[CalendarServer-changes] [3500] CalendarServer/trunk/doc/RFC

source_changes at macosforge.org source_changes at macosforge.org
Wed Dec 10 10:17:34 PST 2008


Revision: 3500
          http://trac.macosforge.org/projects/calendarserver/changeset/3500
Author:   wsanchez at apple.com
Date:     2008-12-10 10:17:33 -0800 (Wed, 10 Dec 2008)
Log Message:
-----------
draft-sanchez-webdav-current-principal is now rfc5397

Added Paths:
-----------
    CalendarServer/trunk/doc/RFC/rfc5397-Current Principal.txt

Removed Paths:
-------------
    CalendarServer/trunk/doc/RFC/draft-sanchez-webdav-current-principal.txt

Deleted: CalendarServer/trunk/doc/RFC/draft-sanchez-webdav-current-principal.txt
===================================================================
--- CalendarServer/trunk/doc/RFC/draft-sanchez-webdav-current-principal.txt	2008-12-10 17:51:55 UTC (rev 3499)
+++ CalendarServer/trunk/doc/RFC/draft-sanchez-webdav-current-principal.txt	2008-12-10 18:17:33 UTC (rev 3500)
@@ -1,392 +0,0 @@
-
-
-
-Network Working Group                                         W. Sanchez
-Internet-Draft                                                  C. Daboo
-Expires: May 4, 2009                                          Apple Inc.
-                                                        October 31, 2008
-
-
-                   WebDAV Current Principal Extension
-               draft-sanchez-webdav-current-principal-02
-
-Status of This Memo
-
-   By submitting this Internet-Draft, each author represents that any
-   applicable patent or other IPR claims of which he or she is aware
-   have been or will be disclosed, and any of which he or she becomes
-   aware will be disclosed, in accordance with Section 6 of BCP 79.
-
-   Internet-Drafts are working documents of the Internet Engineering
-   Task Force (IETF), its areas, and its working groups.  Note that
-   other groups may also distribute working documents as Internet-
-   Drafts.
-
-   Internet-Drafts are draft documents valid for a maximum of six months
-   and may be updated, replaced, or obsoleted by other documents at any
-   time.  It is inappropriate to use Internet-Drafts as reference
-   material or to cite them other than as "work in progress."
-
-   The list of current Internet-Drafts can be accessed at
-   http://www.ietf.org/ietf/1id-abstracts.txt.
-
-   The list of Internet-Draft Shadow Directories can be accessed at
-   http://www.ietf.org/shadow.html.
-
-   This Internet-Draft will expire on May 4, 2009.
-
-Abstract
-
-   This specification defines a new WebDAV property that allows clients
-   to quickly determine the principal corresponding to the current
-   authenticated user.
-
-
-
-
-
-
-
-
-
-
-
-
-Sanchez & Daboo            Expires May 4, 2009                  [Page 1]
-
-Internet-Draft          WebDAV Current Principal            October 2008
-
-
-Table of Contents
-
-   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
-   2.  Conventions Used in This Document . . . . . . . . . . . . . . . 3
-   3.  DAV:current-user-principal  . . . . . . . . . . . . . . . . . . 4
-   4.  Security Considerations . . . . . . . . . . . . . . . . . . . . 5
-   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
-   6.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 5
-   7.  Normative References  . . . . . . . . . . . . . . . . . . . . . 5
-   Appendix A.  Change History (to be removed prior to
-                publication as an RFC) . . . . . . . . . . . . . . . . 5
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Sanchez & Daboo            Expires May 4, 2009                  [Page 2]
-
-Internet-Draft          WebDAV Current Principal            October 2008
-
-
-1.  Introduction
-
-   WebDAV [RFC4918] is an extension to HTTP [RFC2616] to support
-   improved document authoring capabilities.  The WebDAV Access Control
-   Protocol ("WebDAV ACL") [RFC3744] extension adds access control
-   capabilities to WebDAV.  It introduces the concept of a "principal"
-   resource, which is used to represent information about authenticated
-   entities on the system.
-
-   Some clients have a need to determine the [RFC3744] principal that a
-   server is associating with the currently authenticated HTTP user.
