WDIFF

draft-ietf-atompub-protocol-05.txt --> draft-ietf-atompub-protocol-06.txt

Network Working Group J. Gregorio, Ed.
Internet-Draft BitWorking, Inc
Expires: April 14, 30, 2006 B. de hOra, Ed.
Propylon Ltd.
October 11, 27, 2005

The Atom Publishing Protocol
draft-ietf-atompub-protocol-05.txt
draft-ietf-atompub-protocol-06.txt

Status of this Memo

By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.

Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.

This Internet-Draft will expire on April 14, 30, 2006.

Abstract

This memo presents a protocol for using XML (Extensible Markup
Language) and HTTP (HyperText Transport Protocol) to edit content.

The Atom Publishing Protocol (APP) is an application-level protocol
for publishing and editing Web resources. The protocol at its core is the based on
HTTP transport of Atom-formatted representations. The Atom format is
documented in the Atom Syndication Format
(draft-ietf-atompub-format-11.txt).

Editorial Note

Gregorio & de hOra Expires April 14, 30, 2006 [Page 1]

Internet-Draft The Atom Publishing Protocol October 2005

(draft-ietf-atompub-format-11.txt).

Editorial Note

To provide feedback on this Internet-Draft, join the atom-protocol
mailing list (http://www.imc.org/atom-protocol/index.html) [1].

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4
2. XML Namespace and Language Notational Conventions . . . . . . . . . . . . . . . . . . . 5
3. Notational Conventions Terminology . . . . . . . . . . . . . . . . . . . . . . . . 6
4. Terminology . Protocol Model . . . . . . . . . . . . . . . . . . . . . . . 7
5. The Atom Publishing Protocol Model Operations . . . . . . . . . . . . . 8
5.1 Collections . . . . . . . 8
5.1 Retrieving an Introspection Document . . . . . . . . . . . 8
5.2 Creating a Resource . . . . . 8
5.2 Editable Resources . . . . . . . . . . . . . . 8
5.3 Editing a Resource . . . . . . 9
5.2.1 Read . . . . . . . . . . . . . . 8
5.3.1 Retrieving a Resource . . . . . . . . . . . 10
5.2.2 Update . . . . . 9
5.3.2 Updating a Resource . . . . . . . . . . . . . . . . . 9
5.3.3 Deleting a Resource . . 10
5.2.3 Delete . . . . . . . . . . . . . . . 9
5.4 Listing Collections . . . . . . . . . 10
5.3 Capabilities Discovery . . . . . . . . . . 10
5.5 Success and Failure . . . . . . . . 11
5.4 Listing . . . . . . . . . . . 10
6. XML-related Conventions . . . . . . . . . . . . . . 11
5.5 Success and Failure . . . . 11
6.1 Referring to Information Items . . . . . . . . . . . . . . 11
6.2 XML Namespace Usage . . 12
6. Atom Publishing Protocol Documents . . . . . . . . . . . . . 13
6.1 Use of xml:base xml:lang . . . . 11
6.3 RELAX NG Schema . . . . . . . . . . . . . 13
6.2 Collection Documents . . . . . . . . 11
6.4 Use of xml:base and xml:lang . . . . . . . . . . . 14
6.2.1 Element Definitions . . . . 11
7. Introspection Documents . . . . . . . . . . . . . 14
6.3 Introspection Documents . . . . . 13
7.1 Introduction . . . . . . . . . . . . 16
6.3.1 Element Definitions . . . . . . . . . . . 13
7.2 Example . . . . . . 17
7. Introspection Resource . . . . . . . . . . . . . . . . . . . 20
7.1 Discovery 13
7.3 Element Definitions . . . . . . . . . . . . . . . . . . . 14
7.3.1 The 'app:service' Element . . . . . 20
8. Collection Resources . . . . . . . . . 14
7.3.2 The 'app:workspace' Element . . . . . . . . . . . 21
8.1 GET . . 14
7.3.3 The 'app:collection' Element . . . . . . . . . . . . . 15
7.3.4 The 'app:member-type' Element . . . . . . . . . . . . 21
8.2 POST 15
7.3.5 The 'app:list-template' Element . . . . . . . . . . . 16
8. Collections . . . . . . . . . . . . . . . . 21
8.3 Title: Header . . . . . . . . 18
8.1 Creating resources with POST . . . . . . . . . . . . . . 22
9. Entry Collections . 18
8.1.1 Title: Header . . . . . . . . . . . . . . . . . . . . 23
9.1 Editing 18
8.2 Entry Resources Collections . . . . . . . . . . . . . . . . . 23
9.2 . . . 19
8.2.1 Role of Atom Entry Elements During Editing . . . . . . . . 23
10. Generic 19
8.3 Media Collections . . . . . . . . . . . . . . . . . . . . 25
10.1 20
8.3.1 Editing Generic Media Resources . . . . . . . . . . . . . . . 25
10.2 Title: Header . . . . 20
9. Listing Collections . . . . . . . . . . . . . . . . . 25
11. List Resources . . . 21
10. Atom Entry Extensions . . . . . . . . . . . . . . . . . . . . 26
11.1 URI Templates . . . . . . . . . 23
10.1 The 'edit' Link Relation . . . . . . . . . . . . 26
11.2 URI Template Parameters . . . . 23
10.2 Publishing Control . . . . . . . . . . . . 27
11.2.1 \{index\} URI template variable . . . . . . . 23
10.2.1 The app:draft Element . . . 27
11.2.2 \{daterange\} URI template variable . . . . . . . . 27
11.2.3 Other URI Template parameters . . . . 24
11. Example . . . . . . . 28
12. Atom Entry Extensions . . . . . . . . . . . . . . . . . . . 29
13. 25
12. Securing the Atom Protocol . . . . . . . . . . . . . . . . . 30

