References . . . . . . . . . . . . . . . . . . . .  38
109	        Authors' Addresses . . . . . . . . . . . . . . . . . . . . .  38
110	   A.   Changes to the WebDAV Document Type Definition . . . . . . .  40
111	   B.   Change Log (to be removed by RFC Editor before
112	        publication) . . . . . . . . . . . . . . . . . . . . . . . .  41
113	   B.1  Since draft-ietf-webdav-redirectref-protocol-02  . . . . . .  41
114	   B.2  Since draft-ietf-webdav-redirectref-protocol-03  . . . . . .  41
115	   B.3  Since draft-ietf-webdav-redirectref-protocol-04  . . . . . .  41
116	   B.4  Since draft-ietf-webdav-redirectref-protocol-05  . . . . . .  41
117	   C.   Resolved issues (to be removed by RFC Editor before
118	        publication) . . . . . . . . . . . . . . . . . . . . . . . .  42
119	   C.1  lc-60-ex . . . . . . . . . . . . . . . . . . . . . . . . . .  42
120	   C.2  lc-06-reftarget-relative . . . . . . . . . . . . . . . . . .  42
121	   C.3  lc-71-relative . . . . . . . . . . . . . . . . . . . . . . .  42
122	   C.4  9-MKRESOURCE-vs-relative-URI . . . . . . . . . . . . . . . .  43
123	   C.5  lc-72-trailingslash  . . . . . . . . . . . . . . . . . . . .  43
124	   C.6  lc-50-blindredirect  . . . . . . . . . . . . . . . . . . . .  43
125	   C.7  lc-74-terminology  . . . . . . . . . . . . . . . . . . . . .  44
126	   C.8  11.2-apply-to-redirect-ref-syntax  . . . . . . . . . . . . .  44
127	   C.9  15.1-options-response  . . . . . . . . . . . . . . . . . . .  44
128	   C.10 lc-79-accesscontrol  . . . . . . . . . . . . . . . . . . . .  44
129	   D.   Open issues (to be removed by RFC Editor before
130	        publication) . . . . . . . . . . . . . . . . . . . . . . . .  46
131	   D.1  lc-85-301  . . . . . . . . . . . . . . . . . . . . . . . . .  46
132	   D.2  lc-38-not-hierarchical . . . . . . . . . . . . . . . . . . .  46
133	   D.3  lc-36-server . . . . . . . . . . . . . . . . . . . . . . . .  46
134	   D.4  lc-33-forwarding . . . . . . . . . . . . . . . . . . . . . .  47
135	   D.5  lc-37-integrity  . . . . . . . . . . . . . . . . . . . . . .  47
136	   D.6  3-terminology-redirectref  . . . . . . . . . . . . . . . . .  47
137	   D.7  lc-19-direct-ref . . . . . . . . . . . . . . . . . . . . . .  47
138	   D.8  lc-41-no-webdav  . . . . . . . . . . . . . . . . . . . . . .  48
139	   D.9  lc-58-update . . . . . . . . . . . . . . . . . . . . . . . .  48
140	   D.10 lc-24-properties . . . . . . . . . . . . . . . . . . . . . .  48
141	   D.11 rfc2606-compliance . . . . . . . . . . . . . . . . . . . . .  49
142	   D.12 lc-48-s6 . . . . . . . . . . . . . . . . . . . . . . . . . .  49
143	   D.13 lc-28-lang . . . . . . . . . . . . . . . . . . . . . . . . .  49
144	   D.14 lc-29-lang . . . . . . . . . . . . . . . . . . . . . . . . .  49
145	   D.15 lc-44-pseudo . . . . . . . . . . . . . . . . . . . . . . . .  50
146	   D.16 lc-61-pseudo . . . . . . . . . . . . . . . . . . . . . . . .  50
147	   D.17 lc-62-oldclient  . . . . . . . . . . . . . . . . . . . . . .  50
148	   D.18 lc-63-move . . . . . . . . . . . . . . . . . . . . . . . . .  51
149	   D.19 lc-57-noautoupdate . . . . . . . . . . . . . . . . . . . . .  51
150	   D.20 lc-53-s10  . . . . . . . . . . . . . . . . . . . . . . . . .  51
151	   D.21 12.1-property-name . . . . . . . . . . . . . . . . . . . . .  52
152	   D.22 lc-76-location . . . . . . . . . . . . . . . . . . . . . . .  52
153	   D.23 lc-80-i18n . . . . . . . . . . . . . . . . . . . . . . . . .  52
154	   D.24 lc-55-iana . . . . . . . . . . . . . . . . . . . . . . . . .  52
155	        Intellectual Property and Copyright Statements . . . . . . .  53

157	1. Introduction

159	   This is one of a pair of specifications that extend the WebDAV
160	   Distributed Authoring Protocol to enable clients to create new access
161	   paths to existing resources.  This capability is useful for several
162	   reasons:

164	   URIs of WebDAV-compliant resources are hierarchical and correspond to
165	   a hierarchy of collections in resource space.  The WebDAV Distributed
166	   Authoring Protocol makes it possible to organize these resources into
167	   hierarchies, placing them into groupings, known as collections, which
168	   are more easily browsed and manipulated than a single flat
169	   collection. However, hierarchies require categorization decisions
170	   that locate resources at a single location in the hierarchy, a
171	   drawback when a resource has multiple valid categories. For example,
172	   in a hierarchy of vehicle descriptions containing collections for
173	   cars and boats, a description of a combination car/boat vehicle could
174	   belong in either collection. Ideally, the description should be
175	   accessible from both. Allowing clients to create new URIs that access
176	   the existing resource lets them put that resource into multiple
177	   collections.

179	   Hierarchies also make resource sharing more difficult, since
180	   resources that have utility across many collections are still forced
181	   into a single collection. For example, the mathematics department at
182	   one university might create a collection of information on fractals
183	   that contains bindings to some local resources, but also provides
184	   access to some resources at other universities.  For many reasons, it
185	   may be undesirable to make physical copies of the shared resources on
186	   the local server: to conserve disk space, to respect copyright
187	   constraints, or to make any changes in the shared resources visible
188	   automatically. Being able to create new access paths to existing
189	   resources in other collections or even on other servers is useful for
190	   this sort of case.

192	   The redirect reference resources defined here provide a mechanism for
193	   creating alternative access paths to existing resources.  A redirect
194	   reference resource is a resource in one collection whose purpose is
195	   to forward requests to another resource (its target), possibly in a
196	   different collection.  In this way, it allows clients to submit
197	   requests to the target resource from another collection.  It
198	   redirects most requests to the target resource using the HTTP 302
199	   (Found) status code, thereby providing a form of mediated access to
200	   the target resource.

202	   A redirect reference is a resource with properties but no body of its
203	   own.  Properties of a redirect reference resource can contain such
204	   information as who created the reference, when, and why. Since
205	   redirect reference resources are implemented using HTTP 302
206	   responses, it generally takes two round trips to submit a request to
207	   the intended resource.  Servers are not required to enforce the
208	   integrity of redirect references.  Redirect references work equally
209	   well for local resources and for resources that reside on a different
210	   server from the reference.

212	   The remainder of this document is structured as follows: Section 3
213	   defines terms that will be used throughout the specification.
214	   Section 4 provides an overview of redirect reference resources.
215	   Section 5 discusses how to create a redirect reference resource.
216	   Section 6 defines the semantics of existing methods when applied to
217	   redirect reference resources, and Section 7 discusses their semantics
218	   when applied to collections that contain redirect reference
219	   resources. Sections 8 through 10 discuss several other issues raised
220	   by the existence of redirect reference resources.  Sections 11
221	   through 14 define the new headers, properties, and XML elements
222	   required to support redirect reference resources.  Section 15
223	   discusses capability discovery.  Sections 16 through 18 present the
224	   security, internationalization, and IANA concerns raised by this
225	   specification. The remaining sections provide a variety of supporting
226	   information.

228	2. Notational Conventions

230	   Since this document describes a set of extensions to the WebDAV
231	   Distributed Authoring Protocol [RFC2518], itself an extension to the
232	   HTTP/1.1 protocol, the augmented BNF used here to describe protocol
233	   elements is exactly the same as described in Section 2.1 of
234	   [RFC2616]. Since this augmented BNF uses the basic production rules
235	   provided in Section 2.2 of [RFC2616], these rules apply to this
236	   document as well.

238	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
239	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
240	   document are to be interpreted as described in [RFC2119].

242	3. Terminology

244	   The terminology used here follows and extends that in the WebDAV
245	   Distributed Authoring Protocol specification [RFC2518]. Definitions
246	   of the terms resource, Uniform Resource Identifier (URI), and Uniform
247	   Resource Locator (URL) are provided in [RFC2396].

