Re: Suggested reply to Kam Hay Fung's mail on the comments list (FW: Feedback on profile negotiation I-D-Accept--Schema) from Rob Atkinson on 2018-09-15 (public-dxwg-wg@w3.org from September 2018)

From: Rob Atkinson <rob@metalinkage.com.au>
Date: Sat, 15 Sep 2018 07:12:05 +0200
To: "Svensson, Lars" <L.Svensson@dnb.de>
Cc: "public-dxwg-wg@w3.org" <public-dxwg-wg@w3.org>
Message-ID: <CACfF9LzRKwSU824VvX_tWcyYe=WG0TuFRbb2nhWtARdyTfB03g@mail.gmail.com>
+1

excellent work


On Fri, 14 Sep 2018 at 19:09 Svensson, Lars <L.Svensson@dnb.de> wrote:

> Dear all,
>
> As per ACTION-213, here my suggested reply to Kam:
>
> [[
> Thursday, August 09, 2018 1:44 AM, Kam Hay Fung (Kam) [mailto:
> KamHay.Fung@det.nsw.edu.au] wrote:
>
> Dear Kam,
>
> > We are working on international standards in the educational sector. The
> profile
> > negotiation proposal by Svensson and Verborgh
> >
> https://profilenegotiation.github.io/I-D-Accept--Schema/I-D-accept-schema
> > (hereafter referred to as the “Proposal”) address similar problems in
> our context. It
> > makes sense for us to rebase our work on the Proposal instead of
> reinventing the
> > wheel.
>
>
> > At this stage, I have some feedback for the Proposal for consideration.
>
> Thanks for your interest in our work, we appreciate your feedback very
> much!
>
> >
> > **Accept-Profile value list**
> > In https://tools.ietf.org/html/rfc7230#section-3.2.2, header fields
> with the same
> > name may be combined into one header field having all their values as a
> comma-
> > separated list. So, the following examples are semantically equivalent:
> >
> > Example 1:
> > Accept-Profile: <http://example.com/shapes/shape-1>; q=0.8,
> >                <http://example.com/shapes/shape-2>; q=0.5
> >
> > Example 2:
> > Accept-Profile: <http://example.com/shapes/shape-1>; q=0.8
> > Accept-Profile: <http://example.com/shapes/shape-2>; q=0.5
> >
> > It is unclear the Proposal will also mandate user agents and hosts to
> support multi-
> > line Accept-Profile headers (i.e. example 2) since the semantics of “,”
> in the Accept-
> > Profile header syntax appears to be the same as that in
> > https://tools.ietf.org/html/rfc7230#section-3.2.2. If this is the case,
> a multi-line
> > Accept-Profile example will greatly demonstrate it to the readers.
> Otherwise, the
> > Proposal needs to make it clear that the multi-line feature is
> unsupported.
>
> The behaviour of this header field should be similar to other header
> fields, so your Example 1 and your Example 2 should indeed be seen as
> semantically equivalent. We'll add that to the draft.
>
> > **Naming**
> > If a profile characterises the body of an HTTP payload only, perhaps the
> plain
> > “Profile” name might be renamed to “Content-Profile” for consistency?
> All existing
> > headers prefixed with “Content-” are associated with the payloads.
>
> We fully agree here. We'll update the draft so that the response header is
> named "Content-Profile".
>
>  > **Compatibility**
> > The Proposal does not suggest the extent to which a
> profile-negotiation-aware host
> > will deal with a user agent not supporting profile negotiation. Options
> might include
> > the host 1) trying to process requests using a default profile; 2)
> returning an HTTP
> > error.
> >
> > Likewise, clarification is needed for a profile-negotiation-aware user
> agent dealing
> > with a host that does not support profiles.
>
> We discussed those use cases, and preliminary agreed on the following
> behaviour:
> 1) If a user agent does not support profile negotiation and the server
> does, the server SHOULD return content using its default profile. In that
> case the server SHOULD also set the Content-Profile header in order to make
> caching more efficient.
> 2) If a user agent sends a request containing an "Accept-Profile" header
> to a server that does not understand profile negotiation, the server SHOULD