Gregorio & de hOra Expires April 14, 2006 [Page 2]

Internet-Draft The Atom Publishing Protocol October 2005

14. 27
13. Security Considerations . . . . . . . . . . . . . . . . . . 31
15. 28
14. IANA Considerations . . . . . . . . . . . . . . . . . . . . 32
16. 29

Gregorio & de hOra Expires April 30, 2006 [Page 2]

Internet-Draft The Atom Publishing Protocol October 2005

15. References . . . . . . . . . . . . . . . . . . . . . . . . . 35
16.1 31
15.1 Normative References . . . . . . . . . . . . . . . . . . 35
16.2 31
15.2 Informative References . . . . . . . . . . . . . . . . . 36 32
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 37 33
A. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 38 34
B. RELAX NG Compact Schema . . . . . . . . . . . . . . . . . . 35
C. Revision History . . . . . . . . . . . . . . . . . . . . . . 39 38
Intellectual Property and Copyright Statements . . . . . . . 41 40

Gregorio & de hOra Expires April 14, 30, 2006 [Page 3]

Internet-Draft The Atom Publishing Protocol October 2005

1. Introduction

The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources using HTTP [RFC2616] and XML 1.0
[W3C.REC-xml-20040204].

Gregorio & de hOra Expires April 14, 2006 [Page 4]

Internet-Draft The Atom Publishing Protocol October 2005

2. XML Namespace and Language

The XML Namespaces URI [W3C.REC-xml-names-19990114] for the XML data
format described in this specification is: http://purl.org/atom/app#

XML elements defined by this specification MAY have an xml:lang
attribute, whose content indicates the natural language for the
element (and its descendents). The language context is only
significant for elements and attributes declared to be "Language-
Sensitive" by this specification. Requirements regarding protocol supports the content creation of
arbitrary web resources and interpretation provides facilities for:

o Collections: Sets of xml:lang are specified resources, which may be retrieved in [W3C.REC-xml-
20040204], Section 2.12. whole or
in part.

o Introspection: Discovering and describing collections.

o Editing: Creating, updating and deleting resources.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 5] 4]

Internet-Draft The Atom Publishing Protocol October 2005

2. Notational Conventions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].

Some sections of this specification are illustrated with fragments of
a non-normative RELAX NG Compact schema [RNC]. However,

Note: The Introspection Document allows the text use of
this specification provides the definition of conformance.

This specification uses the namespace prefix "app:" for the Namespace IRIs [RFC3987], as
well as URIs [RFC3986]. Every URI identified in Section 2 above. It uses the namespace prefix
"atom:" for the Namespace is an IRI, so any URI identified can be used
where an IRI is needed. How to map an IRI to a URI is specified in [AtomFormat]. Note that
choices
Section 3.1 of namespace prefix are arbitrary and not semantically
significant. Internationalized Resource Identifiers (IRIs)
[RFC3987].

Gregorio & de hOra Expires April 14, 30, 2006 [Page 6] 5]

Internet-Draft The Atom Publishing Protocol October 2005

3. Terminology

For convenience, this protocol may be referred to as "Atom Protocol"
or "APP". This

The phrase "the IRI of a document" in this specification uses both internally. is shorthand
for "an IRI which, when dereferenced, is expected to produce that
document as a representation".

URI/IRI - A Uniform Resource Identifier and Internationalized
Resource Identifier, respectively. These terms (and the distinction
between them) are defined in [RFC3986] and [RFC3987].

Resource

resource - A network data object or service that can be identified
by a URI, IRI, as defined in [RFC2616].

Representation See [W3C.REC-webarch-20041215]
for further discussion on resources.

representation - An entity included with a request or response as
defined in [RFC2616].

collection - A resource that contains a set of member IRIs, as
described in Section 8 of this specification.

member - A resource whose IRI is listed in a collection.

IRI template - A parameterized string that becomes a IRI when the
parameters are filled in. See Section 9.

introspection document - A document that describes the location and
capabilities of one or more collections. See Section 7

client writable element - An element of an Atom Entry whose value is
editable by the client and not enforced by the server.

server-controlled element - An element of an Atom Entry whose value
is enforced by the server and not editable by the client.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 7] 6]

Internet-Draft The Atom Publishing Protocol October 2005

5. The Atom Publishing

4. Protocol Model

The Atom Publishing Protocol is a subset of uses HTTP that is used to edit resources on the web. The APP operates on
It provides a list based mechanism for managing collections of Web
editable resources called member resources. Collections are HTTP resources, as are the members of contain the
collection. Both Collections
IRIs and collection metadata describing member resources support
the same basic interactions. resources. The patterns of interaction are based
on the common APP uses these
HTTP verbs. verbs:

o GET is used to retrieve a representation of a resource or perform
a read-only query.

o POST is used to create a new, dynamically-named resource, or to
provide a block of data to a data-handling process. resource.

o PUT is used to update a known resource.

o DELETE is used to remove a resource.

5.1 Collections

The APP groups resources into "Collections", which are analogous to
folders or directories found in a file system. In

This diagram shows the figure we have
member resources in a collection.