-   While [RFC3744] defines a DAV:current-user-privilege-set property for
-   retrieving the privileges granted to that principal, there is no
-   recommended way to identify the principal in question, which is
-   necessary to perform other useful operations.  For example, a client
-   may wish to determine which groups the current user is a member of,
-   or modify a property of the principal resource associated with the
-   current user.
-
-   The DAV:principal-match REPORT provides some useful functionality,
-   but there are common situations where the results from that query can
-   be ambiguous.  For example, not only is an individual user principal
-   returned, but also every group principal that the user is a member
-   of, and there is no clear way to distinguish which is which.
-
-   This specification proposes an extension to WebDAV ACL that adds a
-   DAV:current-user-principal property to resources under access control
-   on the server.  This property provides a URL to a principal resource
-   corresponding to the currently authenticated user.  This allows a
-   client to "bootstrap" itself by performing additional queries on the
-   principal resource to obtain additional information from that
-   resource, which is the purpose of this extension.  Note that while it
-   is possible for multiple URLs to refer to the same principal
-   resource, or for multiple principal resources to correspond to a
-   single principal, this specification only allows for a single http(s)
-   URL in the DAV:current-user-principal property.  If a client wishes
-   to obtain alternate URLs for the principal, it can query the
-   principal resource for this information; it is not the purpose of
-   this extension to provide a complete list of such URLs, but simply to
-   provide a means to locate a resource which contains that (and other)
-   information.
-
-2.  Conventions Used in This Document
-
-   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
-   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
-   document are to be interpreted as described in [RFC2119].
-
-
-
-
-Sanchez & Daboo            Expires May 4, 2009                  [Page 3]
-
-Internet-Draft          WebDAV Current Principal            October 2008
-
-
-   When XML element types in the namespace "DAV:" are referenced in this
-   document outside of the context of an XML fragment, the string "DAV:"
-   will be prefixed to the element type names.
-
-   Processing of XML by clients and servers MUST follow the rules
-   defined in Section 17 of WebDAV [RFC4918].
-
-   Some of the declarations refer to XML elements defined by WebDAV
-   [RFC4918].
-
-3.  DAV:current-user-principal
-
-   Name:  current-user-principal
-
-   Namespace:  DAV:
-
-   Purpose:  Indicates a URL for the currently authenticated user's
-      principal resource on the server.
-
-   Value:  A single DAV:href or DAV:unauthenticated element.
-
-   Protected:  This property is computed on a per-request basis, and
-      therefore is protected.
-
-   Description:  The DAV:current-user-principal property contains either
-      a DAV:href or DAV:unauthenticated XML element.  The DAV:href
-      element contains a URL to a principal resource corresponding to
-      the currently authenticated user.  That URL MUST be one of the
-      URLs in the DAV:principal-URL or DAV:alternate-URI-set properties
-      defined on the principal resource and MUST be an http(s) scheme
-      URL.  When authentication has not been done or has failed, this
-      property MUST contain the DAV:unauthenticated pseudo-principal.
-
-      In some cases there may be multiple principal resources
-      corresponding to the same authenticated principal.  In that case
-      the server is free to choose any one of the principal resource
-      URIs for the value of the DAV:current-user-principal property.
-      However, servers SHOULD be consistent and use the same principal
-      resource URI for each authenticated principal.
-
-   COPY/MOVE behavior:  This property is computed on a per-request
-      basis, and is thus never copied or moved.
-
-   Definition:
-
-      <!ELEMENT current-user-principal (unauthenticated | href)>
-      <!-- href value: a URL to a principal resource -->
-
-
-
-
-Sanchez & Daboo            Expires May 4, 2009                  [Page 4]
-
-Internet-Draft          WebDAV Current Principal            October 2008
-
-
-   Example:
-
-      <D:current-user-principal xmlns:D="DAV:">
-        <D:href>/principals/users/cdaboo</D:href>
-      </D:current-user-principal>
-
-4.  Security Considerations
-
-   This specification does not introduce any additional security issues
-   beyond those defined for HTTP [RFC2616], WebDAV [RFC4918] and WebDAV
-   ACL [RFC3744].
