Re: Thoughts on relation to WebDAV from Werner Baumann on 2008-05-23 (w3c-dist-auth@w3.org from April to June 2008)

From: Werner Baumann <werner.baumann@onlinehome.de>
Date: Fri, 23 May 2008 17:55:20 +0200
CC: w3c-dist-auth@w3.org
Message-ID: <4836E8E8.6040804@onlinehome.de>

Julian Reschke wrote:
> 
> Henrik Holst wrote:
>> fre 2008-05-23 klockan 09:50 -0400 skrev Simon Perreault:
>>> On Friday 23 May 2008 09:36:46 Henrik Holst wrote:
>>>> There is no MUST in RFC4918 for the MKCOL Method so class 1 does not
>>>> include MKCOL as far as I can see.
>>> Is it intentional? I mean, RFC2518 says "All DAV compliant resources 
>>> MUST support the MKCOL method." And advertising class 3 would not 
>>> imply support for MKCOL, if I read the definition of class 3 correctly.
>>>
>> Well that is interesting, class 1 would thus be slightly redefined in
>> 4918 and supporting class 3 tells the client that your server follows
>> this redefinition I guess.
>>
>> Hopefully we can get some info from the people involved with 4918 how
>> the ideas where when MKCOL was changed from MUST.
> 
> It wasn't intentional. As far as I recall, we lost the first paragraph 
> without considering compliance.

If it was not intentional, it should go in the Errata document to avoid 
confusion.

> 
> In practice I think it doesn't make any difference at all.
> 
> If a server vendor can't implement support for creating collections, 
> he/she simply won't. A 403 always was possible, RFC4918 now also allows 
> 405.
> 
> What difference does this make in practice?

405 was allowed in RFC 2518 too. HTTP/1.1 also knows 501 Not Implemented.

RFC 2616:

   10.5.2 501 Not Implemented
   The server does not support the functionality required to fulfill
   the request. This is the appropriate response when the server does
   not recognize the request method and is not capable of supporting
   it for any resource.

RFC 2518/4918:

   403 (Forbidden) - This indicates at least one of two
   conditions: 1) the server does not allow the creation of collections
   at the given location in its namespace, or 2) the parent collection
   of the Request-URI exists but cannot accept members.

   405 (Method Not Allowed) - MKCOL can only be executed on a
   deleted/non-existent resource.

No difference in practice? Are clients supposed not to care about these 
different status codes?

A server, that does not implement MKCOL, is not compliant according RFC 
2616, but is compliant according RFC 4918. No difference in practice?

I have to concede: I never saw a compliant WebDAV-server. So does it 
make a difference in practice, whether there is a standard at all?

Werner

Received on Friday, 23 May 2008 15:56:17 UTC