+-------------------------+
| Collection |
| |
| +----------------+ |
| | Member_A | |
| +----------------+ |
| |
| +----------------+ |
| | Member_B APP model:

+---------------+
| Introspection | +------------+
| +----------------+ |-->| Collection |
+---------------+ | |
| +----------------+ | +--------+
| |-->| Member | Member_C
| | +--------+
| +----------------+ |
| | .
| ... | .
| | .
| +----------------+ |
| | Member_Oldest +--------+
| |-->| Member |
| +----------------+ | +--------+
| |
+-------------------------+
+------------+

The introspection document contains the IRIs of one or more
collections. A collection contains IRIs and metadata describing
member resources. The protocol allows editing of resources with
representations of any media-type. Some types of collections are
specialized and restrict the resource representations of their
members.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 8] 7]

Internet-Draft The Atom Publishing Protocol October 2005

To add a new member to a collection

5. Protocol Operations

5.1 Retrieving an appropriate representation is
POSTed Introspection Document

Client Server
| |
| 1.) GET to the URI IRI of the collection resource. Here we show it being
added Introspection Document |
|------------------------------------------>|
| |
| 2.) Introspection Document |
|<------------------------------------------|
| |

1. The client sends a GET request to the beginnng IRI of the list. introspection
document.

2. The ordering of the members of
collections is in terms of server responds with the time at which each resource was last
updated, introspection document which includes
enumerates the act IRIs of creating all the resource. The
ordering of collection members is covered in more detail in Section 8 collections, and Section 11.

+-------------------------+
| Collection the capabilities
of those collections, that the service supports.

5.2 Creating a Resource

Client Server
| |
| 1.) POST to IRI of Collection | +----------------+ |
--------->| Member_New | |
|------------------------------------------>|
| +----------------+ |
| 2.) 201 Created |
|<------------------------------------------|
| +----------------+ |
| | Member_A | |
| +----------------+ |
| |
| +----------------+ |
| | Member_B | |
| +----------------+ |
| |
| +----------------+ |
| | Member_C | |
| +----------------+ |
| |
| ... |
| |
| +----------------+ |
| | Member_Oldest | |
| +----------------+ |
| |
+-------------------------+

You'll note that up until now we haven't said what kinds of
representations we are expecting at each of

1. The client POSTs a representation to the resources. There are
two kinds IRI of collections, Entry and Generic. In Entry Collections
all the members MUST have representations as Atom Entries. For
further restrictions on Entry Collection see Section 9 The other type collection.

2. If the member resource was created successfully the server
responds with a status code of collection is 201 and a Generic Collection. Generic Collections make no
restriction on Location: header that
contains the representations IRI of their member resources.

5.2 Editable Resources

All the members of newly created member resource.

5.3 Editing a collection are Editable Resources. An Editable
resource is Resource

Once a resource whose available HTTP methods can has been created and its IRI is known, that IRI may
be used to retrieve, update update, and delete it.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 9] 8]

Internet-Draft The Atom Publishing Protocol October 2005

5.2.1 Read

To retrieve a representation of the resource, you send

5.3.1 Retrieving a GET to the
URI of the Editable Resource. Remember that for members of Entry
Collections, the served representation will be an Atom Entry. Resource

Client Server
| |
| 1.) GET to Editable Resource URI Member IRI |
|------------------------------------------>|
| |
| 2.) 200 OK Member Representation |
|<------------------------------------------|
| |

1. The client sends a GET request to the member's URI. IRI to retrieve
its representation .

2. The server responds with the representation of the resource.

5.2.2 Update

To update an Editable

5.3.2 Updating a Resource the client will PUT an updated
representation to the URI of the resource.

Client Server
| |
| 1.) PUT to Editable Resource URI Member IRI |
|------------------------------------------>|
| |
| 2.) 200 OK |
|<------------------------------------------|

1. The client PUTs an updated representation to the member's URI. IRI.

2. The Upon a successful update of the resource the server MAY respond responds with an updated representation
a status code of the
member's new state.

5.2.3 Delete

An Editable 200.

5.3.3 Deleting a Resource is deleted by sending it DELETE. Note that this
also removes it from all the collections that it belonged to.

Gregorio & de hOra Expires April 14, 2006 [Page 10]

Internet-Draft The Atom Publishing Protocol October 2005

Client Server
| |
| 1.) DELETE to Editable Member Resource URI IRI |
|------------------------------------------>|
| |
| 2.) 200 Ok |
|<------------------------------------------|
| |

1. The client sends a DELETE request to the member's URI. IRI.

2. The server responds with Upon the successful status code.

5.3 Capabilities Discovery

Each collection deletion of the resource the server responds to GET and can return
with a Collection
Document as it's representation. status code of 200.

Gregorio & de hOra Expires April 30, 2006 [Page 9]

Internet-Draft The Collection Document enumerates Atom Publishing Protocol October 2005

Note: deleting a member also removes it from all the capabilities collections to
which it belongs.

5.4 Listing Collections

To enumerate the members of each a collection and the format client sends a GET to
its IRI. This IRI is described constructed from information in the
introspection document. An Atom Feed Document is returned with one
Atom Entry for each member resource that matches the selection
criteria in the IRI. See Section 9 and Section 6.2. 10 for a description
of the feed contents.

Client Server
| |
| 1.) GET to Collection List IRI |
|------------------------------->|
| |
| 2.) Collection Document 200 OK, Atom Feed Doc |
|<-------------------------------|
| |

1. The client sends a GET request to the Collection Resource. membership list IRI.

2. The server responds with a Collection an Atom Feed Document containing a
description of the capabilities
IRIs of all the collection. collection members that match the selection
criteria.

5.5 Success and Failure

The content
of this document can vary based on aspects of Atom Protocol uses HTTP status codes to signal the client request,
including, but not limited to, authentication credentials.

