idnits 2.17.1 draft-pot-webdav-resource-sharing-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 20, 2015) is 3175 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group E. Pot 3 Internet-Draft fruux GmbH 4 Expires: January 21, 2016 C. Daboo 5 E. York 6 Apple Inc. 7 July 20, 2015 9 WebDAV Resource Sharing 10 draft-pot-webdav-resource-sharing-02 12 Abstract 14 This specification defines an extension to WebDAV that enables the 15 sharing of resources between users on a WebDAV server. 17 Status of This Memo 19 This Internet-Draft is submitted in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF). Note that other groups may also distribute 24 working documents as Internet-Drafts. The list of current Internet- 25 Drafts is at http://datatracker.ietf.org/drafts/current/. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 This Internet-Draft will expire on January 21, 2016. 34 Copyright Notice 36 Copyright (c) 2015 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents 41 (http://trustee.ietf.org/license-info) in effect on the date of 42 publication of this document. Please review these documents 43 carefully, as they describe your rights and restrictions with respect 44 to this document. Code Components extracted from this document must 45 include Simplified BSD License text as described in Section 4.e of 46 the Trust Legal Provisions and are provided without warranty as 47 described in the Simplified BSD License. 49 Table of Contents 51 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 52 2. Conventions Used in This Document . . . . . . . . . . . . . . 4 53 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 4 54 4. Notification Definitions . . . . . . . . . . . . . . . . . . 5 55 4.1. Invite Notification . . . . . . . . . . . . . . . . . . . 5 56 4.1.1. Example: An invite notification . . . . . . . . . . . 5 57 4.2. Invite Reply . . . . . . . . . . . . . . . . . . . . . . 6 58 4.2.1. Example: An invite reply . . . . . . . . . . . . . . 6 59 5. Resource sharing . . . . . . . . . . . . . . . . . . . . . . 7 60 5.1. Feature Discovery . . . . . . . . . . . . . . . . . . . . 7 61 5.2. Additional Properties for resources . . . . . . . . . . . 7 62 5.2.1. DAV:share-mode Property . . . . . . . . . . . . . . . 7 63 5.2.2. DAV:invite Property . . . . . . . . . . . . . . . . . 7 64 5.2.3. DAV:sharer-resource-url Property . . . . . . . . . . 8 65 5.3. Sharer Actions on Shared Resource . . . . . . . . . . . . 9 66 5.3.1. Sharing or Unsharing a Resource . . . . . . . . . . . 9 67 5.3.2. Manipulating Sharees of a Shared Resource . . . . . . 9 68 5.3.2.1. Example: Successful Sharee Add Request . . . . . 10 69 5.3.2.2. Example: Successful Multiple Sharee Change 70 Request . . . . . . . . . . . . . . . . . . . . . 10 71 5.4. Sharee Actions on Shared Resources . . . . . . . . . . . 11 72 5.4.1. Replying to a Sharing Invite . . . . . . . . . . . . 11 73 5.4.1.1. Example: Accepting an invite . . . . . . . . . . 12 74 5.4.2. Ignoring an invitation . . . . . . . . . . . . . . . 13 75 5.4.3. Making modifications to a shared resource . . . . . . 13 76 5.4.4. Removing a shared resource . . . . . . . . . . . . . 13 77 5.5. General Considerations . . . . . . . . . . . . . . . . . 13 78 5.5.1. Access Levels . . . . . . . . . . . . . . . . . . . . 13 79 5.5.2. Per-instance WebDAV Properties . . . . . . . . . . . 14 80 6. Sharing privileges . . . . . . . . . . . . . . . . . . . . . 14 81 7. XML Element Definitions . . . . . . . . . . . . . . . . . . . 14 82 7.1. DAV:shared-owner . . . . . . . . . . . . . . . . . . . . 14 83 7.2. DAV:shared . . . . . . . . . . . . . . . . . . . . . . . 15 84 7.3. DAV:share-mode . . . . . . . . . . . . . . . . . . . . . 15 85 7.4. DAV:share . . . . . . . . . . . . . . . . . . . . . . . . 15 86 7.5. DAV:user . . . . . . . . . . . . . . . . . . . . . . . . 16 87 7.6. DAV:invite-noresponse . . . . . . . . . . . . . . . . . . 16 88 7.7. DAV:invite-deleted . . . . . . . . . . . . . . . . . . . 16 89 7.8. DAV:invite-accepted . . . . . . . . . . . . . . . . . . . 17 90 7.9. DAV:invite-declined . . . . . . . . . . . . . . . . . . . 17 91 7.10. DAV:invite-invalid . . . . . . . . . . . . . . . . . . . 18 92 7.11. DAV:access . . . . . . . . . . . . . . . . . . . . . . . 18 93 7.12. DAV:read . . . . . . . . . . . . . . . . . . . . . . . . 18 94 7.13. DAV:read-write . . . . . . . . . . . . . . . . . . . . . 19 95 7.14. DAV:invite-notification . . . . . . . . . . . . . . . . . 19 96 7.15. DAV:hosturl . . . . . . . . . . . . . . . . . . . . . . . 19 97 7.16. DAV:organizer . . . . . . . . . . . . . . . . . . . . . . 