RE: I-D ACTION:draft-dusseault-dav-quota-00.txt from Jim Whitehead on 2001-09-26 (w3c-dist-auth@w3.org from July to September 2001)

From: Jim Whitehead <ejw@cse.ucsc.edu>
Date: Wed, 26 Sep 2001 16:00:13 -0700
To: "Webdav WG" <w3c-dist-auth@w3c.org>
Message-ID: <AMEPKEBLDJJCCDEJHAMIAEHMDHAA.ejw@cse.ucsc.edu>

> Clark Warner & I discussed doing this simple little draft at the Interop
> event; well, now it's published.
>
> If there's interest from other implementors (besides Xythos and
> Apple), I'm happy to pursue standardizing this in some simple form.

I think that if it provides value for Xythos and Apple, it undoubtedly will
provide value for others in the future. I know that quota support is a
frequently requested feature for mod_dav.

The current draft is really not that far away from being able to be sent
along for a working group last call. IMO, it needs the following changes:

* Add a brief introduction which:
  - Provides a little bit of background on the operational scenario(s) that
require this capability (i.e., setups like Sharemation, iDisk, etc.)
  - Describes the approach: provide two read-only properties that clients
can use to discover quota information

* Add the standard reference to RFC 2119, "Key words for use in RFCs to
Indicate Requirement Levels" and then change the text to use MUST/SHOULD/etc
as appropriate.

* Add a reference to the definition of a "protected" property.

* Add a security considerations section.  The only one I can think of is
that a hacker might preferentially attack an account with large quota.

* Change all places where "directory" or "directories" is used to refer to
"collections" instead.  DAV doesn't have directories, because we weren't
developing a network file system protocol (oops, guess we did by accident).

* Add a references section, and add the DAV and DeltaV specifications, along
with RFC 2119.

* Add an example PROPFIND request that shows these properties being
retrieved.

* Define each property in a similar manner to existing properties in DAV and
DeltaV (i.e., have the XML DTD specification for each one -- should just be
ANY).

* Complete Clark Warner's address.

Some thoughts on the specification:

- Does it make sense to allow DAV:quota to be writeable? If so, then there
should probably be an associated ACL privilege defined.  It seems like a
read-only quota standard offers a lot of value, so it probably doesn't make
sense to allow DAV:quota to be writeable.

- It might make sense to have DAV:quotaused be renamed DAV:spaceused. It
seems to me this property has utility beyond just the quota case.

- DAV:quotaused is listed as being optional.  I didn't understand that. It
seems to me that any quota enforcing server should know how much space is
currently being used, according to their accounting policy, right?

- Jim

Received on Wednesday, 26 September 2001 19:03:46 UTC