-
-5.  IANA Considerations
-
-   This document does not require any actions on the part of IANA.
-
-6.  Acknowledgments
-
-   This specification is based on discussions that took place within the
-   Calendaring and Scheduling Consortium's CalDAV Technical Committee.
-   The authors thank the participants of that group for their input.
-
-   The authors thank Julian Reschke for his valuable input via the
-   WebDAV working group mailing list.
-
-7.  Normative References
-
-   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
-              Requirement Levels", BCP 14, RFC 2119, March 1997.
-
-   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
-              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
-              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
-
-   [RFC3744]  Clemm, G., Reschke, J., Sedlar, E., and J. Whitehead, "Web
-              Distributed Authoring and Versioning (WebDAV)
-              Access Control Protocol", RFC 3744, May 2004.
-
-   [RFC4918]  Dusseault, L., "HTTP Extensions for Web Distributed
-              Authoring and Versioning (WebDAV)", RFC 4918, June 2007.
-
-Appendix A.  Change History (to be removed prior to publication as an
-             RFC)
-
-   Changes from -00:
-
-   1.  Changed DAV:current-user-principal-resource to DAV:current-user-
-       principal.
-
-
-
-Sanchez & Daboo            Expires May 4, 2009                  [Page 5]
-
-Internet-Draft          WebDAV Current Principal            October 2008
-
-
-   2.  Correct DAV:current-user-principal element definition to use
-       valid XML and not use the "DAV:" prefix for children.
-
-   3.  Typo "DAV:unauthenticed" should be spelled "DAV:unauthenticated".
-
-Authors' Addresses
-
-   Wilfredo Sanchez
-   Apple Inc.
-   1 Infinite Loop
-   Cupertino, CA  95014
-   USA
-
-   EMail: wsanchez at wsanchez.net
-   URI:   http://www.apple.com/
-
-
-   Cyrus Daboo
-   Apple Inc.
-   1 Infinite Loop
-   Cupertino, CA  95014
-   USA
-
-   EMail: cyrus at daboo.name
-   URI:   http://www.apple.com/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Sanchez & Daboo            Expires May 4, 2009                  [Page 6]
-
-Internet-Draft          WebDAV Current Principal            October 2008
-
-
-Full Copyright Statement
-
-   Copyright (C) The IETF Trust (2008).
-
-   This document is subject to the rights, licenses and restrictions
-   contained in BCP 78, and except as set forth therein, the authors
-   retain all their rights.
-
-   This document and the information contained herein are provided on an
-   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
-   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
-   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
-   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
-   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
-   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
-   The IETF takes no position regarding the validity or scope of any
-   Intellectual Property Rights or other rights that might be claimed to
-   pertain to the implementation or use of the technology described in
-   this document or the extent to which any license under such rights
-   might or might not be available; nor does it represent that it has
-   made any independent effort to identify any such rights.  Information
-   on the procedures with respect to rights in RFC documents can be
-   found in BCP 78 and BCP 79.
-
-   Copies of IPR disclosures made to the IETF Secretariat and any
-   assurances of licenses to be made available, or the result of an
-   attempt made to obtain a general license or permission for the use of
-   such proprietary rights by implementers or users of this
-   specification can be obtained from the IETF on-line IPR repository at
-   http://www.ietf.org/ipr.
-
-   The IETF invites any interested party to bring to its attention any
-   copyrights, patents or patent applications, or other proprietary
-   rights that may cover technology that may be required to implement
-   this standard.  Please address the information to the IETF at
-   ietf-ipr at ietf.org.
-
-
-
-
-
-
-
-
-
-
-
-
-Sanchez & Daboo            Expires May 4, 2009                  [Page 7]
-

Copied: CalendarServer/trunk/doc/RFC/rfc5397-Current Principal.txt (from rev 3490, CalendarServer/trunk/doc/RFC/draft-sanchez-webdav-current-principal.txt)
===================================================================
--- CalendarServer/trunk/doc/RFC/rfc5397-Current Principal.txt	                        (rev 0)
+++ CalendarServer/trunk/doc/RFC/rfc5397-Current Principal.txt	2008-12-10 18:17:33 UTC (rev 3500)
@@ -0,0 +1,281 @@
+
+
+
+Network Working Group                                         W. Sanchez
+Request for Comments: 5397                                      C. Daboo
+Category: Standards Track                                     Apple Inc.