249	   Redirect Reference Resource

251	      A resource created to redirect all requests made to it, using 302
252	      (Found), to a defined target resource.

254	   Non-Reference Resource

256	      A resource that is not a reference to another resource.

258	   Target Resource

260	      The resource to which requests are forwarded by a reference
261	      resource. A target resource can be anything that can be identified
262	      by an absolute URI (see [RFC2396], "absoluteURI").

264	4. Overview of Redirect Reference Resources

266	   For all operations submitted to a redirect reference resource, the
267	   default response is a 302 (Found), accompanied by the Redirect-Ref
268	   header (defined in Section 11.1 below) and the Location header set to
269	   the URI of the target resource.  With this information, the client
270	   can resubmit the request to the URI of the target resource.

272	   A redirect reference resource never automatically forwards requests
273	   to its target resource. Redirect resources bring the same benefits as
274	   links in HTML documents. They can be created and maintained without
275	   the involvement or even knowledge of their target resource. This
276	   reduces the cost of linking between resources."

278	   If the client is aware that it is operating on a redirect reference
279	   resource, it can resolve the reference by retrieving the reference
280	   resource's DAV:reftarget property (defined in Section 12.1 below),
281	   whose value contains the URI of the target resource.  It can then
282	   submit requests to the target resource.

284	   A redirect reference resource is a new type of resource. To
285	   distinguish redirect reference resources from non-reference
286	   resources, a new value of the DAV:resourcetype property (defined in
287	   [RFC2518]), DAV:redirectref, is defined in Section 13.1 below.

289	   Since a redirect reference resource is a resource, methods can be
290	   applied to the reference resource as well as to its target resource.
291	   The Apply-To-Redirect-Ref request header (defined in Section 11.2
292	   below) is provided so that referencing-aware clients can control
293	   whether an operation is applied to the redirect reference resource or
294	   to its target resource.  The Apply-To-Redirect-Ref header can be used
295	   with most requests to redirect reference resources.  This header is
296	   particularly useful with PROPFIND, to retrieve the reference
297	   resource's own properties.

299	5. Creating a Redirect Reference Resource

301	   The new MKRESOURCE method is used to create new redirect reference
302	   resources.  In order to create a redirect reference resource using
303	   MKRESOURCE, the values of two properties must be set in the body of
304	   the MKRESOURCE request.  The value of DAV:resourcetype MUST be set to
305	   DAV:redirectref, a new value of DAV:resourcetype defined in Section
306	   13.1. The value of DAV:reftarget MUST be set to the URI of the target
307	   resource.

309	   Used in this way, the MKRESOURCE method creates a redirect reference
310	   resource whose target is identified by the DAV:reftarget property.

312	5.1 MKRESOURCE

314	   The MKRESOURCE method requests the creation of a redirect reference
315	   resource and initialization of its properties in one atomic
316	   operation.

318	   Preconditions:

320	      A resource MUST NOT exist at the Request-URI.

322	   Request Marshalling:

324	      The location of the new resource to be created is specified by the
325	      Request-URI.

327	      The request body of the MKRESOURCE method MUST consist of the
328	      DAV:propertyupdate XML element defined in Section 12.13 of
329	      [RFC2518], specifying a DAV:resourcetype of "DAV:redirectref".

331	   Postconditions:

333	      If the response status code is 201, a new resource exists at the
334	      Request-URI.

336	      The properties of the new resource are as specified by the
337	      DAV:propertyupdate request body, using PROPPATCH semantics.

339	      If the response status code is not 201, then a new resource is not
340	      created at the Request-URI, and any existing resource at the
341	      Request-URI is unaffected.

343	   Response Marshalling:

345	      Responses from a MKRESOURCE request MUST NOT be cached, as
346	      MKRESOURCE has non-idempotent semantics.

348	      The following status codes can be expected in responses to
349	      MKRESOURCE:

351	      201 (Created): The new resource was successfully created.

353	      403 (Forbidden): The server does not allow the creation of the
354	      requested resource type at the requested location, or the parent
355	      collection of the Request-URI exists but cannot accept members.

357	      409 (Conflict): A resource cannot be created at the Request-URI
358	      because the parent collection for the resource does not exist, or
359	      because there is already a resource at that request-URL.

361	      423 (Locked): The Request-URI is locked, and the lock token was
362	      not passed with the request.

364	      507 (Insufficient Storage): The server does not have sufficient
365	      space to record the state of the resource.

367	5.2 Example: Creating a Redirect Reference Resource with MKRESOURCE

369	   >> Request:

371	   MKRESOURCE /~whitehead/dav/spec08.ref HTTP/1.1
372	   Host: www.ics.uci.edu
373	   Content-Type: text/xml; charset="utf-8"
374	   Content-Length: xxx

376	   <?xml version="1.0" encoding="utf-8" ?>
377	   <D:propertyupdate xmlns:D="DAV:">
378	     <D:set>
379	       <D:prop>
380	         <D:resourcetype><D:redirectref/></D:resourcetype>
381	         <D:reftarget>
382	           <D:href>/i-d/draft-webdav-protocol-08.txt</D:href>
383	         </D:reftarget>
384	       </D:prop>
385	     </D:set>
386	   </D:propertyupdate>

388	   >> Response:

390	   HTTP/1.1 201 Created

392	   This request resulted in the creation of a new redirect reference
393	   resource at www.ics.uci.edu/~whitehead/dav/spec08.ref, which points
394	   to the resource identified by the DAV:reftarget property. In this
395	   example, the target resource is identified by the URI http://
396	   www.ics.uci.edu/i-d/draft-webdav-protocol-08.txt. The redirect
397	   reference resource's DAV:resourcetype property is set to
398	   DAV:redirectref.

400	6. Operations on Redirect Reference Resources

402	   Although non-referencing-aware clients cannot create reference
403	   resources, they should be able to submit requests through the
404	   reference resources created by reference-aware WebDAV clients.  They
405	   should be able to follow any references to their targets.  To make
406	   this possible, a server that receives any request made via a redirect
407	   reference resource MUST return a 302 (Found) status code, unless the
408	   request includes an Apply-To-Redirect-Ref header specifying "T". The
409	   client and server MUST follow [RFC2616] Section 10.3.3 "302 Found",
410	   but with these additional rules:

412	   o  The Location response header MUST contain an absolute URI that
413	      identifies the target of the reference resource.

415	   o  The response MUST include the Redirect-Ref header.  This header
416	      allows reference-aware WebDAV clients to recognize the resource as
417	      a reference resource and understand the reason for the
418	      redirection.

420	   A reference-aware WebDAV client can act on this response in one of
421	   two ways.  It can, like a non-referencing client, resubmit the
422	   request to the URI in the Location header in order to operate on the
423	   target resource.  Alternatively, it can resubmit the request to the
424	   URI of the redirect reference resource with the
425	   "Apply-To-Redirect-Ref: T" header in order to operate on the
426	   reference resource itself. In this case, the request MUST be applied
427	   to the reference resource itself, and a 302 response MUST NOT be
428	   returned.

430	   A reference-aware client may know before submitting its request that
431	   the Request-URI identifies a redirect reference resource. In this
432	   case, if the client wants to apply the method to the reference
433	   resource, it can save the round trip caused by the 302 response by
434	   using an Apply-To-Redirect-Ref header in its initial request to the
435	   URI.

437	   As redirect references do not have bodies, GET and PUT requests with
438	   "Apply-To-Redirect-Ref: T" MUST fail with status 403 (forbidden).

440	7. Operations on Collections That Contain Redirect Reference Resources

442	   Consistent with the rules in Section 6, the response for each
443	   redirect reference encountered while processing a collection MUST be
444	   a 302 (Found) unless a "Apply-To-Redirect-Ref: T" header is included
445	   with the request.  The overall response will therefore be a 207
446	   (Multi-Status). Since a Location header and Redirect-Ref header
447	   cannot be returned for each redirect reference encountered, the same
448	   information is provided using properties in the response elements for
449	   those resources.  The DAV:location pseudo-property and the
450	   DAV:resourcetype property MUST be included with the 302 status code.
451	   This necessitates an extension to the syntax of the DAV:response
452	   element that was defined in [RFC2518]. The extension is defined in
453	   Section 14 below.

455	   It is recommended that future editors of [RFC2518] define the
456	   DAV:location pseudo-property in [RFC2518], so that non-referencing
457	   clients will also be able to use the response to operate on the
458	   target resource.  (This will also enable clients to operate on
459	   traditional HTTP/1.1 302 responses in Multi-Status responses.) Until
460	   then, non-referencing clients will not be able to process 302
461	   responses from redirect reference resources encountered while
462	   processing a collection.