5.4 Listing

Clients can request a listing results of
protocol operations. Status codes of the Collection's membership.
Listing the Editable Resources form 2xx signal that are members of a collection is
done using one
request was successful. HTTP status codes of the List Resources in form 4xx or 5xx
signal that an error has occurred. Consult the Introspection Document,
utilizing HTTP specification
[RFC2616] for the 'app:uri-template' element. The List Resource returns
Atom Feed Documents with one Atom Entry for each member resource that
match the selection criteria. This is true whether the collection is
an Entry Collection or a Generic Collection. If an Entry Collection
is being interrogated, the entries returned by a list resource SHOULD definitions of HTTP status codes.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 11] 10]

Internet-Draft The Atom Publishing Protocol October 2005

NOT to be considered complete representations

6. XML-related Conventions

The data format in this specification is specified in terms of the member
resources. See Section 11
XML Information Set, serialised as XML 1.0 [W3C.REC-xml-20040204].
Atom Publishing Protocol Documents MUST be well-formed XML. This
specification does not define any DTDs for Atom Protocol, and Section 12 hence
does not require them to be valid (in the sense used by XML).

6.1 Referring to Information Items

This specification uses a shorthand for more details on two common terms: the
extensions phrase
"Information Item" is omitted when naming Element Information Items
and constraints found on Attribute Information Items. Therefore, when this specification
uses the entries returned from List
Resources.

Client Server
| |
| 1.) GET term "element," it is referring to List Resource |
|------------------------------->|
| |
| 2.) 200 OK, Atom Feed Doc |
|<-------------------------------|
| |

1. The client sends a GET request an Element Information
Item in Infoset terms. Likewise, when it uses the term "attribute,"
it is referring to an Attribute Information Item.

6.2 XML Namespace Usage

The Namespace URI [W3C.REC-xml-names-19990114] for the data format
described in this specification is:

http://purl.org/atom/app#

This specification uses the prefix "app:" for the Collection's Namespace URI.

2. The server responds with an Atom Feed Document containing a full
or partial listing
choice of namespace prefix is not semantically significant.

This specification also uses the Collection's membership.

5.5 Success and Failure

HTTP defines different classes prefix "atom:" for the Namespace URI
identified in [AtomFormat].

6.3 RELAX NG Schema

Some sections of response, which this specification are used by the
Atom Protocol. HTTP status codes illustrated with fragments of the form 2xx signal that
a
request was successful. HTTP status codes non-normative RELAX NG Compact schema [RNC]. However, the text of
this specification provides the form 4xx or 5xx
signal that an error has occurred, definition of conformance. A
complete schema appears in Appendix B.

6.4 Use of xml:base and xml:lang

XML elements defined by this specification MAY have an xml:base
attribute [W3C.REC-xmlbase-20010627]. When xml:base is used, it
serves the request has failed.
Consult function described in section 5.1.1 of [RFC3986],
establishing the HTTP specification [RFC2616] base URI (or IRI) for more detailed
definitions resolving any relative
references found within the effective scope of each status code. the xml:base
attribute.

Any element defined by this specification MAY have an xml:lang
attribute, whose content indicates the natural language for the

Gregorio & de hOra Expires April 14, 30, 2006 [Page 12] 11]

Internet-Draft The Atom Publishing Protocol October 2005

6. Atom Publishing Protocol Documents

This specification describes two kinds

element and its descendents. The language context is only
significant for elements and attributes declared to be "Language-
Sensitive" by this specification. Requirements regarding the content
and interpretation of xml:lang are specified in Section 2.12 of XML
1.0 [W3C.REC-xml-20040204], .
appCommonAttributes =
attribute xml:base { atomUri }?,
attribute xml:lang { atomLanguageTag }?,
undefinedAttribute*

Gregorio & de hOra Expires April 30, 2006 [Page 12]

Internet-Draft The Atom Publishing Protocol
Documents: Atom Collections Documents and Atom October 2005

7. Introspection
Documents.

An Atom Collection Document is Documents

7.1 Introduction

For authoring to commence, a representation of an Atom
collection, including metadata about client needs to first discover the collection,
capabilities and some or all locations of the members associated with it. Its root collections offered. This is the app:collection
element. done
using Introspection Documents. An Atom Introspection Document represents one or more describes
workspaces, which describe server-defined groupings of collections. Its root is
the app:service element.

namespace app = "..." start = appCollection | appIntrospection

Both kinds of Atom Publishing Protocol Documents are specified in
terms of the XML Information Set, serialised as XML 1.0 ([W3C.REC-
xml-20040204]). Atom Publishing Protocol Documents MUST be well-
formed XML. This specification does not define a DTD for Atom
Protocol, and hence does not require them to be valid (in the sense
used by XML).

Atom Collection Documents are identified with the "application/
atomcoll+xml" media type.

Atom Introspection Documents are identified with the "application/
atomserv+xml" media type.

Atom allows the use of IRIs [RFC3987], as well as URIs [RFC3986].
Every URI is an IRI, so any URI can be used where an IRI is needed.
While IRIs must, for many protocols, be mapped to URIs prior to
dereferencing, they MUST NOT be so mapped for comparison when used in
atom:id. Section 3.1 of [RFC3987] describes how to map an IRI to a
URI when necessary.

6.1 Use of xml:base xml:lang

Any element defined by this specification MAY have an xml:base
attribute [W3C.REC-xmlbase-20010627]. When xml:base is used in an
Atom Publishing Protocol Document, it serves the function described
in section 5.1.1 of [RFC3986], establishing the base URI (or IRI) for
resolving any relative references found within the effective scope of
the xml:base attribute.