20 98 7.17. DAV:invite-reply . . . . . . . . . . . . . . . . . . . . 20 99 7.18. DAV:reply-notification . . . . . . . . . . . . . . . . . 21 100 7.19. DAV:create-in . . . . . . . . . . . . . . . . . . . . . . 21 101 7.20. DAV:share-resource . . . . . . . . . . . . . . . . . . . 21 102 7.21. DAV:set-invitee . . . . . . . . . . . . . . . . . . . . . 22 103 7.22. DAV:remove-invitee . . . . . . . . . . . . . . . . . . . 22 104 7.23. DAV:shared-as . . . . . . . . . . . . . . . . . . . . . . 22 105 8. Security Considerations . . . . . . . . . . . . . . . . . . . 23 106 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 107 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 23 108 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 109 12. Normative References . . . . . . . . . . . . . . . . . . . . 24 110 Appendix A. Backwards compatibility . . . . . . . . . . . . . . 25 111 Appendix B. Change History (to be removed prior to publication 112 as an RFC . . . . . . . . . . . . . . . . . . . . . 25 113 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 26 115 1. Introduction 117 Users of CalDAV [RFC4791] and CardDAV [RFC6352] often require a 118 mechanism to share a calendar or address book collection with other 119 users. 121 This specification introduces a mechanism that allows users of WebDAV 122 servers to invite another user to share a resource or WebDAV 123 collection. The invited user can either accept or reject the invite, 124 which is communicated back to the sharer. If the user chooses to 125 accept the invite, the shared resource will then appear in a location 126 on the server that's accessible by the invitee. 128 There are existing mechanism that address similar use-cases, such as 129 using WebDAV ACL [RFC3744] for fine-grained access control. 130 Experiences has shown that client developers are averse to using it 131 due its complexity. Many implementations have chosen to only use 132 WebDAV ACL for communicating access control information to clients, 133 but not for modification. WebDAV ACL alone also does not provide the 134 means for a user to invite another user. 136 HTTP POST operations are used to manage the sharing invitations and 137 replies, and WebDAV properties are used to expose the state of shared 138 resources. 140 This specification uses WebDAV notifications to communicate to users 141 there are outstanding invitations, or responses to invitations. 143 2. Conventions Used in This Document 145 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 146 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 147 document are to be interpreted as described in [RFC2119]. 149 When XML element types in the namespaces "DAV:" and 150 "urn:ietf:params:xml:ns:caldav" are referenced in this document 151 outside of the context of an XML fragment, the string "DAV:" and 152 "CALDAV:" will be prefixed to the element type names respectively. 154 Terms Used: 156 Sharer A user who is sharing a resource with other users. 158 Sharee A user to whom a resource has been shared. 160 Sharing Invite A message sent by a sharer to a sharee to indicate 161 the status of a shared resource. 163 Sharing Reply A message sent by a sharee to a sharer to indicate the 164 status of a shared resource. 166 The DTD samples used in this document are for illustrative purposes 167 only. The conventions and restrictions described in [RFC4918] 168 section 17. 170 3. Overview 172 This section provides a basic overview of this protocol by way of a 173 simple use case of a sharer sharing a collection with a single 174 sharee. 176 To share a resource with another user, the sharer's client executes 177 an HTTP POST request against the resource that's to be shared. The 178 POST request body will contain details of the user to whom the 179 resource is to be shared as well as the access right to be granted to 180 them. If the request succeeds, a notification is sent to the sharee 181 with details of the resource being shared to them. 183 The sharer's client will show the notification to the sharee and 184 present them with the choice to accept or decline the invitation to 185 the shared collection. If the sharee chooses to decline, then 186 nothing changes for that sharee. If the sharee chooses to accept, 187 then a new resource is created at a location that's accessible to the 188 sharee. The server enforces the appropriate access privileges for 189 the sharee. 191 At any time, the sharer can inspect properties on the resource being 192 shared, and determine the accept/decline status of each sharee. 193 Additional sharees can be added and existing ones removed. The 194 access privileges for existing sharees can also be changed. 