464	   The Apply-To-Redirect-Ref header (defined in Section 11.2) MAY be
465	   used with any request on a collection.  If present, it will be
466	   applied to all redirect reference resources encountered while
467	   processing the collection.

469	7.1 MOVE and DELETE on Collections That Contain Redirect References

471	   DELETE removes the binding that corresponds to the Request-URI.  MOVE
472	   removes that binding and creates a new binding to the same resource.
473	   In cases where DELETE and MOVE are applied to a collection, these
474	   operations affect all the descendents of the collection, but they do
475	   so indirectly.  There is no need to visit each descendent in order to
476	   process the request.  Consequently, even if there are redirect
477	   reference resources in a tree that is being deleted or moved, there
478	   will be no 302 responses from the redirect reference resources.

480	7.2 LOCK on a Collection That Contains Redirect References

482	   LOCK poses special problems because it is atomic. An attempt to lock
483	   (with Depth: infinity) a collection that contains redirect references
484	   will always fail.  The Multi-Status response will contain a 302
485	   response for each redirect reference.

487	   Reference-aware clients can lock the collection by using
488	   Apply-To-Redirect-Ref, and, if desired, lock the targets of the
489	   redirect references individually.

491	   Non-referencing clients must resort to locking each resource
492	   individually.

494	7.3 Example: PROPFIND on a Collection with Redirect Reference Resources

496	   Suppose a PROPFIND request with Depth: infinity is submitted to the
497	   following collection, with the members shown here:

499	   http://www.svr.com/MyCollection/
500	        (non-reference resource) diary.html
501	        (redirect reference resource) nunavut

503	   >> Request:

505	   PROPFIND /MyCollection/ HTTP/1.1
506	   Host: www.svr.com
507	   Depth: infinity
508	   Content-Type: text/xml
509	   Content-Length: xxxx

511	   <?xml version="1.0" ?>
512	   <D:propfind xmlns:D="DAV: ">
513	     <D:prop xmlns:J="http://www.svr.com/jsprops/">
514	       <D:resourcetype/>
515	       <J:keywords/>
516	     </D:prop>
517	   </D:propfind>

519	   >> Response:

521	   HTTP/1.1 207 Multi-Status
522	   Content-Type: text/xml
523	   Content-Length: xxxx

525	   <?xml version="1.0" ?>
526	   <D:multistatus xmlns:D="DAV:" xmlns:J="http://www.svr.com/jsprops/">
527	     <D:response>
528	       <D:href>http://www.svr.com/MyCollection/</D:href>
529	       <D:propstat>
530	         <D:prop>
531	           <D:resourcetype><D:collection/></D:resourcetype>
532	           <J:keywords>diary, interests, hobbies</J:keywords>
533	         </D:prop>
534	         <D:status>HTTP/1.1 200 OK</D:status>
535	       </D:propstat>

537	     </D:response>
538	     <D:response>
539	       <D:href>http://www.svr.com/MyCollection/diary.html</D:href>
540	       <D:propstat>
541	         <D:prop>
542	           <D:resourcetype/>
543	           <J:keywords>diary, travel, family, history</J:keywords>
544	         </D:prop>
545	         <D:status>HTTP/1.1 200 OK</D:status>
546	       </D:propstat>
547	     </D:response>
548	     <D:response>
549	       <D:href>http://www.svr.com/MyCollection/nunavut</D:href>
550	       <D:status>HTTP/1.1 302 Found</D:status>
551	       <D:prop>
552	         <D:location>
553	           <D:href>http://www.inac.gc.ca/art/inuit/</D:href>
554	         </D:location>
555	         <D:resourcetype><D:redirectref/></D:resourcetype>
556	       </D:prop>
557	     </D:response>
558	   </D:multistatus>

560	   In this example the Depth header is set to infinity, and the
561	   Apply-To-Redirect-Ref header is not used.  The collection contains
562	   one URI that identifies a redirect reference resource.  The response
563	   element for the redirect reference resource has a status of 302
564	   (Found), and includes a DAV:prop element with the DAV:location
565	   pseudo-property and the DAV:resourcetype property to allow clients to
566	   retrieve the properties of its target resource.  (The response
567	   element for the redirect reference resource does not include the
568	   requested properties.  The client can submit another PROPFIND request
569	   to the URI in the DAV:location pseudo-property to retrieve those
570	   properties.)

572	7.4 Example: PROPFIND with Apply-To-Redirect-Ref on a Collection with
573	    Redirect Reference Resources

575	   Suppose a PROPFIND request with "Apply-To-Redirect-Ref: T" and Depth:
576	   infinity is submitted to the following collection, with the members
577	   shown here:

579	   /MyCollection/
580	        (non-reference resource) diary.html
581	        (redirect reference resource) nunavut

583	   >> Request:

585	   PROPFIND /MyCollection/ HTTP/1.1
586	   Host: example.com
587	   Depth: infinity
588	   Apply-To-Redirect-Ref: T
589	   Content-Type: text/xml
590	   Content-Length: xxxx

592	   <?xml version="1.0" ?>
593	   <D:propfind xmlns:D="DAV:">
594	     <D:prop>
595	       <D:resourcetype/>
596	       <D:reftarget/>
597	     </D:prop>
598	   </D:propfind>

600	   >> Response:

602	   HTTP/1.1 207 Multi-Status
603	   Content-Type: text/xml
604	   Content-Length: xxxx

606	   <?xml version="1.0" ?>
607	   <D:multistatus xmlns:D="DAV:">
608	     <D:response>
609	       <D:href>/MyCollection/</D:href>
610	       <D:propstat>
611	         <D:prop>
612	           <D:resourcetype><D:collection/></D:resourcetype>
613	         </D:prop>
614	         <D:status>HTTP/1.1 200 OK</D:status>
615	       </D:propstat>
616	       <D:propstat>
617	         <D:prop><D:reftarget/></D:prop>
618	         <D:status>HTTP/1.1 404 Not Found</D:status>
619	       </D:propstat>
620	     </D:response>
621	     <D:response>
622	       <D:href>/MyCollection/diary.html</D:href>
623	       <D:propstat>
624	         <D:prop>
625	           <D:resourcetype/>
626	         </D:prop>
627	         <D:status>HTTP/1.1 200 OK</D:status>
628	       </D:propstat>
629	       <D:propstat>
630	         <D:prop><D:reftarget/></D:prop>
631	         <D:status>HTTP/1.1 404 Not Found</D:status>
632	       </D:propstat>
633	     </D:response>
634	     <D:response>
635	       <D:href>/MyCollection/nunavut</D:href>
636	       <D:propstat>
637	         <D:prop>
638	           <D:resourcetype><D:redirectref/></D:resourcetype>
639	           <D:reftarget>
640	             <D:href>http://www.inac.gc.ca/art/inuit/</D:href>
641	           </D:reftarget>
642	         </D:prop>
643	       <D:status>HTTP/1.1 200 OK</D:status>
644	       </D:propstat>
645	     </D:response>
646	   </D:multistatus>

648	   Since the "Apply-To-Redirect-Ref: T" header is present, the response
649	   shows the properties of the redirect reference resource in the
650	   collection rather than reporting a 302 status.

652	7.5 Example: COPY on a Collection That Contains a Redirect Reference
653	    Resource

655	   Suppose a COPY request is submitted to the following collection, with
656	   the members shown:

658	   /MyCollection/
659	        (non-reference resource) diary.html
660	        (redirect reference resource) nunavut with target
661	                                   /Someplace/nunavut.map

663	   >> Request:

665	   COPY /MyCollection/ HTTP/1.1
666	   Host: www.svr.com
667	   Depth: infinity
668	   Destination: http://www.svr.com/OtherCollection/
669	   >> Response:

671	   HTTP/1.1 207 Multi-Status
672	   Content-Type: text/xml; charset="utf-8"
673	   Content-Length: xxx

675	   <?xml version="1.0" encoding="utf-8" ?>
676	   <D:multistatus xmlns:D="DAV:">
677	     <D:response>
678	     <D:href>http://www.svr.com/MyCollection/nunavut</D:href>
679	     <D:status>HTTP/1.1 302 Found</D:status>
680	     <D:prop>
681	       <D:location>
682	         <D:href>http://www.svr.com//Someplace/nunavut.map</D:href>
683	       </D:location>
684	       <D:resourcetype><D:redirectref/></D:resourcetype>
685	     </D:prop>
686	     </D:response>
687	   </D:multistatus>