Any element defined by this specification MAY have an xml:lang
attribute, whose content indicates the natural language for the

Gregorio & de hOra Expires April 14, 2006 [Page 13]

Internet-Draft The Atom Publishing Protocol October 2005

appCommonAttributes =
attribute xml:base { atomUri }?,
attribute xml:lang { atomLanguageTag }?,
undefinedAttribute*

6.2 Collection Documents

The Collection Document describes the capabilities of a Collection,
the types of Entries that it will support, the URI Templates it
supports.

The Collection Document has the media-type 'application/atomcoll+xml'
(see Section 15).

Here's an example document:

<?xml version="1.0" encoding='utf-8'?>
<app:collection xmlns:app="http://purl.org/atom/app#">
<app:member-type>entry</pub:member-type>
<app:uri-template>http://example.org/{index}</pub:uri-template>
<app:uri-template>http://example.org/{daterange}</pub:uri-template>
</app:collection>

This example says the Collection contains Atom Entry documents, and
that there are two means of selecting entries using what are called
'URI Templates'; one based on the collection's order, and another
based on dates. See Section 11.1 for more about URI Templates.

6.2.1 Element Definitions

6.2.1.1 The 'app:collection' Element

The app:collection is the document element of a Collection Document.

appCollection =
element app:collection {
appCommonAttributes,
( appMemberType+
appSearchTemplate
& anyElement* )

Gregorio & de hOra Expires April 14, 2006 [Page 14]

Internet-Draft The Atom Publishing Protocol October 2005

}

This specification defines two child elements for app:collection:

o app:member-type: any number of elements listing the types of
Entries that the Collection may contain.

o app:uri-template: any number of URI Templates for a List Resource
(See Section 11).

6.2.1.2 The 'app:member-type' Element

The app:member-type element contains information elements about the
types of Entries that the Collection may contain.

appMember =
element app:member-type {
appCommonAttributes,
appTypeValue
}

The element content of an app:member-type MUST be a string that is
non-empty, and matches either the "isegment-nz-nc" or the "IRI"
production in [RFC3987]. Note that use of a relative reference other
than a simple name is not allowed. If a name is given,
implementations MUST consider the link relation type to be equivalent
to the same name registered within the IANA Registry of Member Types
(Section 15), and thus the IRI that would be obtained by appending
the value of the rel attribute to the string
"http://www.iana.org/assignments/entrytype/".

The content of an app:member-type specifies constraints on the
Entries that may appear in the Collection. The app:collection
element MAY have multiple app:member-type elements. An Entry POSTed
to a Collection MUST meet the constraints of at least one of the app:
member-type constraints. It MAY meet more than one, but the minimum
requirement is at least one.

This specification defines two initial values for app:member-type
IANA registry:

o "entry" - The Collection is an Entry Collection as defined in
Section 9.

Gregorio & de hOra Expires April 14, 2006 [Page 15]

Internet-Draft The Atom Publishing Protocol October 2005

o "generic" - The Collection is a Generic Collection as defined in
Section 10.

6.2.1.3 The 'app:uri-template' Element

The element content of an app:uri-template is a URI Template for a
List Resource (See Section 11). Every List resource, whose URI is
determined by filling in the parameters in a URI Template, MUST
return an Atom feed document as its representation. This Atom feed
document MUST NOT contain entries which do not match the selection
criteria.

6.3 Introspection Documents

In order for authoring to commence, a client must first discover the
capabilities and locations of collections offered.

The Introspection Document describes "workspaces", which are server-
defined server-defined groupings of collections. There is no requirement that
servers support multiple workspaces, and a collection may appear in
more than one workspace.

The Introspection Document has the media-type 'application/
atomserv+xml', see Section 15

Here's an example document:

7.2 Example

<?xml version="1.0" encoding='utf-8'?>
<app:service xmlns:app="http://purl.org/atom/app#">
<app:workspace
<service xmlns="http://purl.org/atom/app#">
<workspace title="Main Site" >
<app:collection contents="entries"
<collection
title="My Blog Entries"
href="http://example.org/reilly/feed" />
<app:collection contents="generic"
title="Documents"
href="http://example.org/reilly/main" >
<member-type>entry</member-type>
<list-template>http://example.org/{index}</list-template>
</collection>
<collection
title="Pictures"
href="http://example.org/reilly/pic" />
</app:workspace>
<app:workspace >
<member-type>media</member-type>
<list-template>http://example.org/p/{index}</list-template>
</collection>
</workspace>
<workspace title="Side Bar Blog">
<app:collection contents="entries" title="Entries"
href="http://example.org/reilly/feed" />
<app:collection contents="http://example.net/booklist"
title="Books"
href="http://example.org/reilly/books" />
</app:workspace>
</app:service>
<collection title="Remaindered Links"
href="http://example.org/reilly/list" >
<member-type>entry</member-type>
<list-template>http://example.org/l/{index}</list-template>
</collection>
</workspace>
</service>

This example says there are two workspaces, each consisting of Introspection Document describes two

Gregorio & de hOra Expires April 14, 2006 [Page 16]

Internet-Draft The Atom Publishing Protocol October 2005

collections. workspaces. The first workspace is first,
called 'Mail', and 'Main Site', has two
collections, collections called 'My Blog Entries' and 'Documents'
'Pictures' whose locations IRIs are 'http://example.org/reilly/feed' 'http://example.org/reilly/main' and
'http://example.org/reilly/pic'.
'http://example.org/reilly/pic' respectively. 'My Blog Entries' contains Atom
Entries is
an Entry collection and 'Documents' contains Generic Entries. 'Pictures' is a Media collection. Entry and
Media collections are discussed in Section 7.3.4.