196 Once a sharee has access to the shared resource, they can remove it 197 and decline the sharing invite by simply having their client issue an 198 HTTP DELETE request on the shared collection. That does not delete 199 any data, but rather simply removes the "link" to the sharer's 200 resource and sets the sharee's invite status to declined. 202 4. Notification Definitions 204 In order to facilitate the process of sharing invitations, this 205 specification uses WebDAV notifications, and defines several new 206 notification types. 208 4.1. Invite Notification 210 When a sharer adds a new sharee to a resource, or updates a sharee, 211 an invite notification is added to the sharee's notification 212 collection. 214 The notification contains information about the shared resource, the 215 owner and how to respond to the invitation. 217 4.1.1. Example: An invite notification 219 This is an example of a response to a GET request on a correct invite 220 notification. Note that several HTTP response headers have been 221 removed for brevity. 223 HTTP/1.1 200 OK 224 Content-Type: application/davnotification+xml 225 Content-Length: xxxx 227 228 2014-08-05T13:38:02Z 229 230 231 /principals/users/evert/ 232 233 234 /calendars/users/evert/offdays/ 235 236 237 Vacation days!! 238 239 240 241 243 4.2. Invite Reply 245 After a sharee has accepted or declined an invitation, the sharer 246 receives a reply-notification in their notification collection. 248 This notification contains information about which collection this 249 relates to, and who responded to the invite. 251 4.2.1. Example: An invite reply 253 This is an example of a response to a GET request on a correct invite 254 notification. Note that several HTTP response headers have been 255 removed for brevity. 257 HTTP/1.1 200 OK 258 Content-Type: application/davnotification+xml 259 Content-Length: xxxx 261 262 2014-09-03T02:30:00Z 263 264 265 mailto:john@example.org 266 267 268 /calendars/users/evert/offdays/ 269 Sorry, I'm not interested 270 271 273 5. Resource sharing 275 5.1. Feature Discovery 277 A server that supports the features described in this document MUST 278 include "resource-sharing" as a field in the DAV response header from 279 an OPTIONS request on any resource that supports these features. 281 5.2. Additional Properties for resources 283 The following new or modified WebDAV properties are defined for 284 resources and used to view or manipulate shared resources features. 286 5.2.1. DAV:share-mode Property 288 Resources that are shared must have a DAV:share-mode property. It's 289 value should be one of two elements: 291 o DAV:shared-owner (Section 7.1): used to indicate that the resource 292 is owned by the current user and is being shared by them. 294 o DAV:shared (Section 7.2): used to indicate that the resource is 295 owned by another user and is being shared to the current user. 297 5.2.2. DAV:invite Property 299 Name: invite 301 Namespace: DAV: 303 Purpose: Used to show to whom a resource has been shared. 305 Protected: This property MUST be protected. 307 PROPFIND behavior: This property SHOULD NOT be returned by a 308 PROPFIND allprop request (as defined in Section 14.2 of 309 [RFC4918]). 311 COPY/MOVE behavior: This property value MUST be preserved in MOVE 312 operations, but MUST NOT be preserved in COPY operations. 314 Description: This WebDAV property is present on a resource that has 315 been shared by the owner, or on the resources for the sharees. It 316 provides a list of users to whom the resource has been shared, 317 along with the "status" of the sharing invites sent to each user. 318 In addition, servers SHOULD include a DAV:principal XML element on 319 resources of the sharees to provide clients with a fast way to 320 determine who the sharer is. A server's local privacy policy may 321 prevent sharees from knowing about other sharees on a shared 322 calendar. If that is so server will not include DAV:user XML 323 elements for other sharees. 325 Definition: 327 329 5.2.3. DAV:sharer-resource-url Property 331 Name: sharer-resource-url 333 Namespace: DAV: 335 Purpose: Indicates the URL of the owner's copy of a shared resource. 337 Protected: This property MUST be protected. 339 PROPFIND behavior: This property SHOULD NOT be returned by a 340 PROPFIND allprop request (as defined in Section 14.2 of 341 [RFC4918]). 343 COPY/MOVE behavior: This property value MUST be preserved in COPY 344 and MOVE operations. 346 Description: This WebDAV property MAY be present on a shared 347 resource. Its content is a single DAV:href element whose value is 348 the URL of the sharer's resource being shared. 