689	   In this case, since /MyCollection/nunavut is a redirect reference
690	   resource, the COPY operation was only a partial success.  The
691	   redirect reference resource was not copied, but a 302 response was
692	   returned for it.  So the resulting collection is as follows:

694	   /OtherCollection/
695	         (non-reference resource) diary.html

697	7.6 Example: LOCK on a Collection That Contains a Redirect Reference
698	    Resource

700	   Suppose a LOCK request is submitted to the following collection, with
701	   the members shown:

703	   /MyCollection/
704	        (non-reference resource) diary.html
705	        (redirect reference resource) nunavut

707	   >> Request:

709	   LOCK /MyCollection/ HTTP/1.1
710	   Host: www.svr.com
711	   Content-Type: text/xml
712	   Content-Length: nnnn
713	   Authorizaton: Digest username="jas",
714	      realm=jas@webdav.sb.aol.com, nonce=". . . ",
715	      uri="/MyCollection/tuva",
716	      response=". . . ", opaque=". . . "

718	   <?xml version="1.0" ?>
719	   <D:lockinfo xmlns:D="DAV:">
720	     <D:lockscope><D:exclusive/></D:lockscope>
721	     <D:locktype><D:write/></D:locktype>
722	     <D:owner>
723	       <D:href>http://www.svr.com/~jas/contact.html</D:href>
724	     </D:owner>
725	   </D:lockinfo>
726	   >> Response:

728	   HTTP/1.1 207 Multi-Status
729	   Content-Type: text/xml
730	   Content-Length: nnnn

732	   <?xml version="1.0" ?>
733	   <D:multistatus xmlns:D="Dav:">
734	     <D:response>
735	       <D:href>http://www.svr.com/MyCollection/</D:href>
736	       <D:propstat>
737	         <D:prop><D:lockdiscovery/></D:prop>
738	         <D:status>HTTP/1.1 424 Failed Dependency</D:status>
739	       </D:propstat>
740	     </D:response>
741	     <D:response>
742	       <D:href>http://www.svr.com/MyCollection/diary.html</D:href>
743	       <D:status>HTTP/1.1 424 Failed Dependency</D:status>
744	     </D:response>
745	     <D:response>
746	       <D:href>http://www.svr.com/MyCollection/nunavut</D:href>
747	       <D:status>HTTP/1.1 302 Found</D:status>
748	       <D:prop>
749	         <D:location>
750	           <D:href>http://www.inac.gc.ca/art/inuit/</D:href>
751	         </D:location>
752	         <D:resourcetype><D:redirectref/></D:resourcetype>
753	       </D:prop>
754	     </D:response>
755	   </D:multistatus>

757	   The server returns a 302 response code for the redirect reference
758	   resource in the collection.  Consequently, neither the collection nor
759	   any of the resources identified by its internal member URIs were
760	   locked. A referencing-aware client can submit a separate LOCK request
761	   to the URI in the DAV:location pseudo-property returned for the
762	   redirect reference resource, and can resubmit the LOCK request with
763	   the Apply-To-Redirect-Ref header to the collection.  At that point
764	   both the reference resource and its target resource will be locked
765	   (as well as the collection and all the resources identified by its
766	   other members).

768	8. Operations on Targets of Redirect Reference Resources

770	   Operations on targets of redirect reference resources have no effect
771	   on the reference resource.

773	9. Relative URIs in DAV:reftarget

775	   The URI in the href in a DAV:reftarget property MAY be a relative
776	   URI. In this case, the base URI to be used for resolving the relative
777	   URI to absolute form is the URI used in the HTTP message to identify
778	   the redirect reference resource to which the DAV:reftarget property
779	   belongs.

781	   When DAV:reftarget appears in the context of a Multi-Status response,
782	   it is in a DAV:response element that contains a single DAV:href
783	   element. The value of this DAV:href element serves as the base URI
784	   for resolving a relative URI in DAV:reftarget.  The value of DAV:href
785	   may itself be relative, in which case it must be resolved first in
786	   order to serve as the base URI for the relative URI in DAV:reftarget.
787	   If the DAV:href element is relative, its base URI is constructed from
788	   the scheme component "http", the value of the Host header in the
789	   request, and the request-URI.

791	9.1 Example: Resolving a Relative URI in a Multi-Status Response

793	   >> Request:

795	   PROPFIND /geog/ HTTP/1.1
796	   Host: example.com
797	   Apply-To-Redirect-Ref: T
798	   Depth: 1
799	   Content-Type: text/xml
800	   Content-Length: nnn

802	   <?xml version="1.0" ?>
803	   <D:propfind xmlns:D="DAV:">
804	     <D:prop>
805	       <D:resourcetype/>
806	       <D:reftarget/>
807	     </D:prop>
808	   </D:propfind>
809	   >> Response:

811	   HTTP/1.1 207 Multi-Status
812	   Content-Type: text/xml
813	   Content-Length: nnn

815	   <?xml version="1/0" ?>
816	   <D:multistatus xmlns:D="DAV:">
817	     <D:response>
818	       <D:href>/geog/</D:href>
819	       <D:propstat>
820	         <D:prop>
821	           <D:resourcetype><D:collection/></D:resourcetype>
822	         </D:prop>
823	         <D:status>HTTP/1.1 200 OK</D:status>
824	       </D:propstat>
825	       <D:propstat>
826	         <D:prop><D:reftarget/></D:prop>
827	         <D:status>HTTP/1.1 404 Not Found</D:status>
828	       </D:propstat>
829	     </D:response>
830	     <D:response>
831	       <D:href>/geog/stats.html</D:href>
832	       <D:propstat>
833	         <D:prop>
834	           <D:resourcetype><D:redirectref/></D:resourcetype>
835	           <D:reftarget>
836	             <D:href>statistics/population/1997.html</D:href>
837	           </D:reftarget>
838	         </D:prop>
839	       <D:status>HTTP/1.1 200 OK</D:status>
840	       </D:propstat>
841	     </D:response>
842	   </D:multistatus>

844	   In this example, the relative URI statistics/population/1997.html is
845	   returned as the value of reftarget for the reference resource
846	   identified by href /geog/stats.html.  The href is itself a relative
847	   URI, which resolves to http://example.com/geog/stats.html.  This is
848	   the base URI for resolving the relative URI in reftarget.  The
849	   absolute URI of reftarget is http://example.com/geog/statistics/
850	   population/1997.html.

852	10. Redirect References to Collections

854	   In a Request-URI /segment1/segment2/segment3, any of the three
855	   segments may identify a redirect reference resource.  (See [RFC2396],
856	   Section 3.3, for definitions of "path" and "segment".)  If any
857	   segment in a Request- URI identifies a redirect reference resource,
858	   the response is a 302. The value of the Location header in the 302
859	   response is as follows:

861	   The leftmost path segment of the request-URI that identifies a
862	   redirect reference resource, together with all path segments and
863	   separators to the left of it, is replaced by the value of the
864	   redirect reference resource's DAV:reftarget property (resolved to an
865	   absolute URI).  The remainder of the request-URI is concatenated to
866	   this path.

868	   Note: If the DAV:reftarget property ends with a "/" and the remainder
869	   of the Request-URI is non-empty (and therefore must begin with a "/
870	   "), the final "/" in the DAV:reftarget property is dropped before the
871	   remainder of the Request-URI is appended.

873	   Consider Request-URI /x/y/z.html.  Suppose that /x/ is a redirect
874	   reference resource whose target resource is collection /a/, which
875	   contains redirect reference resource y whose target resource is
876	   collection /b/, which contains redirect reference resource z.html
877	   whose target resource is /c/d.html.

879	   /x/y/z.html
880	       |
881	       | /x -> /a
882	       |
883	       v
884	   /a/y/z.html
885	       |
886	       | /a/y -> /b
887	       |
888	       v
889	   /b/z.html
890	       |
891	       | /b/z.html -> /c/d.html
892	       |
893	       v
894	   /c/d.html

896	   In this case the client must follow up three separate 302 responses
897	   before finally reaching the target resource.  The server responds to
898	   the initial request with a 302 with Location: /a/y/z.html, and the
899	   client resubmits the request to /a/y/z.html.  The server responds to
900	   this request with a 302 with Location: /b/z.html, and the client
901	   resubmits the request to /b/z.html.  The server responds to this
902	   request with a 302 with Location: /c/d.html, and the client resubmits
903	   the request to /c/d.html.  This final request succeeds.

905	11. Headers

907	11.1 Redirect-Ref Response Header

909	   Redirect-Ref = "Redirect-Ref:" (absoluteURI | relativeURI)
910	                  ; see sections 3 and 5 of [RFC2396]

912	   The Redirect-Ref header is used in all 302 responses from redirect
913	   reference resources. The value is the (possibly relative) URI of the
914	   link target as specified during redirect reference resource creation.