The second workspace is called 'Side Bar Blog' and also has two collections, a single
collection called 'Entries' and 'Books' 'Remaindered Links' whose locations are
'http://example.org/reilly/feed' and
'http://example.org/reilly/booklist'. 'Entries' contains Atom
Entries and 'Books' contains Generic Entries (since its contents
attribute collection IRI is not present you MUST assume it
'http://example.org/reilly/list'. 'Remaindered Links' is an Entry
collection.

Gregorio & de hOra Expires April 30, 2006 [Page 13]

Internet-Draft The Atom Publishing Protocol October 2005

Introspection documents are identified with the "application/
atomserv+xml" media type (see Section 14).

While an introspection document allows multiple workspaces, there is
no requirement that a Generic Collection).

6.3.1 service support multiple workspaces. In
addition, a collection MAY appear in more than one workspace.

7.3 Element Definitions

6.3.1.1

7.3.1 The 'app:service' Element

The root of an introspection document is the app:service element.
namespace app = "http://purl.org/atom/app#"
start = appService

The "app:service" element is the document element of a Introspection
Document, acting as a container for service data introspection
information associated with one or more workspaces. An app:service elements MAY
element MUST contain any number
of one or more app:workspace elements.

appService =
element app:service {
appCommonAttributes,
( appWorkspace* appWorkspace+
& anyElement* extensionElement* )
}

6.3.1.2

7.3.2 The 'app:workspace' Element

The 'workspace' 'app:workspace' element contains information elements about the
collections of resources available for editing. The app:workspace
elements MAY
element MUST contain any number of one or more app:collection elements.

appWorkspace =
element app:workspace {
appCommonAttributes,
attribute title { text },
( appCollection* appCollection+
& anyElement* extensionElement* )
}

Gregorio & de hOra Expires April 14, 2006 [Page 17]

Internet-Draft The Atom Publishing Protocol October 2005

6.3.1.2.1

7.3.2.1 The 'title' Attribute

The app:workspace element MUST contain a 'title' attribute, which
conveys a human-readable name for the workspace. This attribute is

Gregorio & de hOra Expires April 30, 2006 [Page 14]

Internet-Draft The Atom Publishing Protocol October 2005

Language-Sensitive.

6.3.1.3

7.3.3 The 'app:collection' Element

The 'app:collection' element describes collections app:collection contains information elements that describe the
location and their member
resources. capabilities of a collection.

appCollection =
element app:collection {
appCommonAttributes,
attribute title { text },
attribute href { text },
attribute contents { text },
anyElement*
( appMemberType
& appListTemplate
& extensionElement* )
}

6.3.1.3.1

7.3.3.1 The 'title' Attribute

The app:collection element MUST contain a 'title' attribute, whose
value conveys a human-readable name for the workspace. collection. This
attribute is Language-Sensitive.

6.3.1.3.2

7.3.3.2 The 'href' Attribute

The app:collection element MUST contain an 'href' attribute, whose
value conveys the IRI of the collection.

6.3.1.3.3 The 'contents' Attribute

The app:collection element MAY contain a 'contents' attribute. The
'contents' attribute conveys the nature of a collection's member
resources.

This specification defines two initial values child elements for the
'contents' attribute: app:collection:

o 'entry': A value of 'entry' for the contents attribute indicates app:member-type: a single element that contains the Collection is an Entry Collection (Section 9).

o 'generic': A value type of 'generic' for the contents attribute
indicates
members that the Collection is collection can contain.

o app:list-template: a Generic Collection
(Section 10).

If the attribute is not present, its value single element that contains a IRI template
of a membership list. (See Section 9).

7.3.4 The 'app:member-type' Element

The app:collection element MUST be considered to be

Gregorio & de hOra Expires April 14, 2006 [Page 18]

Internet-Draft contain one 'app:member-type'
element. The Atom Publishing Protocol October 2005

'generic'. app:member-type element value specifies the types of
members that can appear in the collection.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 19] 15]

Internet-Draft The Atom Publishing Protocol October 2005

7. Introspection Resource

To retrieve

appMemberType =
element app:member-type {
appCommonAttributes,
( appTypeValue )
}

appTypeValue = "entry" | "media"

An Entry POSTed to a collection MUST meet the constraints of the app:
member-type element.

This specification defines two initial values for the app:member-type
IANA registry:

o "entry" - The collection contains only member resources whose
representation MUST be an Introspection Document, Atom Entry. Further constraints on the client sends
representations of members in a GET request
to its URI.

GET /service-desc HTTP/1.1
Host: example.org
User-Agent: Cosimo/1.0
Accept: application/atomserv+xml collection of type "entry" are
listed in Section 8.2.

o "media" - The server responds to a GET request by returning an Introspection
Document collection contains member resources whose
representation can be of any media type. Additional constraints
are listed in Section 8.3.

In general the message body.

HTTP/1.1 200 OK
Date: Mon, 21 Mar 2005 19:20:19 GMT
Server: CountBasic/2.0
Last-Modified: Mon, 21 Mar 2005 19:17:26 GMT
ETag: "4c083-268-423f1dc6"
Content-Length: nnnn
Content-Type: application/atomserv+xml

<?xml version="1.0" encoding='utf-8'?>
<app:service xmlns:app="http://purl.org/atom/app#">
...
</app:service>

7.1 Discovery

[[anchor18: Add value of app:member-type MUST be a string that is non-
empty, and matches either the "isegment-nz-nc" or the "IRI"
production in desc [RFC3987]. Note that use of an HTML a relative reference other
than a simple name is not allowed. If a name is given,
implementations MUST consider the link element that points relation type to be equivalent
to the
Introspection Resource, or add it same name registered within the IANA Registry of Link
Relations Section 14, and thus the IRI that would be obtained by
appending the value of the rel attribute to the autodisco draft]] string
"http://www.iana.org/assignments/member-type/".