350 Definition: 352 354 5.3. Sharer Actions on Shared Resource 356 5.3.1. Sharing or Unsharing a Resource 358 To update an existing resource to be shared, the sharer simply adds 359 one or more sharees to the resource as per Section 5.3.2. The server 360 MUST indicate that the resource is now shared by updating the value 361 of the DAV:share-mode WebDAV property. 363 To unshare a resource, the sharer simply removes all sharees from the 364 DAV:invite property of the resource as per Section 5.3.2. The server 365 MUST indicate that the resource is no longer shared by removing the 366 value from the DAV:share-mode WebDAV property. 368 5.3.2. Manipulating Sharees of a Shared Resource 370 The sharer of a shared resource is able to manipulate the sharee list 371 by issuing a POST request targeted at the resource. The POST request 372 MUST contain an XML document as its body with the root element being 373 DAV:share-resource (Section 7.20). 375 The POST request MUST contain a Content-Type HTTP header, which MUST 376 contain "application/davshare+xml" as its value. Servers SHOULD 377 reject the request if this is not the case. 379 The DAV:share-resource (Section 7.20) element in the POST requests 380 MUST contain one or more DAV:set-invitee (Section 7.21) or 381 DAV:remove-invitee (Section 7.22) elements. For each DAV:set-invitee 382 (Section 7.21) element, the server MUST add the specified sharee 383 access to the resource. For each DAV:remove-invitee (Section 7.22) 384 element the server MUST remove the specified sharee access from the 385 shared resource. In each case the server MUST send a notification 386 message to any sharees whose status is changed (added, modified or 387 removed), indicating to them a change in status for the shared 388 resource. This is accomplished by sending a DAV:invite-notification 389 (Section 7.14) notification to each sharee. The server SHOULD NOT 390 send notification messages to sharees whose status is unchanged. 392 Sharees are identified via a DAV:href element whose value is either a 393 principal-URL for a sharee hosted on the same server, an email 394 address, or any other URI identifying a user. In the case of the 395 later two, the sharee might not be a user on the same server - though 396 in that case how invitations are sent or access enabled is out of 397 scope for this specification. A server MAY change the sharee's 398 "address" to any suitable alternative that it might prefer when 399 returning the list of sharees via the DAV:invite property 400 (Section 5.2.2). 402 The client MAY include a DAV:displayname element in the DAV:set- 403 invitee (Section 7.21) element. When provided, the value represents 404 the common name for the sharee, and is returned in the list of 405 sharees via the DAV:invite property (Section 5.2.2). The server MAY 406 change this to a suitable alternative when it is able to match the 407 sharee to a known user. If absent from the client request, the 408 server SHOULD add a DAV:displayname when it is able to match the 409 sharee with a known user, and a common name for that user can be 410 determined. 412 5.3.2.1. Example: Successful Sharee Add Request 414 This example shows how to add a single sharee (with email address 415 "mailto:eric@example.com") to a shared resource with DAV:read-write 416 access. 418 >> Request << 420 POST /calendars/users/cyrus/shared/ HTTP/1.1 421 Host: calendar.example.com 422 Content-Type: application/davsharing+xml; charset="utf-8" 423 Content-Length: xxxx 425 426 427 428 mailto:eric@example.com 429 Eric York 430 Shared workspace 431 432 433 435 >> Response << 437 HTTP/1.1 200 OK 438 Cache-Control: no-cache 439 Date: Sat, 11 Nov 2006 09:32:12 GMT 441 5.3.2.2. Example: Successful Multiple Sharee Change Request 443 This example shows how multiple sharee's can be manipulated in a 444 single request. The sharee with email address 445 "mailto:eric@example.com" has their access downgraded to CS:read, 446 whilst another sharee is removed from the access list entirely. 448 >> Request << 450 POST /calendars/users/cyrus/shared/ HTTP/1.1 451 Host: calendar.example.com 452 Content-Type: application/davsharing+xml; charset="utf-8" 453 Content-Length: xxxx 455 456 457 458 mailto:eric@example.com 459 Shared workspace 460 461 462 463 mailto:wilfredo@example.com 464 465 467 >> Response << 469 HTTP/1.1 204 No Content 470 Cache-Control: no-cache 471 Date: Sat, 11 Nov 2006 09:32:12 GMT 473 5.4. Sharee Actions on Shared Resources 475 5.4.1. Replying to a Sharing Invite 477 When a sharee is invited to a shared resource they can accept or 478 decline the invite by issuing a POST request to the resource URI for 479 the invitation notification. The POST request MUST contain an XML 480 document as its body with the root element being DAV:invite-reply 481 (Section 7.17). 