916	11.2 Apply-To-Redirect-Ref Request Header

918	   Apply-To-Redirect-Ref = "Apply-To-Redirect-Ref" ":" ("T" | "F")

920	   The optional Apply-To-Redirect-Ref header can be used on any request
921	   to a redirect reference resource.  When it is present and set to "T",
922	   the request MUST be applied to the reference resource itself, and a
923	   302 response MUST NOT be returned.

925	   If the Apply-To-Redirect-Ref header is used on a request to any other
926	   sort of resource besides a redirect reference resource, the server
927	   MUST ignore it.

929	12. Properties

931	12.1 reftarget Property

933	   Name: reftarget

935	   Namespace: DAV:

937	   Purpose: A property of redirect reference resources that provides an
938	      efficient way for clients to discover the URI of the target
939	      resource.  This is a read-only property after its initial
940	      creation. Its value can only be set in a MKRESOURCE request.

942	   Value: href containing the URI of the target resource.  This value
943	      MAY be a relative URI.  The reftarget property can occur in the
944	      entity bodies of MKRESOURCE requests and of responses to PROPFIND
945	      requests.

947	   <!ELEMENT reftarget href >

949	12.2 location Pseudo-Property

951	   Name: location

953	   Namespace: DAV:

955	   Purpose: For use with 302 (Found) response codes in Multi-Status
956	      responses.  It contains the absolute URI of the temporary location
957	      of the resource.  In the context of redirect reference resources,
958	      this value is the absolute URI of the target resource.  It is
959	      analogous to the Location header in HTTP 302 responses defined in
960	      [RFC2616] Section 10.3.3 "302 Found."  Including the location
961	      pseudo-property in a Multi-Status response requires an extension
962	      to the syntax of the DAV:response element defined in [RFC2518],
963	      which is defined in Section 14 below.  This pseudo-property is not
964	      expected to be stored on the reference resource. It is modeled as
965	      a property only so that it can be returned inside a DAV:prop
966	      element in a Multi-Status response.

968	   Value: href containing the absolute URI of the target resource.

970	   <!ELEMENT location href >

972	13. XML Elements

974	13.1 redirectref XML Element

976	   Name: redirectref

978	   Namespace: DAV:

980	   Purpose: Used as the value of the DAV:resourcetype property to
981	      specify that the resource type is a redirect reference resource.

983	   <!ELEMENT redirectref EMPTY >

985	14. Extensions to the DAV:response XML Element for Multi-Status
986	    Responses

988	   As described in Section 7, the DAV:location pseudo-property and the
989	   DAV:resourcetype property may be returned in the DAV:response element
990	   of a 207 Multi-Status response, to allow clients to resubmit their
991	   requests to the target resource of a redirect reference resource.

993	   Whenever these properties are included in a Multi-Status response,
994	   they are placed in a DAV:prop element associated with the href to
995	   which they apply.  This structure provides a framework for future
996	   extensions by other standards that may need to include additional
997	   properties in their responses.

999	   Consequently, the definition of the DAV:response XML element changes
1000	   to the following:

1002	   <!ELEMENT response (href, ((href*, status, prop?) | (propstat+)),
1003	   responsedescription?) >

1005	15. Capability Discovery

1007	   Sections 9.1 and 15 of [RFC2518] describe the use of compliance
1008	   classes with the DAV header in responses to OPTIONS, to indicate
1009	   which parts of the WebDAV Distributed Authoring protocols the
1010	   resource supports. This specification defines an OPTIONAL extension
1011	   to [RFC2518].  It defines a new compliance class, called
1012	   redirectrefs, for use with the DAV header in responses to OPTIONS
1013	   requests.  If a resource does support redirect references, its
1014	   response to an OPTIONS request may indicate that it does, by listing
1015	   the new redirectrefs compliance class in the DAV header and by
1016	   listing the MKRESOURCE method as one it supports.

1018	   When responding to an OPTIONS request, any type of resource can
1019	   include redirectrefs in the value of the DAV header.  Doing so
1020	   indicates that the server permits a redirect reference resource at
1021	   the request URI.

1023	15.1 Example: Discovery of Support for Redirect Reference Resources

1025	   >> Request:

1027	   OPTIONS /somecollection/someresource HTTP/1.1
1028	   Host: example.org

1030	   >> Response:

1032	   HTTP/1.1 200 OK
1033	   Allow: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE
1034	   Allow: MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, MKRESOURCE
1035	   DAV: 1, 2, redirectrefs

1037	   The DAV header in the response indicates that the resource /
1038	   somecollection/someresource is level 1 and level 2 compliant, as
1039	   defined in [RFC2518].  In addition, /somecollection/someresource
1040	   supports redirect reference resources.  The Allow header indicates
1041	   that MKRESOURCE requests can be submitted to /somecollection/
1042	   someresource.

1044	16. Security Considerations

1046	   This section is provided to make applications that implement this
1047	   protocol aware of the security implications of this protocol.

1049	   All of the security considerations of HTTP/1.1 and the WebDAV
1050	   Distributed Authoring Protocol specification also apply to this
1051	   protocol specification.  In addition, redirect reference resources
1052	   introduce several new security concerns and increase the risk of some
1053	   existing threats.  These issues are detailed below.

1055	16.1 Privacy Concerns

1057	   By creating redirect reference resources on a trusted server, it is
1058	   possible for a hostile agent to induce users to send private
1059	   information to a target on a different server.   This risk is
1060	   mitigated somewhat, since clients are required to notify the user of
1061	   the redirection for any request other than GET or HEAD. (See
1062	   [RFC2616], Section 10.3.3 302 Found.)

1064	16.2 Redirect Loops

1066	   Although redirect loops were already possible in HTTP 1.1, the
1067	   introduction of the MKRESOURCE method creates a new avenue for
1068	   clients to create loops accidentally or maliciously.  If the
1069	   reference resource and its target are on the same server, the server
1070	   may be able to detect MKRESOURCE requests that would create loops.
1071	   See also [RFC2616], Section 10.3 "Redirection 3xx."

1073	16.3 Redirect Reference Resources and Denial of Service

1075	   Denial of service attacks were already possible by posting URLs that
1076	   were intended for limited use at heavily used Web sites.  The
1077	   introduction of MKRESOURCE creates a new avenue for similar denial of
1078	   service attacks.  Clients can now create redirect reference resources
1079	   at heavily used sites to target locations that were not designed for
1080	   heavy usage.

1082	16.4 Revealing Private Locations

1084	   There are several ways that redirect reference resources may reveal
1085	   information about collection structures.  First, the DAV:reftarget
1086	   property of every redirect reference resource contains the URI of the
1087	   target resource.  Anyone who has access to the reference resource can
1088	   discover the collection path that leads to the target resource.   The
1089	   owner of the target resource may have wanted to limit knowledge of
1090	   this collection structure.

1092	   Sufficiently powerful access control mechanisms can control this risk
1093	   to some extent.  Property-level access control could prevent users
1094	   from examining the DAV:reftarget property.  (The Location header
1095	   returned in responses to requests on redirect reference resources
1096	   reveals the same information, however.)

1098	   This risk is no greater than the similar risk posed by HTML links.

1100	17. Internationalization Considerations

1102	   This specification follows the practices of [RFC2518] in encoding all
1103	   human-readable content using XML [XML] and in the treatment of names.
1104	   Consequently, this specification complies with the IETF Character Set
1105	   Policy [RFC2277].

1107	   WebDAV applications MUST support the character set tagging, character
1108	   set encoding, and the language tagging functionality of the XML
1109	   specification.  This constraint ensures that the human-readable
1110	   content of this specification complies with [RFC2277].

1112	   As in [RFC2518], names in this specification fall into three
1113	   categories: names of protocol elements such as methods and headers,
1114	   names of XML elements, and names of properties.  Naming of protocol
1115	   elements follows the precedent of HTTP, using English names encoded
1116	   in USASCII for methods and headers.  The names of XML elements used
1117	   in this specification are English names encoded in UTF-8.

1119	   For error reporting, [RFC2518] follows the convention of HTTP/1.1
1120	   status codes, including with each status code a short, English
1121	   description of the code (e.g., 423 Locked).  Internationalized
1122	   applications will ignore this message, and display an appropriate
1123	   message in the user's language and character set.

1125	   This specification introduces no new strings that are displayed to
1126	   users as part of normal, error-free operation of the protocol.