> ignore that header and will accordingly not send an "Content-Profile"
> response header. This is in line with RFC 7231 § 3.2.1 that states:
>
>    A proxy MUST forward unrecognized header fields unless the field-name
>    is listed in the Connection header field (Section 6.1) or the proxy
>    is specifically configured to block, or otherwise transform, such
>    fields.  Other recipients SHOULD ignore unrecognized header fields.
>    These requirements allow HTTP's functionality to be enhanced without
>    requiring prior update of deployed intermediaries.
>
> If a user agent sends an "Accept-Profile" header but does not receive a
> "Content-Profile" header, it should take this as a sign that the server
> does not understand profiles and that the profile of the returned content
> is unspecified.
>
> > **Negotiation**
> > The Proposal relies on HTTP error codes (e.g. 406, 500) in the
> negotiation process to
> > let user agents determine the right profile to use. While this works for
> a host, it may
> > overload the use of 406 and potentially fill up the log with lots of
> noisy errors. It
> > might thus be desirable for a user agent to harmoniously “look up”
> profiles
> > supported by a host without triggering HTTP errors.
>
> Look-up of profiles without having to download the target resource is
> definitely in-scope and there already is a use case for that [2].
>
> > There are existing ways in the HTTP spec for the look up.
> > 1) HTTP HEAD (https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html)
> for user
> > agents to perform the “look up” before performing HTTP GET; and
> > 2) Similarly, HTTP OPTIONS (
> https://www.w3.org/Protocols/rfc2616/rfc2616-
> > sec9.html), used before HTTP POST/PUT/DELETE.
> >
> > More generally, it might be desirable for user agents and hosts to be
> more “chatty”
> > at the outset of negotiation, exchanging a few dialogues with one
> another to
> > determine the right profile(s) to use, and less “chatty” afterwards.
>
> The use of http OPTIONS (returning available headers) and http HEAD (using
> e. g. a Link header to link to other profiles) for profile discovery is
> something we'll definitely consider. A third way may be to answer with a
> 300 Multiple Choices status code could also be seen as an option.
>
> There are also other, non-http possibilities for a user agent to specify a
> preferred profile, e. g. through the use of URL query parameters [3]. That
> possibility, however, would not be part of the I-D but described in the
> accompanying Profile Negotiation Guidance document [4]
>
> > If the Proposal considers any of these lookup mechanisms, there might be
> further
> > work to include the [weight] part to the Profile header let a host
> indicate its profile
> > preference to a user agent for its generated content.
>
> This we didn't quite understand: How should the server indicate its
> profile preference to the user agent?
>
> > **Caching Consideration **
> > Hosts might wish to continuously upgrade to support/deprecate profiles.
> Hence, the
> > Profile and Accept-Profile headers in the Proposal will not remain
> constant. This will
> > influence caching in HTTP (https://www.w3.org/Protocols/rfc2616/rfc2616-
> > sec13.html) and the Proposal might need to position a view for its
> readers.
>
> User agents should assume that profiles identified by profile URIs are
> immutable, everything else would break backward compatibility. If a profile
> changes (or rather, if the way the transferred content changes in a way
> that makes it incompatible with the profile used so far) the profile MUST
> be given a new URI.
>
> [1] https://tools.ietf.org/html/rfc7230#section-3.2.1
> [2] https://w3c.github.io/dxwg/ucr/#ID5
> [3] https://github.com/w3c/dxwg/issues/239
> [4] https://w3c.github.io/dxwg/conneg-by-ap/
> ]]
>
> Would that be OK?
>
> Thanks,
>
> Lars
>
>
Received on Saturday, 15 September 2018 05:12:53 UTC