483 The POST request MUST contain a Content-Type HTTP header, which MUST 484 contain "application/davshare+xml" as its value. Servers SHOULD 485 reject the request if this is not the case. 487 The DAV:invite-reply (Section 7.17) element in the POST request 488 specifies the accept or decline action via the DAV:invite-accepted or 489 DAV:invite-declined elements, and an optional DAV:comment element. 490 IF the invite was accepted, the body MUST also contain a DAV:create- 491 in (Section 7.19) element. This element contains a single DAV:href 492 element, which content is a URI that will be used as the parent for 493 the new shared resource. 495 The client MAY also provide a DAV:slug property. The server MAY use 496 the contents of this property to determine the name of the new 497 resource. 499 All usual preconditions for creating a resource at the DAV:create-in 500 target collection need to be taken into consideration. 502 Note that some servers may restrict where certain types of resources 503 may be created. A CalDAV server for instance, may only allow 504 calendars to be created in collections identified by the 505 CALDAV:calendar-home-set WebDAV property. 507 A successful response to an accepted invitation, SHOULD have a HTTP 508 201 status code, and MUST have a HTTP Location header, containing the 509 full url to the newly created resource. 511 A successful response to a declined invitation, SHOULD contain a 200 512 or 204 HTTP status code. 514 When the sharee replies to an invite, the server SHOULD send a 515 notification to the sharer to update them on the change in the sharee 516 state. This is accomplished by sending a DAV:reply-notification 517 (Section 7.18) notification to the sharer. 519 After the sharee has issued a reply, the server SHOULD also remove 520 the notification that contained the initial invite. 522 5.4.1.1. Example: Accepting an invite 524 This is an example of a request that the sharee would send to accept 525 an invitation. 527 POST /principals/users/evert/notifications/1000455.xml HTTP/1.1 528 Host: calendar.example.com 529 Content-Type: application/davsharing+xml; charset="utf-8" 531 532 533 534 535 /calendars/users/evert/ 536 537 Tech meetups 538 540 5.4.2. Ignoring an invitation 542 For privacy reasons, sharees need to be able to remove invitations 543 without notifiying the sharer. 545 When the sharee issues a DELETE on an invite-notification, the server 546 MUST remove the notification, and MUST NOT let the sharer know about 547 this. 549 As a result, from the sharers perspective, the invitation status for 550 that principal will always remain as DAV:invite-noreply. 552 5.4.3. Making modifications to a shared resource 554 Any changes that a sharee makes to a shared resource should also be 555 reflected in the sharers instance of the resource. 557 If the shared resource is a collection, any resources in the 558 collection, or in the collection's child-collections MUST also appear 559 in the sharers instance. 561 5.4.4. Removing a shared resource 563 To remove a shared resource a DELETE request is targeted at the 564 shared resource URI. When such a request is received the server MUST 565 remove the shared collection and automatically update the sharee's 566 status in the sharer's DAV:invite property. 568 5.5. General Considerations 570 5.5.1. Access Levels 572 Two levels of access can be granted by a sharer to any sharee. These 573 are governed by the DAV:access element used in the DAV:invite/ 574 DAV:user element that specifies a shared user invite. DAV:access 575 contains a single empty element that defines the type of access 576 granted: 578 DAV:read When present this indicates that sharees can read 579 information from the resource, but cannot change it. This applies 580 to the resource, but if the shared resource is a collection, it 581 also applies to the collection's children. 583 DAV:read-write When present this indicates that sharees can read and 584 write information from the resource. 586 The function of the DAV:read and DAV:read-write elements is to give a 587 quick indicator for a sharee what kind of access they may expect. 589 The server may still set more fine-grained access control rules. The 590 sharee can find out about these rules by requesting the DAV:current- 591 user-privilege-set property on the shared resource, or its children. 