1128	   For rationales for these decisions and advice for application
1129	   implementors, see [RFC2518].

1131	18. IANA Considerations

1133	   All IANA considerations mentioned in [RFC2518] also apply to this
1134	   document.

1136	19. Contributors

1138	   Many thanks to Jason Crawford, Jim Davis, Chuck Fay and Judith Slein
1139	   who can take credit for big parts of the original design of this
1140	   specification.

1142	20. Acknowledgements

1144	   This document has benefited from thoughtful discussion by Jim Amsden,
1145	   Peter Carlson, Steve Carter, Tyson Chihaya, Ken Coar, Ellis Cohen,
1146	   Bruce Cragun, Spencer Dawkins, Mark Day, Rajiv Dulepet, David Durand,
1147	   Roy Fielding, Yaron Goland, Fred Hitt, Alex Hopmann, James Hunt,
1148	   Marcus Jager, Chris Kaler, Manoj Kasichainula, Rohit Khare, Daniel
1149	   LaLiberte, Steve Martin, Larry Masinter, Jeff McAffer, Joe Orton,
1150	   Surendra Koduru Reddy, Juergen Reuter, Max Rible, Sam Ruby, Bradley
1151	   Sergeant, Nick Shelness, John Stracke, John Tigue, John Turner, Kevin
1152	   Wiggen, and others.

1154	Normative References

1156	   [RFC2277]  Alvestrand, H., "IETF Policy on Character Sets and
1157	              Languages", BCP 18, RFC 2277, January 1998.

1159	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
1160	              Requirement Levels", BCP 14, RFC 2119, March 1997.

1162	   [RFC2396]  Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform
1163	              Resource Identifiers (URI): Generic Syntax", RFC 2396,
1164	              August 1998.

1166	   [RFC2518]  Goland, Y., Whitehead, E., Faizi, A., Carter, S. and D.
1167	              Jensen, "HTTP Extensions for Distributed Authoring --
1168	              WEBDAV", RFC 2518, February 1999.

1170	   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
1171	              Masinter, L., Leach, P. and T. Berners-Lee, "Hypertext
1172	              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

1174	   [XML]      Bray, T., Paoli, J., Sperberg-McQueen, C. and E. Maler,
1175	              "Extensible Markup Language (XML) 1.0 (2nd ed)", W3C
1176	              REC-xml, October 2000, <http://www.w3.org/TR/2000/
1177	              REC-xml-20001006>.

1179	   [1]   <mailto:w3c-dist-auth@w3.org>

1181	   [2]   <mailto:w3c-dist-auth-request@w3.org?subject=subscribe>

1183	   [3]   <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1184	         0316.html>

1186	   [4]   <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1187	         0222.html>

1189	   [5]   <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1190	         0316.html>

1192	   [6]   <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1193	         0316.html>

1195	   [7]   <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1196	         0300.html>

1198	   [8]   <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1199	         0316.html>

1201	   [9]   <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1202	         0359.html>

1204	   [10]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1205	         0289.html>

1207	   [11]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1208	         0285.html>

1210	   [12]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1211	         0284.html>

1213	   [13]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1214	         0288.html>

1216	   [14]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1217	         0290.html>

1219	   [15]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1220	         0266.html>

1222	   [16]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1223	         0292.html>

1225	   [17]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1226	         0308.html>

1228	   [18]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1229	         0266.html>

1231	   [19]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1232	         0298.html>

1234	   [20]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1235	         0266.html>

1237	   [21]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1238	         0266.html>

1240	   [22]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1241	         0302.html>

1243	   [23]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1244	         0316.html>

1246	   [24]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1247	         0316.html>

1249	   [25]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1250	         0316.html>

1252	   [26]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1253	         0307.html>

1255	   [27]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1256	         0304.html>

1258	   [28]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1259	         0359.html>

1261	   [29]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1262	         0359.html>

1264	   [30]  <http://lists.w3.org/Archives/Public/w3c-dist-auth/2000JanMar/
1265	         0305.html>

1267	Authors' Addresses

1269	   Jim Whitehead
1270	   UC Santa Cruz, Dept. of Computer Science
1271	   1156 High Street
1272	   Santa Cruz, CA  95064
1273	   US

1275	   EMail: ejw@cse.ucsc.edu

1277	   Geoff Clemm
1278	   IBM
1279	   20 Maguire Road
1280	   Lexington, MA  02421
1281	   US

1283	   EMail: geoffrey.clemm@us.ibm.com

1285	   Julian F. Reschke (editor)
1286	   greenbytes GmbH
1287	   Salzmannstrasse 152
1288	   Muenster, NW  48159
1289	   Germany

1291	   Phone: +49 251 2807760
1292	   Fax:   +49 251 2807761
1293	   EMail: julian.reschke@greenbytes.de
1294	   URI:   http://greenbytes.de/tech/webdav/

1296	Appendix A. Changes to the WebDAV Document Type Definition

1298	   <!-- XML Elements from Section 13 -->
1299	   <!ELEMENT redirectref EMPTY >
1300	   <!--  -->Property Elements from Section 12 -->
1301	   <!ELEMENT reftarget href>
1302	   <!ELEMENT location href>
1303	   <!-- Changes to the DAV:response Element from Section 14 -->
1304	   <!ELEMENT response (href, ((href*, status, prop?) | (propstat+)),
1305	   responsedescription?) >

1307	Appendix B. Change Log (to be removed by RFC Editor before publication)

1309	B.1 Since draft-ietf-webdav-redirectref-protocol-02

1311	   Julian Reschke takes editorial role (added to authors list). Cleanup
1312	   XML indentation. Start adding all unresolved last call issues. Update
1313	   some author's contact information. Update references, split into
1314	   "normative" and "informational". Remove non-RFC2616 headers
1315	   ("Public") from examples. Fixed width problems in artwork. Start
1316	   resolving editorial issues.

1318	B.2 Since draft-ietf-webdav-redirectref-protocol-03

1320	   Added Joe Orton and Juergen Reuter to Acknowledgements section. Close
1321	   more editorial issues. Remove dependencies on BIND spec.

1323	B.3 Since draft-ietf-webdav-redirectref-protocol-04

1325	   More editorial fixes. Clarify that MKRESOURCE can only be used to
1326	   create redirect references (switch to new method in a future draft).
1327	   Clarify that redirect references do not have bodies.

1329	B.4 Since draft-ietf-webdav-redirectref-protocol-05

1331	   Close (accept) issue "lc-79-accesscontrol". Add issue
1332	   "rfc2606-compliance". Close issues "lc-50-blindredirect",
1333	   "lc-71-relative", "lc-74-terminology". Update contact info for Geoff
1334	   Clemm. Moved some of the original authors names to new Contributors
1335	   section. Add and close issue "9-MKRESOURCE-vs-relative-URI".  Close
1336	   issue "lc-72-trailingslash".  Close issue "lc-60-ex". Update issue
1337	   "lc-85-301" with proposal. Close issue "lc-06-reftarget-relative"
1338	   (9-MKRESOURCE-vs-relative-URI was a duplicate of this one). Also
1339	   remove section 9.1 (example for MKRESOURCE vs relative URIs).  Add
1340	   and resolve issue "11.2-apply-to-redirect-ref-syntax" (header now has
1341	   values "T" and "F"). Also some cleanup for "rfc2606-compliance".
1342	   Typo fixes. Add and resolve "15.1-options-response".

1344	Appendix C. Resolved issues (to be removed by RFC Editor before
1345	            publication)

1347	   Issues that were either rejected or resolved in this version of this
1348	   document.

1350	C.1 lc-60-ex

1352	   Type: change

1354	   [3]

1356	   reuterj@ira.uka.de (2000-02-14): Section 7, para 3: Make it clear
1357	   that these are just examples of client behavior, and are not meant to
1358	   limit the client's behavior to these options.

1360	   Resolution (2003-10-13): Agreed to delete this paragraph. Continue
1361	   discussion of what information should be returned with 302 in
1362	   multistatus. Just location? Also redirectref? Update: ret gid of
1363	   pseudo-property and special response format, define new response
1364	   element instead. See ossue lc-61-pseudo.

1366	C.2 lc-06-reftarget-relative

1368	   Type: change

1370	   [4]

1372	   joe@orton.demon.co.uk (2000-01-29): Why does the spec talk about
1373	   relative URIs in DAV:reftarget in MKRESOURCE requests? Is the server
1374	   required to resolve the relative URI and store it as absolute? Is the
1375	   server required to keep DAV:reftarget pointing to the target resource
1376	   as the reference / target move, or is DAV:reftarget a dead property?