7.3.5 The 'app:list-template' Element

The app:collection element MUST contain one 'app:list-template'
elements. The element content of app:list-template is an IRI
template (Section 9) for a collection.

appListTemplate =
element app:list-template {
appCommonAttributes,
( appUriTemplate )
}

appUriTemplate = xsd:string { pattern = ".+\{.+\}.*" }

Gregorio & de hOra Expires April 14, 30, 2006 [Page 20] 16]

Internet-Draft The Atom Publishing Protocol October 2005

8. Collection Resources

Gregorio & de hOra Expires April 30, 2006 [Page 17]

Internet-Draft The Atom Collection is a set of related resources. All members of a
collection have an "app:updated" property, and the Collection is
considered to be ordered by this property.

This specification defines two HTTP methods for use with collection
resources: GET and POST. Publishing Protocol October 2005

8. Collections

8.1 GET

A GET to a Collection Resource returns a Collection Document,
outlining the Collection. Collection Documents are described in
Section 6.2.

8.2 Creating resources with POST

In addition to GET, a Collection Resource also

Every collection accepts POST requests.
The requests to create resources - the
client POSTs a representation of the desired resource to the
Collection Resource. Note that some collections may IRI of
the collection. Collections MAY impose constraints on the media-types media-
types that are created in a Collection collection and MAY generate a response
with a status code of 415 ("Unsupported Media Type").

In the case of a successful creation, the

The status code returned for a successful creation POST MUST be 201
("Created").

Every

A successful creation POST MUST return a Location: header with the
URI of the newly created resource.

Here's an example.

Clients MAY POST invalid Atom for initial resource creation -
specifically the id and link elements MAY be omitted.

Below, the client requests to create a resource in a Collection:

Gregorio & de hOra Expires April 14, 2006 [Page 21]

Internet-Draft The Atom Publishing Protocol October 2005 collection:

POST /edit HTTP/1.1
Host: example.org
User-Agent: Cosimo/1.0
Accept: application/atom+xml Thingio/1.0
Content-Type: application/atom+xml
Content-Length: 601

<atom:entry xmlns:atom="http://www.w3.org/2005/Atom">
<atom:title>Mars Attacks!</atom:title>
<atom:summary type="html">
Why cant we all just... get along?
</atom:summary>
<atom:author>
<atom:name>The President</atom:name>
<atom:uri>http://www.example.org/blog</atom:uri>
</atom:author>
<atom:content type="html" xml:lang="en"
xml:base="http://www.example.org/blog/">
<p>
Why can't we...work out our differences?
Why can't we...work things out?
Little people...why can't we all just...get along?
</p>
</atom:content>
</atom:entry> nnn

<entry xmlns="http://www.w3.org/2005/Atom">
<title>Atom-Powered Robots Run Amok</title>
<updated>2003-12-13T18:30:02Z</updated>
<summary>Some text.</summary>
</entry>
The resource is created by sending an Atom Entry as the entity body.

Assuming the server created the resource successfully, it sends back

Successful creation is indicated by a 201 Created created response with and
includes a Location: header that contains the IRI
of the newly created member as an Editable Resource. header.

HTTP/1.1 201 Created
Date: Fri, 7 Oct 2005 17:17:11 GMT
Content-Length: 663
Content-Type: application/atom+xml; charset="utf-8" 0
Location: http://example.org/edit/first-post.atom

8.3

8.1.1 Title: Header

The POST to a Collection Resource collection MAY contain a Title: header that indicates
the clients client's suggested name title for the resource. The server MAY ignore
the Title: header or modify the requested name to suit
local conventions.

Title = "Title" ":" [text] title.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 22] 18]

Internet-Draft The Atom Publishing Protocol October 2005

Title = "Title" ":" [text]

The syntax of this header MUST conform to the augmented BNF grammar
in section 2.1 of the HTTP/1.1 specification [RFC2616].

8.2 Entry Collections

Entry Collections are Collections collections that restrict their membership to
Atom entries.

9.1 Editing Entry Resources

Atom entries Entries. They are edited identified by sending HTTP requests to having an app:member-type of
"entry". Every member representation MUST contain an individual
entry's URI. Servers can determine the processing necessary to
interpret atom:link
element with a request by examining relation of rel="edit" that contains the request's HTTP method and
'Content-Type' header.

Processing Client Requests

+-----------+------+--------+--------+------+
| | GET | PUT | DELETE | POST |
+-----------+------+--------+--------+------+
| No Body | Read | x | Delete | x |
| | | | | |
| Atom Body | x | Update | x | x |
+-----------+------+--------+--------+------+

9.2 IRI of the
member resource. Member representations MAY contain an app:control
element (Section 10.2).

8.2.1 Role of Atom Entry Elements During Editing

The elements of an Atom Entry Document are either a 'Writable
Element' client writable
or a 'Round Trip Element'. server controlled.

Client Writable Element - An element of an Atom Entry whose value is editable
by the client. Servers MAY modify the content of client and not enforced by writable
elements. Some reasons that a server may change client writable
content include length limits, obscenity filters or the server.

Round Trip Element addition of
boilerplate text.

