W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2001


From: Clemm, Geoff <gclemm@rational.com>
Date: Wed, 1 Aug 2001 23:48:36 -0400
Message-ID: <3906C56A7BD1F54593344C05BD1374B103CA8F44@SUS-MA1IT01>
To: w3c-dist-auth@w3.org
I strongly support all of Ilya's and Allan's points.

Remember that the point of the current process is to address any
issues that have arisen during the implementation of 2518, and
a feature that has negligible value and has demonstrated
implementation and interoperability problems is a prime
candidate for revision or removal.


-----Original Message-----
From: Ilya Kirnos [mailto:ilya.kirnos@oracle.com]
Sent: Wednesday, August 01, 2001 10:53 PM
To: Hall, Shaun
Cc: w3c-dist-auth@w3.org
Subject: Re: rfc2518 issue: DEFER_LOCK_NULL_RESOURCES_IN_SPEC

> I don't think LNRs should be changed at all.
> You could use a file to track the lock if you wish and you won't be
> deviating from the RFC.
> The RFC doesn't place restrictions on implementation (in this case LNRs) -
> you can basically use whatever you want, so why are you suggesting that
> semantics should be changed ?
> Its an implementation problem, not a protocol problem.

As I recall, there are some restrictions on the behavior of a lock-null
resource that make it difficult to track with an honest-to-goodness file.

As I recall an LNR is supposed to show up as a member of its parent
but return 404 when you try to do a GET on it.  This means you have to keep
some metadata about that file to know that it's 'special'.  You can keep it
the DAV server, but nobody else would know or care about it, so even another
DAV server (forget other protocols) working against the same filesystem
wouldn't know about the 'specialness'.  Why would you want to limit DAV
in this way if you have a filesystem that supports locking natively, for

I think there were other examples as well.  Generally, IMHO, LNRs have
behavior, and perhaps we can solve the problems LNRs are intended to solve
make them a little easier to implement on many existing systems.

Like I said, I'd be up for keeping LNRs if things like this were amended.  I
know these are all implementation details, but if the implementation becomes
one hack after another, as I think LNRs would have to be as currently
maybe it's time to step back and revisit the spec.


From:	Alan Kent [ajk@mds.rmit.edu.au]
Sent:	Wednesday, August 01, 2001 8:14 PM
To:	w3c-dist-auth@w3.org
Subject:	Re: rfc2518 issue: DEFER_LOCK_NULL_RESOURCES_IN_SPEC

I am discussing only for the sake of discussing - not because I actually
have a strong opinion on this.

On Wed, Aug 01, 2001 at 10:30:22AM +0100, Hall, Shaun wrote:
> I think you are taking WebDAV out of its intended context (see below).

I would be interested to know what the intended context for other WebDAV
implementors are.

> You don't need race conditions because your WebDAV layer in the above
> example can be circumvented full stop. For example, there's nothing to
> another non-WebDAV application creating a directory with the same name as
> the LNR even though your WebDAV server has created a LNR.

If the LOCK requests are passed down to the underlying system and
supported by the underlying system, then it *is* possible to stop
another non-WebDAV application doing things. My understanding is
this is exactly (one of) the reasons why it was being proposed that
LNR be changed. For example, I thought it would be a real issue with
Oracle iFS. I might have misunderstood.

I agree that not all possible implementations of the underlying system
will be able to support WebDAV. But if (for example) a LNR request
did create a file and lock it in the underlying file system, then
other applications *would* be stopped from creating a directory with
that name concurrently. This is the whole point.

> Unless the heart of your "back end" (in this case a OS's file system)
> supports WebDAV, its going to be a "best effort" approach.

I agree with this. The question is it worth changing WebDAV to use
a model closer to what the majority of file systems do support, to
allow more implementations do locking properly (that is, at the file
system level, not the WebDAV level). In other words, is it worth
minimizing the impedience between protocols/systems?

> > (2) Locking is only to protect against other WebDAV clients and not
> >     against anything else

> Actually 2) is correct as well:

I agree - this is a valid position to take (which is why I included it).
I *personally* dislike it, but it is a completely valid position to take.

> Remember that WebDAV is a set of extensions to HTTP, which suffers similar
> problems. WebDAV is about WWW functionality, not a "be all and end all"
> access mechanism for everything - see section 1 of RFC 2518, read RFC
> This is what I mean when I say you've taken WebDAV out of intended

I think this weakens WebDAV when there is no real reason to weaken it.

> Your example of other applications accessing your Web/WebDAV Server's data
> area is not WWW functionality and therefore WebDAV does not apply IMHO.
> People have to live with it.

Philosophically I think we disagree here. I am interested in WebDAV as
a means to maximize integration of systems. To maximize integration it
is common to have to support multiple protocols accessing the same
information. I think Oracle iFS is a good example of this need in real
life. I think Microsoft users using Web Folders want WebDAV to act as
much like other file systems as possible and integrate with them as
safely as possible.

> Is WebDAV going to stop admins/root formatting
> the hard disk which contains the data ?

Yes. If a lock is held in the underlying file system, it cannot be
unmounted (for UNIX anyway), and so cannot be reformatted. You would
have to shut down the machine to circumvent this.

> In your file system example, there is nothing to stop another application
> deleting a file (that is not a LNR) that your WebDAV Server has locked.

There is *if* the LOCK is mapped down to something the underlying file
system can understand.

> Therefore the locking mechanism has failed.

If this is truely the case, I would almost consider arguing that locking

> What mechanism can you invent
> that would solve all these multiple protocol problems?

If (and it is *if*) all the protocols can map locking requests down to
the base level, then there is no problem. In terms of WebDAV my question
is "should WebDAV be changed to be a better protocol citizen to make it
easier to share an underlying file system with other protocols". No,
there is no guarantee. But using more standard semantics would make it
much more likely.

> In the real world, the end users system in question should be configured
> only HTTP/WebDAV clients can access the data area that the WebDAV Server
> interacts with.

I would be interested in other implementors feeling on this one.
Its certainly not true for our system. Its certainly not true
for Oracle iFS. I am pretty sure its not true for Apache mod_dav
(its not unreasonable for web site administrators to go to the file
system directly). I suspect the same holds for IIS.

I have probably said enough on this topic. I am interested in the outcome
because it makes a difference to our locking implementation. I am not
really stressed which way it goes. I agree that changing the LNR
semantics will not solve *all* problems. But I dont think this alone
is a reason not to try to reduce implementation/compatibility problems
when used in systems with other protocols/systems etc.

Received on Wednesday, 1 August 2001 23:49:09 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:01:23 UTC