1378	   Resolution (2003-10-13): DAV:reftarget is readonly and present only
1379	   on redirect references that are also WebDAV resources. Add a method
1380	   for setting the target. Change definition of Redirect-Ref header so
1381	   that it has the target as its value (comes back on all 302
1382	   responses). Server MUST store the target exactly as it is set. It
1383	   MUST NOT resolve relatives to absolutes and MUST NOT update if target
1384	   resource moves. See also issue 17, 43, 50, 57

1386	C.3 lc-71-relative

1388	   Type: change

1390	   [5]
1391	   reuterj@ira.uka.de (2000-02-14): Section 9: Base URI should be the
1392	   Request-URI or href minus its final segment.

1394	   Resolution (2003-10-08): Original WG comment: Fix this. However, this
1395	   is just a misunderstanding. The process of resolving a relative URI
1396	   against a hierarchical base URI already involves removal of the last
1397	   path segment, so the draft is correct here.

1399	C.4 9-MKRESOURCE-vs-relative-URI

1401	   Type: change

1403	   julian.reschke@greenbytes.de (2003-10-08): Do not say anything about
1404	   MKRESOURCE vs relative URIs. The server is supposed to store the
1405	   relative URI, thus the issue of resolving the URI does only apply
1406	   upon retrieval, not creation.

1408	C.5 lc-72-trailingslash

1410	   Type: change

1412	   [6]

1414	   reuterj@ira.uka.de (2000-02-14): Section 10: Forbid DAV:reftarget
1415	   from ending in "/"

1417	   julian.reschke@greenbytes.de (): (last call WG response): Make the
1418	   note warn about the possibility of two slashes in a row, recommend
1419	   against ending target with a slash, since that could result in two
1420	   slashes in a row.

1422	   Resolution (2003-10-09): It seems that the rule in the 3rd paragraph
1423	   already explains how to deal with this situation. No change.

1425	C.6 lc-50-blindredirect

1427	   Type: change

1429	   [7]

1431	   yarong@Exchange.Microsoft.com (2000-02-11): Replace current language
1432	   explaining the purpose of the Redirect-Ref header with language that
1433	   simply states that it marks blind 302 responses from redirect
1434	   resources. (Section 6.3, 11.1)

1436	   Resolution (2003-10-02): Section 6.3 was removed in response to issue
1437	   48. In 11.1, change the definition of the Redirect-Ref header to have
1438	   the value of the target (relative URI) as its value. Then we don't
1439	   need a method for retrieving the target's relative URI. Presence of
1440	   the Redirect-Ref header lets the client know that the resource
1441	   accepts Apply-To-RR header and the new method for updating target.
1442	   Reject Yaron's suggested language, but make the above changes.

1444	C.7 lc-74-terminology

1446	   Type: change

1448	   [8]

1450	   reuterj@ira.uka.de (2000-02-14): "plain HTTP/1.1 redirect" - find
1451	   some good name for this an use it consistently

1453	   Resolution (2003-10-02): Remove the whole sentence.

1455	C.8 11.2-apply-to-redirect-ref-syntax

1457	   Type: change

1459	   julian.reschke@greenbytes.de (2003-10-17): Many toolkits have
1460	   problems sending empty HTTP headers (optimizing them away).

1462	   Resolution (2003-10-17): Define values "T" and "F" (similar to WevDAV
1463	   Overwrite header). This will also allow clients to express that they
1464	   are aware of redirect extensions without also having to apply the
1465	   request to the reference resource.

1467	C.9 15.1-options-response

1469	   Type: change

1471	   julian.reschke@greenbytes.de (2003-10-20): Fix OPTIONS response
1472	   ("Public" header mentioned, "Allow" header value line break). Remove
1473	   irrelevant response headers.

1475	   Resolution (2003-10-20): Fix.

1477	C.10 lc-79-accesscontrol

1479	   Type: change

1481	   [9]

1483	   reuterj@ira.uka.de (2000-02-22): Section 16.4: "In some environments,
1484	   the owner of a resource might be able to use access control to
1485	   prevent others from creating references to that resource." That would
1486	   not be consistent with the concept of redirect references as weak
1487	   links (e.g. think of moving a resource to a different locationo that
1488	   is already the target of some redirection reference.

1490	   Resolution (2003-10-02): Remove the statement.

1492	Appendix D. Open issues (to be removed by RFC Editor before publication)

1494	D.1 lc-85-301

1496	   Type: change

1498	   ejw@cse.ucsc.edu (2000-01-03): Support creation of other than 302
1499	   redirects, especially 301.

1501	   julian.reschke@greenbytes.de (2003-10-13): HTTP seems to distinguish
1502	   the following use cases: (a) permanent redirect (301), (b) temporary
1503	   redirect (302 or 307), (c) redirect to a GET location after POST
1504	   (303) and (d) agent-driven negotiation (300). Among these, (a) and
1505	   (b) seem to be well understood, so we should support both. (c)
1506	   doesn't seem to be applicable. (d) may become interesting when user
1507	   agents start supporting it, so the spec should be flexible enough to
1508	   support a feature extension for that. For now I propose that the
1509	   client is able to specify the redirection type as a resource type,
1510	   such as "DAV:permanent-redirect-reference" and
1511	   "DAV:temporary-redirect-reference". This spec would only define the
1512	   behaviour for these two resource types and would allow future
1513	   extensions using new resource types and suggested response codes.

1515	D.2 lc-38-not-hierarchical

1517	   Type: change

1519	   [10]

1521	   yarong@Exchange.Microsoft.com (2000-02-11): Not Hierarchical: The
1522	   first sentence of the second paragraph of the introduction of the
1523	   redirect spec asserts that the URIs of WebDAV compliant resources
1524	   match to collections. The WebDAV standard makes no such requirement.
1525	   I therefore move that this sentence be stricken.

1527	   Resolution: State the more general HTTP rationale first (alternative
1528	   names for the same resource), then introduce the collection hierarchy
1529	   rationale, which applies only if you are in a WebDAV-compliant space.

1531	D.3 lc-36-server

1533	   Type: change

1535	   [11]

1537	   yarong@Exchange.Microsoft.com (2000-02-11): Servers: Replace "server"
1538	   with "unrelated system" throughout.

1540	   Resolution: Try replacing "server" with "host" in some contexts,
1541	   rephrasing in passive voice in others. See also issue 40.

1543	D.4 lc-33-forwarding

1545	   Type: change

1547	   [12]

1549	   yarong@Exchange.Microsoft.com (2000-02-11): Forwarding: Replace
1550	   "forward" with "redirect" throughout.

1552	   Resolution: Use "redirect" for the behavior redirect resources do
1553	   exhibit. Use "forward" for the contrasting behavior (passing a method
1554	   on to the target with no client action needed). Define these two
1555	   terms. See also issue 40.

1557	D.5 lc-37-integrity

1559	   Type: change

1561	   [13]

1563	   yarong@Exchange.Microsoft.com (2000-02-11): Integrity: Intro, para 7
1564	   "Servers are not required to enforce the integrity of redirect
1565	   references." Integrity is not defined. Replace with something
1566	   clearer.

1568	   Resolution: Rewrite to say that the server MUST NOT update the target
1569	   See also issue 6.

1571	D.6 3-terminology-redirectref

1573	   Type: change

1575	   [14]

1577	   julian.reschke@greenbytes.de (2003-07-27): Consider global rename of
1578	   "redirect reference resource" to "redirect resource".

1580	D.7 lc-19-direct-ref

1582	   Type: change

1584	   [15]

1586	   reuterj@ira.uka.de (2000-02-07): Section 4, para 5 and Section 6,
1587	   para 3 discussions of the Apply-to-Redirect-Ref header make it sound
1588	   as if we are specifying direct reference behavior.

1590	   Resolution: Change these passages so that the contrast is between
1591	   applying the method to the redirect reference and responding with a
1592	   302.

1594	D.8 lc-41-no-webdav

1596	   Type: change

1598	   [16]

1600	   yarong@Exchange.Microsoft.com (2000-02-11): Make redirect references
1601	   independent of the rest of WebDAV. The creation method for redirect
1602	   references shouldn't require an XML request body.

1604	   Resolution: We will make redirect references independent of the rest
1605	   of WebDAV. MKREF will not have an XML request body.

1607	D.9 lc-58-update

1609	   Type: change

1611	   [17]

1613	   yarong@Exchange.Microsoft.com (2000-02-11): There needs to be a way
1614	   to update the target of a redirect reference.