593 5.5.2. Per-instance WebDAV Properties 595 Servers MUST support "per-instance" WebDAV properties on shared 596 resource and MAY support them on resources within shared collections. 597 A "per-instance" WebDAV property is one whose value can be set and 598 retrieved on an instance of a resource, but is not automatically 599 propagated to other instances of the same shared resource. For 600 example, a sharee may change a property on their instance of a shared 601 resource, but the instance of the owner of the resource will not see 602 this updated value. 604 For shared resources, the server MUST allow all users to write "per- 605 instance" WebDAV properties on the shared resources and MAY allow 606 property writes on resources within the shared resources. This is 607 required even in the case where the sharee has been granted read 608 access only (i.e., the ability to change the resource is disallowed). 609 This requirement ensures that sharees can always change "personal" 610 properties such as display names. 612 Servers MAY treat any dead property as per-instance. 614 Servers MUST NOT treat live properties as per-instance. 616 6. Sharing privileges 618 Servers MAY support sharing on a per-resource basis. This section 619 defines a "DAV:share" WebDAV Access Control (ACL) [RFC3744] privilege 620 for use on collections that may be shared. 622 This privilege MUST be non-abstract and MAY be protected. This 623 privilege MUST appear in the DAV:supported-privilege-set property for 624 resources that may be shared. In addition, it MUST appear in the 625 DAV:current-user-privilege-set, if the user is allowed to share the 626 collection. 628 7. XML Element Definitions 630 7.1. DAV:shared-owner 632 Name: shared-owner 634 Namespace: DAV: 636 Purpose: Used to indicate that a resource is being shared by the 637 owner. 639 Description: This property appears in the DAV:share-mode property on 640 the resource shared by a sharer. See Section 5.2. 642 Definition: 644 646 7.2. DAV:shared 648 Name: shared 650 Namespace: DAV: 652 Purpose: Used to indicate that a resources is being shared to a 653 sharee. 655 Description: This property appears in the DAV:share-mode property on 656 a resource that is shared to a sharee. See Section 5.2. 658 Definition: 660 662 7.3. DAV:share-mode 664 Name: share-mode 666 Namespace: DAV: 668 Purpose: Used to indicate that a resource is being shared. 670 Description: This is a WebDAV property that may appear on an 671 instance of a shared resource. See Section 5.2. 673 Definition: 675 677 7.4. DAV:share 679 Name: share 681 Namespace: DAV: 683 Purpose: A WebDAV ACL privilege to control sharing. 685 Description: This element represents a WebDAV ACL privilege 686 [RFC3744], and indicates that the current principal is allowed to 687 share the resource on which it is defined. 689 Definition: 691 693 7.5. DAV:user 695 Name: user 697 Namespace: DAV: 699 Purpose: Used to show status of sharing invites sent to sharees. 701 Description: This element provides the "status" of a sharing invite 702 sent to a particular user. See Section 5.2.2. 704 Definition: 706 710 7.6. DAV:invite-noresponse 712 Name: invite-noresponse 714 Namespace: DAV: 716 Purpose: Sharing invite status. 718 Description: When used in a DAV:user (Section 7.5) element, this 719 element is used to indicate that the sharee has never replied to 720 the corresponding sharing invite. When used in a DAV:invite- 721 notification (Section 7.14) element, this element is used to 722 indicate to the sharee that a sharing reply is needed. 724 Definition: 726 728 7.7. DAV:invite-deleted 730 Name: invite-deleted 732 Namespace: DAV: 734 Purpose: Sharing invite status. 736 Description: When used in a DAV:invite-notification (Section 7.14) 737 element, this element is used to indicate to the sharee that a 738 shared resource has been unshared by the sharer. 740 Definition: 742 744 7.8. DAV:invite-accepted 746 Name: invite-accepted 748 Namespace: DAV: 750 Purpose: Sharing invite status. 752 Description: When used in a DAV:user (Section 7.5) element, this 753 element is used to indicate that the sharee has accepted the 754 corresponding sharing invite. When used in a DAV:invite- 755 notification (Section 7.14) element, this element is used to 756 indicate to the sharee that the sharing invite is an update for 757 one they previously accepted. 759 Definition: 761 763 7.9. DAV:invite-declined 765 Name: invite-declined 767 Namespace: DAV: 769 Purpose: Sharing invite status. 771 Description: When used in a DAV:user (Section 7.5) element, this 772 element is used to indicate that the sharee has declined the 773 corresponding sharing invite. When used in a DAV:invite- 774 notification (Section 7.14) element, this element is used to 775 indicate to the sharee that the sharing invite is an update for 776 one they previously declined. 