RE: Interop issue: Proposal for fixing lock token provision from Clemm, Geoff on 2002-10-08 (w3c-dist-auth@w3.org from October to December 2002)

From: Clemm, Geoff <gclemm@rational.com>
Date: Tue, 8 Oct 2002 14:12:36 -0400
To: "'Webdav WG'" <w3c-dist-auth@w3c.org>
Message-ID: <E4F2D33B98DF7E4880884B9F0E6FDEE25ED47C@SUS-MA1IT01>
Jason pointed out to me in some private email that the questions in
his last posting were not rhetorical questions advocating one proposal
or another, but rather real questions that he thought we need to
answer.  I'd like to apologize to Jason for misreading his message,
and try to answer them properly this time.

   From: Jason Crawford [mailto:nn683849@smallcue.com] 

   On Monday, 10/07/2002 "Clemm, Geoff" wrote: 
   > Alternatively, we could just say: 
   > 
   > "A client MUST submit a tagged-list If header, using the 
   > DAV:lock-root of the lock as the tag for that lock token." 
   > 
   > If any of the tagged-list productions fail, the resource 
   > that is no longer locked will be indicated with a 412 in 
   > the multistatus return, telling the client to either remove 
   > that lock from its table, or request a new lock for that 
   > resource. 

   And ALL tag list productions would be evaluated, so that even if 
   the server didn't think it was relevant, it still would be checked. 
   So for example I can do a GET on a resource with an IF: header and 
   the IF: header would be checked despite the server thinking it is 
   unnecessary to check for locks on a GET request.  Does this sound 
   fine? 

If a server knows that no condition specifiable in an If can cause a
GET to fail, then it can skip the If check.  But if it is not
absolutely sure, then yes, it has to check the If header.

   And the client is required to submit a tag list for every
   URL/resource that the server thinks is relevant in order to submit
   the token.  And we're going to have to define what URL's are
   relevant.

Whether we can define what URLs are relevant will depend somewhat on
whether we can get server consensus on that question.  We may need to
have a few "MAY depend" clauses.  But optimally, we can avoid that
and make everything a MUST.

   And define what constitutes submission.

Yes, we definitely have to clearly define what constitutes submission.

   So for a situation where a token needs to be submitted to allow a 
   protected URL from being broken (lock destroyed), the root URL of 
   the lock in question needs to be submitted. 

Yes.  (I assume you meant "to be broken" rather than "from being broken").

   And in a situation where a token is needed to allow a write locked 
   resource to be modified, the URL of the root of that resource needs 
   to be specified. 

Yes.  We have been discussing whether to make a special case for the
UNLOCK request, but this may end up being decided more on
interoperability grounds (i.e. if existing servers require the
request-URL to be the lock-root, then for interoperability, we should
at least advise clients that they should use the lock-root for
interoperability).

   And what is "modifying"? A PUT/PROPPATCH to an ordinary 
   resouce modifies it.

Yes, in this case, I think we can clearly state that only the
lock on the resource specified by the request-URL must be
submitted.

   Also operations that add or remove children 
   of a collection are considered to modify the collection. 

To add a child, you would have to submit tokens for any locks
on the collection.  To remove a child you would have to submit
tokens for any locks on the collection, any locks on the child 
being removed, and if the child is a collection, any locks on
any member of the child collection.

   The client is free to test any other resources it wants to test 
   beyond the one's the server requires. 

Yes.

   We need a spec'ing of what tag list entries are sufficient to be 
   considered a submission.  That has to deal with NOT and any other 
   expression constructs we might come up with. 

I think it is simplest to just state that the appearance of the lock
token anywhere in the tagged list for the resource is sufficient.

   BTW... yes, I know earlier tonight I said that it's okay to test 
   against any resource locked by a resource in order to submit the 
   lock, but I'm guessing the definition of "submit" will be easier if 
   we are as specific as possible about what it means to submit a 
   token and specifying what URL is definitely something that will 
   help. 

I agree.

   Also, in the case of 2518-style DELETE where lots of bindings get 
   destoryed and they probably get destroyed bottom up, I'd think it 
   would be best (or at least equal) in some server implementations if 
   the URL you specified for the submisssion was the one that got 
   destoryed last. 

This raises a good (although tangential) point.
The BIND protocol "clarifies" the 2518 DELETE semantics, to 
state that it is the "mappings" to all the members that are 
removed by the DELETE of a collection, not the bindings. 
I believe this clarification should appear in 2518bis. 

But even if some (misguided :-) server did destroy all the 
bindings, the last one destroyed will be the lock-root, so
I think we're OK here to require that the lock-root be the
tag for the submitted token.

Cheers, 
Geoff
Received on Tuesday, 8 October 2002 14:13:16 UTC