1616	   Resolution: Agreed. See also issues 6, 43.

1618	D.10 lc-24-properties

1620	   Type: change

1622	   [18]

1624	   reuterj@ira.uka.de (2000-02-07): Section 5.1: Replace the sentence
1625	   "The properties of the new resource are as specified by the
1626	   DAV:propertyupdate request body, using PROPPATCH semantics" with the
1627	   following: "The MKRESOURCE request MAY contain a DAV:propertyupdate
1628	   request body to initialize resource properties. Herein, the semantics
1629	   is the same as when sending a MKRESOURCE request without a request
1630	   body, followed by a PROPPATCH with the DAV:propertyupdate request
1631	   body."

1633	   Resolution: No longer relevant once we switch to MKREF with no
1634	   request body.

1636	D.11 rfc2606-compliance

1638	   Type: editor

1640	   julian.reschke@greenbytes.de (2003-10-02): Ensure that examples use
1641	   only sample domains as per RFC2606.

1643	D.12 lc-48-s6

1645	   Type: change

1647	   [19]

1649	   yarong@Exchange.Microsoft.com (2000-02-11): Replace all of section 6
1650	   with just this: A redirect resource, upon receiving a request without
1651	   an Apply-To-Redirect-Ref header, MUST respond with a 302 (Found)
1652	   response. The 302 (Found) response MUST include a location header
1653	   identifying the target and a Redirect-Ref header. If a redirect
1654	   resource receives a request with an Apply-To-Redirect-Ref header then
1655	   the redirect reference resource MUST apply the method to itself
1656	   rather than blindly returning a 302 (Found) response.

1658	   Resolution: Keep a summary along the lines of Yaron's proposal (don't
1659	   use the word "blindly"). Keep the bullets detailing the headers to be
1660	   returned. Delete the rest, including the examples. See also issue 28,
1661	   29, 30, 31, 32.

1663	D.13 lc-28-lang

1665	   Type: edit

1667	   [20]

1669	   reuterj@ira.uka.de (2000-02-07): Section 6: Get rid of the sentence
1670	   "A reference-aware WebDAV client can act on this response in one of
1671	   two ways." A client can act on the response in any way it wants.

1673	   Resolution: Agreed. See also issue 48.

1675	D.14 lc-29-lang

1677	   Type: edit

1679	   [21]

1681	   reuterj@ira.uka.de (2000-02-07): Section 6, para 4: Obvious, doesn't
1682	   need to be stated. Maybe note in an example.

1684	   Resolution: Agreed. See also issue 48.

1686	D.15 lc-44-pseudo

1688	   Type: change

1690	   [22]

1692	   yarong@Exchange.Microsoft.com (2000-02-11): Instead of adding an
1693	   optional prop XML element to the response element in 207 responses,
1694	   define a new location XML element and a new refresource XML element.

1696	   Resolution: Agree to define new XML elements that are not
1697	   pseudo-properties. Disagreement about whether refresource is needed.
1698	   See issue 61.

1700	D.16 lc-61-pseudo

1702	   Type: change

1704	   [23]

1706	   reuterj@ira.uka.de (2000-02-14): Section 7: It doesn't make sense to
1707	   ask future editors of RFC 2518 to define DAV:location with the
1708	   semantics it has here. RFC 2518 should provide the information in the
1709	   Location header somehow in multistatus responses, but not by using
1710	   properties.

1712	   Resolution: Define an XML element for location that is not a
1713	   pseudo-property. We'll keep the recommendation that RFC 2518 add this
1714	   for 302 responses. See also issue 44.

1716	D.17 lc-62-oldclient

1718	   Type: change

1720	   [24]

1722	   reuterj@ira.uka.de (2000-02-14): Section 7: It's too strong to claim
1723	   that non-referencing clients can't process 302 responses occurring in
1724	   Multi-Status responses. They just have an extra round trip for each
1725	   302.

1727	   Resolution: Remove last sentence of the paragraph that recommends
1728	   changes to RFC 2518.

1730	D.18 lc-63-move

1732	   Type: change

1734	   [25]

1736	   reuterj@ira.uka.de (2000-02-14): Section 7.1: Is MOVE atomic from the
1737	   perspective of a client? Agrees that there should be no 302s for
1738	   member redirect references, but finds the rationale dubious.

1740	   Resolution: Remove 7.1. Reword 7.2 to avoid concerns with "poses
1741	   special problems" and "due to atomicity".

1743	D.19 lc-57-noautoupdate

1745	   Type: change

1747	   [26]

1749	   yarong@Exchange.Microsoft.com (2000-02-11): Add language to forbid
1750	   servers from automatically updating redirect resources when their
1751	   targets move.

1753	   Resolution: Agreed. See also issue 6.

1755	D.20 lc-53-s10

1757	   Type: change

1759	   [27]

1761	   yarong@Exchange.Microsoft.com (2000-02-11): The behavior described in
1762	   this section would have a very serious impact on the efficiency of
1763	   mapping Request-URIs to resources in HTTP request processing. Also
1764	   specify another type of redirect resource that does not behave as in
1765	   section 10, but instead would "expose the behavior we see today in
1766	   various HTTP servers that allow their users to create 300 resources."
1767	   Be sure we know what behavior will be if the redirect location is not
1768	   an HTTP URL, but, say ftp.

1770	   Resolution: We won't define 2 sorts of redirect references here.
1771	   Servers SHOULD respond with 302 as described here, but if they can't
1772	   do that, respond with 404 Not Found. (It's hard to modularize the
1773	   behavior specified - it impacts processing Not Found cases of all
1774	   methods, so you can't just add it to an HTTP server in a redirect ref
1775	   module.)

1777	D.21 12.1-property-name

1779	   Type: change

1781	   julian.reschke@greenbytes.de (2003-10-06): Sync names for
1782	   DAV:reftarget property and "Redirect-Ref" response headers.

1784	D.22 lc-76-location

1786	   Type: change

1788	   [28]

1790	   reuterj@ira.uka.de (2000-02-22): 12.2: Make DAV:location a real
1791	   (live) property, get rid of the DAV:reftarget property

1793	D.23 lc-80-i18n

1795	   Type: change

1797	   [29]

1799	   reuterj@ira.uka.de (2000-02-22): Section 17: Could get rid of a lot
1800	   of this section, since this protocol extends WebDAV. Just reference
1801	   [WebDAV].

1803	   julian.reschke@greenbytes.de (2003-10-02): True, but I note that
1804	   other specs have re-stated these considerations as well. Opinions?

1806	D.24 lc-55-iana

1808	   Type: change

1810	   [30]

1812	   yarong@Exchange.Microsoft.com (2000-02-11): Expand the IANA section
1813	   to list all methods, headers, XML elements, MIME types, URL schemes,
1814	   etc., defined by the spec.

1816	   Resolution: Agreed.

1818	Intellectual Property Statement

1820	   The IETF takes no position regarding the validity or scope of any
1821	   intellectual property or other rights that might be claimed to
1822	   pertain to the implementation or use of the technology described in
1823	   this document or the extent to which any license under such rights
1824	   might or might not be available; neither does it represent that it
1825	   has made any effort to identify any such rights. Information on the
1826	   IETF's procedures with respect to rights in standards-track and
1827	   standards-related documentation can be found in BCP-11. Copies of
1828	   claims of rights made available for publication and any assurances of
1829	   licenses to be made available, or the result of an attempt made to
1830	   obtain a general license or permission for the use of such
1831	   proprietary rights by implementors or users of this specification can
1832	   be obtained from the IETF Secretariat.

1834	   The IETF invites any interested party to bring to its attention any
1835	   copyrights, patents or patent applications, or other proprietary
1836	   rights which may cover technology that may be required to practice
1837	   this standard. Please address the information to the IETF Executive
1838	   Director.

1840	Full Copyright Statement

1842	   Copyright (C) The Internet Society (2003). All Rights Reserved.

1844	   This document and translations of it may be copied and furnished to
1845	   others, and derivative works that comment on or otherwise explain it
1846	   or assist in its implementation may be prepared, copied, published
1847	   and distributed, in whole or in part, without restriction of any
1848	   kind, provided that the above copyright notice and this paragraph are
1849	   included on all such copies and derivative works. However, this
1850	   document itself may not be modified in any way, such as by removing
1851	   the copyright notice or references to the Internet Society or other
1852	   Internet organizations, except as needed for the purpose of
1853	   developing Internet standards in which case the procedures for
1854	   copyrights defined in the Internet Standards process must be
1855	   followed, or as required to translate it into languages other than
1856	   English.

1858	   The limited permissions granted above are perpetual and will not be
1859	   revoked by the Internet Society or its successors or assignees.

1861	   This document and the information contained herein is provided on an
1862	   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
1863	   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
1864	   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
1865	   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
1866	   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

1868	Acknowledgment

1870	   Funding for the RFC Editor function is currently provided by the
1871	   Internet Society.