778 Definition: 780 782 7.10. DAV:invite-invalid 784 Name: invite-invalid 786 Namespace: DAV: 788 Purpose: Sharing invite status. 790 Description: When used in a DAV:user (Section 7.5) element, this 791 element is used to indicate that the corresponding sharee is not a 792 valid user known to the server. 794 Definition: 796 798 7.11. DAV:access 800 Name: access 802 Namespace: DAV: 804 Purpose: Shared resource access level. 806 Description: When used in a DAV:user (Section 7.5) element, this 807 element is used to indicate the sharing access level granted to 808 the corresponding sharee. 810 Definition: 812 814 7.12. DAV:read 816 Name: read 818 Namespace: DAV: 820 Purpose: Shared resource access level privilege. 822 Description: Indicates that the access level granted only allows 823 sharees to read data in the shared resource (though they can write 824 per-instance data (Section 5.5.2)). 826 Definition: 828 830 7.13. DAV:read-write 832 Name: read-write 834 Namespace: DAV: 836 Purpose: Shared resource access level privilege. 838 Description: Indicates that the access level granted allows sharees 839 to read and write all data in the resource. 841 Definition: 843 845 7.14. DAV:invite-notification 847 Name: invite-notification 849 Namespace: DAV: 851 Purpose: A notification used as a shared resource invite. 853 Description: Defines a notification message sent automatically by 854 the server when a sharer adds, changes or removes a sharee from a 855 shared resource. The DAV:href element specifies the URI of the 856 sharee to whom the message was sent. 858 Definition: 860 868 7.15. DAV:hosturl 870 Name: hosturl 872 Namespace: DAV: 874 Purpose: Identifies the source URL of a shared resource. 876 Description: Contains a single DAV:href element that refers to the 877 source of a shared resource - i.e., the URL of the resource shared 878 by the sharer. 880 Definition: 882 884 7.16. DAV:organizer 886 Name: organizer 888 Namespace: DAV: 890 Purpose: Identifies the sharer of a shared resource. 892 Description: Contains a single DAV:href element that identifies the 893 URI of the sharer of a shared resource, and an optional 894 DAV:displayname element that matches that user. 896 Definition: 898 901 7.17. DAV:invite-reply 903 Name: invite-reply 905 Namespace: DAV: 907 Purpose: Root element for a POST request used to respond to a share 908 invitation. 910 Description: When a user responds to an invitation, the user issues 911 a POST request with an xml body. DAV:invite-reply is the root 912 element for this xml document. 914 Definition: 916 920 7.18. DAV:reply-notification 922 Name: reply-notification 924 Namespace: DAV: 926 Purpose: A notification used as a reply to a shared resource invite. 928 Description: Defines a notification message sent automatically by 929 the server when a sharee replies to a shared resource invite. The 930 DAV:href element specifies the URI of the sharee to whom the 931 original invite message was sent. 933 Definition: 935 939 7.19. DAV:create-in 941 Name: create-in 943 Namespace: DAV: 945 Purpose: The target url for the new resource. 947 Description: When a user accepts an invitation to share a resource, 948 this URI will be used to create the new shared resource. 950 Definition: 952 954 7.20. DAV:share-resource 956 Name: share-resource 958 Namespace: DAV: 960 Purpose: Describes changes to sharees. 962 Description: The root element used in POST requests on resources by 963 sharers to manipulate the sharee list of a shared resource. 965 Definition: 967 969 7.21. DAV:set-invitee 971 Name: set-invitee 973 Namespace: DAV: 975 Purpose: Sets access for a sharee. 977 Description: Used to add or modify sharee access to a shared 978 resource. The specified access to the shared resource is given to 979 the sharee. 981 Definition: 983 986 7.22. DAV:remove-invitee 988 Name: remove-invitee 990 Namespace: DAV: 992 Purpose: Removes access for a sharee. 994 Description: Used to remove sharee access to a shared resource. All 995 access to the shared resource is removed for the sharee. 997 Definition: 999 1001 7.23. DAV:shared-as 1003 Name: shared-as 1005 Namespace: DAV: 1007 Purpose: Identifies a shared resource. 1009 Description: Returned by the server for a POST request by a sharee 1010 accepting a shared resource invite. The DAV:href element 1011 specifies the URI of the resource created by the acceptance. 