+                                                           December 2008
+
+
+                   WebDAV Current Principal Extension
+
+Status of This Memo
+
+   This document specifies an Internet standards track protocol for the
+   Internet community, and requests discussion and suggestions for
+   improvements.  Please refer to the current edition of the "Internet
+   Official Protocol Standards" (STD 1) for the standardization state
+   and status of this protocol.  Distribution of this memo is unlimited.
+
+Copyright Notice
+
+   Copyright (c) 2008 IETF Trust and the persons identified as the
+   document authors.  All rights reserved.
+
+   This document is subject to BCP 78 and the IETF Trust's Legal
+   Provisions Relating to IETF Documents
+   (http://trustee.ietf.org/license-info) in effect on the date of
+   publication of this document.  Please review these documents
+   carefully, as they describe your rights and restrictions with respect
+   to this document.
+
+Abstract
+
+   This specification defines a new WebDAV property that allows clients
+   to quickly determine the principal corresponding to the current
+   authenticated user.
+
+Table of Contents
+
+   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 2
+   2.  Conventions Used in This Document . . . . . . . . . . . . . . . 2
+   3.  DAV:current-user-principal  . . . . . . . . . . . . . . . . . . 3
+   4.  Security Considerations . . . . . . . . . . . . . . . . . . . . 4
+   5.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 4
+   6.  Normative References  . . . . . . . . . . . . . . . . . . . . . 4
+
+
+
+
+
+
+
+
+
+Sanchez & Daboo              Standards Track                    [Page 1]
+
+RFC 5397                WebDAV Current Principal           December 2008
+
+
+1.  Introduction
+
+   WebDAV [RFC4918] is an extension to HTTP [RFC2616] to support
+   improved document authoring capabilities.  The WebDAV Access Control
+   Protocol ("WebDAV ACL") [RFC3744] extension adds access control
+   capabilities to WebDAV.  It introduces the concept of a "principal"
+   resource, which is used to represent information about authenticated
+   entities on the system.
+
+   Some clients have a need to determine which [RFC3744] principal a
+   server is associating with the currently authenticated HTTP user.
+   While [RFC3744] defines a DAV:current-user-privilege-set property for
+   retrieving the privileges granted to that principal, there is no
+   recommended way to identify the principal in question, which is
+   necessary to perform other useful operations.  For example, a client
+   may wish to determine which groups the current user is a member of,
+   or modify a property of the principal resource associated with the
+   current user.
+
+   The DAV:principal-match REPORT provides some useful functionality,
+   but there are common situations where the results from that query can
+   be ambiguous.  For example, not only is an individual user principal
+   returned, but also every group principal that the user is a member
+   of, and there is no clear way to distinguish which is which.
+
+   This specification proposes an extension to WebDAV ACL that adds a
+   DAV:current-user-principal property to resources under access control
+   on the server.  This property provides a URL to a principal resource
+   corresponding to the currently authenticated user.  This allows a
+   client to "bootstrap" itself by performing additional queries on the
+   principal resource to obtain additional information from that
+   resource, which is the purpose of this extension.  Note that while it
+   is possible for multiple URLs to refer to the same principal
+   resource, or for multiple principal resources to correspond to a
+   single principal, this specification only allows for a single http(s)
+   URL in the DAV:current-user-principal property.  If a client wishes
+   to obtain alternate URLs for the principal, it can query the
+   principal resource for this information; it is not the purpose of
+   this extension to provide a complete list of such URLs, but simply to
+   provide a means to locate a resource which contains that (and other)
+   information.
+
+2.  Conventions Used in This Document
+
+   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
+   document are to be interpreted as described in [RFC2119].
