- From: Brian Smith <brian@briansmith.org>
- Date: Wed, 6 Aug 2008 09:26:58 -0500
- To: "'Julian Reschke'" <julian.reschke@gmx.de>
- Cc: "'HTTP Working Group'" <ietf-http-wg@w3.org>
Julian Reschke wrote: > Brian Smith wrote: > > I know. What I am trying to say is that plan doesn't work > > because "entity" and "variant" mean two different things. > > I think "entity" could replace > > Do they? > > RFC 2616 says about "variant": > > "A resource may have one, or more than one, representation(s) > associated with it at any given instant. Each of these > representations is termed a `varriant'. Use of the term > `variant' does not necessarily imply that the resource is > subject to content negotiation." > So a variant *is* a representation. (And I think we have > decided earlier that there's really no distinction between > "representation" and "entity" either). I agree, "representation" and "entity" are the same. > Although Content-Location identifies an entity, that doesn't > mean that that entity can't change over time. That is the part that I disagreed with because I've always thought of "entity" as describing an immutable value. However, I guess entities are immutable in RFC 2616 just because "entity" is used to describe parts of messages only, and messages are immutable. I guess as long as writers are careful to differentiate between "entity" and "version of an entity" when the distinction matters, things can work. But, "version of an entity" isn't really clearly defined in RFC 2616 either. That is why I think it is clearer to say "variant" instead of "entity" when describing things that potentially change over time, and say "entity" instead of "verssion/instance/value of an entity" to describe particular values of such things. That would allow the removal of the terms "representation," and "entity value", "versions of an entity", and "instances of that entity". (Incidentally, "document" is another term that should be removed.) > > If the "might be individually accessed" condition is > > important then it needs to be clarified so that > > implementations know what they are supposed to do to > > meet the condition. But, I don't think the condition > > adds any value which is why I suggest that it is simply > > removed. If the "might be individually access" condition is going to stay in, then please add an explanation of how to conform to that requirement. If it doesn't affect conformance then it doesn't make sense to keep it. > > But, again, I think we should first decide if the use of > > Content-Location should ever be encouraged at all given how > > problematic it is. > > ... > > I must admit that I'm not aware of any problems with > Content-Location in practice (besides the issues raised > months ago wrt the base URI). The base URI issue makes Content-Location dangerous to use. The only time it is safe to use Content-Location is when the Content-Location is exactly the same as the Request-URI (because of relative URI references like "#fragment"), or when the response entity doesn't contain any relative URIs. However, if you limit Content-Location to be the same as the Request-URI then it can no longer identify individual variants of the resource, which is its main purpose. As a rule of thumb, it is safer to omit the Content-Location than it is to include it. That is why I think some language like "Servers SHOULD NOT include a Content-Location header in responses [unless...]" is important. Another problem with Content-Location is that some implementations apparently use it to edit individual variants of a resource, but that use of Content-Location isn't well-defined in RFC 2616, there are security considerations that make it very difficult to define in a useful way, describing how that works would be a lot of work, and there is no evidence of interoperability for this use of the header anyway. - Brian
Received on Wednesday, 6 August 2008 14:27:36 UTC