1013 Definition: 1015 1017 8. Security Considerations 1019 TBD 1021 9. IANA Considerations 1023 This document does not require any actions on the part of IANA. 1025 10. Acknowledgments 1027 The authors would like to thank the members of the Calendaring and 1028 Scheduling Consortium's SharingTechnical Committee. In particular, 1029 the following individuals have made important contributions to this 1030 work: Richard Brigham, John Chaffee, Michael Douglass and Ken 1031 Murchison and Dave Thewlis. 1033 This specification originated from work at the Calendaring and 1034 Scheduling Consortium, which has supported the development and 1035 testing of implementations of the specification. 1037 11. IANA Considerations 1039 This document defines a MIME media type for XML documents used in for 1040 sharing. This media type SHOULD be used for all POST requests in 1041 this specification. 1043 Type name: application 1045 Subtype name: davsharing+xml 1047 Required parameters: none 1049 Optional parameters: none 1051 Encoding considerations: Identical to those of "application/xml" as 1052 described in RFC7303 [RFC7303]. 1054 Security considerations: N/A. 1056 Interoperability considerations: There are no known interoperability 1057 issues. 1059 Published specification: This specification. 1061 Applications that use this media type: No known applications 1062 currently use this media type. 1064 Fragment identifier considerations: N/A. 1066 Additional information 1068 Deprecated alias names for this type N/A. 1070 Magic number(s) N/A. 1072 File extension(s) xml 1074 Macintosh file type code(s) TEXT 1076 Person & email address to contact for further information: 1077 me@evertpot.com 1079 Intended usage COMMON 1081 Restrictions on usage There are no restrictions on where this media 1083 Author See the "Authors' Addresses" section of this document. 1085 Change Controller IETF 1087 12. Normative References 1089 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1090 Requirement Levels", BCP 14, RFC 2119, March 1997. 1092 [RFC3744] Clemm, G., Reschke, J., Sedlar, E., and J. Whitehead, "Web 1093 Distributed Authoring and Versioning (WebDAV) Access 1094 Control Protocol", RFC 3744, DOI 10.17487/RFC3744, May 1095 2004, . 1097 [RFC4791] Daboo, C., Desruisseaux, B., and L. Dusseault, 1098 "Calendaring Extensions to WebDAV (CalDAV)", RFC 4791, 1099 DOI 10.17487/RFC4791, March 2007, 1100 . 1102 [RFC4918] Dusseault, L., Ed., "HTTP Extensions for Web Distributed 1103 Authoring and Versioning (WebDAV)", RFC 4918, 1104 DOI 10.17487/RFC4918, June 2007, 1105 . 1107 [RFC6352] Daboo, C., "CardDAV: vCard Extensions to Web Distributed 1108 Authoring and Versioning (WebDAV)", RFC 6352, 1109 DOI 10.17487/RFC6352, August 2011, 1110 . 1112 [RFC7303] Thompson, H. and C. Lilley, "XML Media Types", RFC 7303, 1113 DOI 10.17487/RFC7303, July 2014, 1114 . 1116 Appendix A. Backwards compatibility 1118 This specification is based on an earlier effort, often referred to 1119 as 'caldav-sharing'. It is possible to remain compatibile with this 1120 specification, but it's important to be aware of a number of changes. 1122 The earlier draft uses the http://calendarserver.org/ns/ namespace 1123 for all its xml elements. This means that any WebDAV property 1124 introduced in this specification, may need to have a similar property 1125 in the old namespace. 1127 XML documents as sent by POST requests and responses, and resources 1128 returned from notifications can be distinguished by the use of the 1129 Content-Type and Accept HTTP headers. The earlier draft does not 1130 define new mime-types for these, but this specification does. 1132 Appendix B. Change History (to be removed prior to publication as an 1133 RFC 1135 Changes in -02: 1137 1. Renamed DAV:shared-url to DAV:sharer-instance-url 1139 2. Introduced DAV:share-mode WebDAV property 1141 3. Removed additions to DAV:resource-type to indicate that a 1142 resource is shared. 1144 Changes in -01: 1146 1. Fixed some issues in the DTD declatations of set-invitee and 1147 remove-invitee. 1149 2. Removed an unused normative reference. 1151 3. Removed 'open issues' section. 1153 4. Added a paragraph about xml/dtd handling with a reference to 1154 RFC4917 1156 5. Renamed DAV:share to DAV:share-resource for the POST request 1158 Authors' Addresses 1160 Evert Pot 1161 fruux GmbH 1162 Koenigsstrasse 32 1163 Muenster, NRW 48143 1164 Germany 1166 Email: me@evertpot.com 1167 URI: https://fruux.com/ 1169 Cyrus Daboo 1170 Apple Inc. 1171 1 Infinite Loop 1172 Cupertino, CA 95014 1173 USA 1175 Email: cyrus@daboo.name 1176 URI: http://www.apple.com/ 1178 Eric York 1179 Apple Inc. 1180 1 Infinite Loop 1181 Cupertino, CA 95014 1182 USA 1184 URI: http://www.apple.com/