+
+
+
+
+Sanchez & Daboo              Standards Track                    [Page 2]
+
+RFC 5397                WebDAV Current Principal           December 2008
+
+
+   When XML element types in the namespace "DAV:" are referenced in this
+   document outside of the context of an XML fragment, the string "DAV:"
+   will be prefixed to the element type names.
+
+   Processing of XML by clients and servers MUST follow the rules
+   defined in Section 17 of WebDAV [RFC4918].
+
+   Some of the declarations refer to XML elements defined by WebDAV
+   [RFC4918].
+
+3.  DAV:current-user-principal
+
+   Name:  current-user-principal
+
+   Namespace:  DAV:
+
+   Purpose:  Indicates a URL for the currently authenticated user's
+      principal resource on the server.
+
+   Value:  A single DAV:href or DAV:unauthenticated element.
+
+   Protected:  This property is computed on a per-request basis, and
+      therefore is protected.
+
+   Description:  The DAV:current-user-principal property contains either
+      a DAV:href or DAV:unauthenticated XML element.  The DAV:href
+      element contains a URL to a principal resource corresponding to
+      the currently authenticated user.  That URL MUST be one of the
+      URLs in the DAV:principal-URL or DAV:alternate-URI-set properties
+      defined on the principal resource and MUST be an http(s) scheme
+      URL.  When authentication has not been done or has failed, this
+      property MUST contain the DAV:unauthenticated pseudo-principal.
+
+      In some cases, there may be multiple principal resources
+      corresponding to the same authenticated principal.  In that case,
+      the server is free to choose any one of the principal resource
+      URIs for the value of the DAV:current-user-principal property.
+      However, servers SHOULD be consistent and use the same principal
+      resource URI for each authenticated principal.
+
+   COPY/MOVE behavior:  This property is computed on a per-request
+      basis, and is thus never copied or moved.
+
+   Definition:
+
+      <!ELEMENT current-user-principal (unauthenticated | href)>
+      <!-- href value: a URL to a principal resource -->
+
+
+
+
+Sanchez & Daboo              Standards Track                    [Page 3]
+
+RFC 5397                WebDAV Current Principal           December 2008
+
+
+   Example:
+
+      <D:current-user-principal xmlns:D="DAV:">
+        <D:href>/principals/users/cdaboo</D:href>
+      </D:current-user-principal>
+
+4.  Security Considerations
+
+   This specification does not introduce any additional security issues
+   beyond those defined for HTTP [RFC2616], WebDAV [RFC4918], and WebDAV
+   ACL [RFC3744].
+
+5.  Acknowledgments
+
+   This specification is based on discussions that took place within the
+   Calendaring and Scheduling Consortium's CalDAV Technical Committee.
+   The authors thank the participants of that group for their input.
+
+   The authors thank Julian Reschke for his valuable input via the
+   WebDAV working group mailing list.
+
+6.  Normative References
+
+   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
+              Requirement Levels", BCP 14, RFC 2119, March 1997.
+
+   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
+              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
+              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
+
+   [RFC3744]  Clemm, G., Reschke, J., Sedlar, E., and J. Whitehead, "Web
+              Distributed Authoring and Versioning (WebDAV)
+              Access Control Protocol", RFC 3744, May 2004.
+
+   [RFC4918]  Dusseault, L., "HTTP Extensions for Web Distributed
+              Authoring and Versioning (WebDAV)", RFC 4918, June 2007.
+
+Authors' Addresses
+
+   Wilfredo Sanchez
+   Apple Inc.
+   1 Infinite Loop
+   Cupertino, CA  95014
+   USA
+
+   EMail: wsanchez at wsanchez.net
+   URI:   http://www.apple.com/
+
+
+
+
+Sanchez & Daboo              Standards Track                    [Page 4]
+
+RFC 5397                WebDAV Current Principal           December 2008
+
+
+   Cyrus Daboo
+   Apple Inc.
+   1 Infinite Loop
+   Cupertino, CA  95014
+   USA
+
+   EMail: cyrus at daboo.name
+   URI:   http://www.apple.com/
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Sanchez & Daboo              Standards Track                    [Page 5]
+
+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20081210/14378722/attachment-0001.html>


More information about the calendarserver-changes mailing list