Server Controlled - An element of an Atom Entry whose value is
enforced by the server and not editable by the client.

That categorization will determine Clients
SHOULD NOT change the elements' disposition during
editing. value of server controlled elements. Servers
MUST NOT rely on clients preserving the values of server controlled
elements.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 23] 19]

Internet-Draft The Atom Publishing Protocol October 2005

+--------------------+------------+

Table 2

Gregorio & de hOra Expires April 14, 2006 [Page 24]

Internet-Draft The Atom Publishing Protocol October 2005

10. Generic Collections

Generic Collections are Collections that do not have uniform
restrictions on the representations of the member resources.

10.1 Editing Generic Resources

Member resources are edited by sending HTTP requests to an individual
resource's URI. Servers can determine the processing necessary to
interpret a request by examining the request's HTTP method and
'Content-Type' header.

Table 1

8.3 Media Collections

Media Collections are collections whose member representations are
not constrained. They are identified by having an app:member-type of
"media".

8.3.1 Editing Media Resources

When a List membership list resource returns an Atom Feed enumerating the
contents of a Generic Media Collection, all the Entries MUST have an atom:content atom:
content element with a 'src' attribute.

10.2 Title: Header

The POST to a Generic Collection Resource MAY contain When creating a Title: header
that indicates the clients suggested title for the resource. The
server MAY ignore public,
read-only reference to the Title: header or modify member resource, a client SHOULD use the requested title to
suit local conventions.

Title = "Title" ":" [text]
"atom:content/@src" attribute value.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 25] 20]

Internet-Draft The Atom Publishing Protocol October 2005

11. List Resources

List resources

9. Listing Collections

Collections, as identified in an Introspection Document, are
resources which are identified by URI templates
indicating selection criteria. They can be used where clients
require fine control over that MUST provide representations in the range or size form of a server's response.
A list resource MUST return an Atom feed document as its
representation. Feed
documents. The entries in the returned document Feed MUST be ordered by their
'atom:updated' property, with the most recently updated entries
coming first in the document order. Every entry in the Feed Document
MUST have an atom:link element with a relation of "edit" (See
Section 10.1). Clients MUST NOT assume that the entry an Atom Entry returned
in the feed Feed is a full representation of a member resource. If The value
of atom:updated is only changed when the entry change to a member resource
is an Editable Resource then considered significant. Insignificant changes do not result in
changes to the atom:updated value and thus do not change the position
of the
client should corresponding entry in a membership list. Clients SHOULD be
constructed with this in mind and SHOULD perform a GET on the member
resource before editing.

note:

Collections can contain extremely large numbers of resources. A
naive client such as a web spider or web browser would be overwhelmed
if the response to a GET contained every entry in this section some URIs carry across onto the next line; feed, and the
server would waste large amounts of bandwidth and processing time on
clients unable to handle the response.

For this reason, Introspection documents refer to collections not
with IRIs but with IRI Templates, contained in the "app:member-type"
child of "app:collection". An IRI Template is indicated by a '\'

11.1 URI Templates

URI Templates are a mechanism for declaring criteria against string containing
the embedded token "{index}".

To produce an IRI that can be used to retrieve part or all of the
collection, software replaces the "{index}" with a list
resource. By itself pair of positive
integer indices separated by a URI Template is not dash character. An IRI template MUST,
after such substitution has been performed, constitute a
syntactically valid URI. Instead
there are multiple parameters embedded IRI.

One or other index MAY be omitted, in which case the URI range is
understood as stretching to 0 or infinity. The index values are 0
based and distinguished select members from the collection based on the member's
index, with all of the members ordered by closing braces which can be populated and used as their 'atom:updated'
property. The response to the selection request MUST be an Atom Feed
where all the entries fall within the requested criteria. The value of each app:uri-template element in a Collection
document
request range is considered a URI Template.

Each URI template has closed set - if an entry matches one or more parameters that
end of the range exactly it MUST be substituted included in the response. If no
members fall in the requested range, the server MUST respond with an
Atom Feed containing no entries. If a membership list is returned
with values to construct a valid URI. The substitution MUST ensure number of entries that the resulting value is also properly percent-encoded utf-8.

Here are some examples less than the number of template URIs and corresponding populated
values:

http://example.org/blog/edit/{index}
http://example.org/blog/edit/3-9

http://example.org/blog/edit/{index}/foo
http://example.org/blog/edit/0-100/foo

http://example.org/blog/edit/{daterange}
http://example.org/blog/edit/daterange=\
2003-12-13T18:30:02Z-2003-12-13T18:30:02Z

http://example.org/blog/edit?dr={daterange}/bar/
http://example.org/blog/edit?dr=\
2003-12-13T18:30:02Z,2003-12-13T18:30:02Z/bar/

Note that entries
requested than the parameters client MAY appear at any place assume that it has made a request that
exceeds the last index of the members.

Gregorio & de hOra Expires April 30, 2006 [Page 21]

Internet-Draft The Atom Publishing Protocol October 2005

For example, suppose the client is supplied this IRI template:

http://example.org/blog/edit/{index}
If the client wants the first 15 entries in the URI template. collection it would
substitute the brace-delimited parameter {index}, with the value
0-14, giving:

http://example.org/blog/edit/0-14

Gregorio & de hOra Expires April 14, 30, 2006 [Page 26] 22]

Internet-Draft The Atom Publishing Protocol October 2005

11.2 URI Template Parameters

10. Atom Entry Extensions

This specification defines two parameters adds one new value to the Registry of Link
Relations and also adds a new element to Atom Entries called "app:
control" for use controlling publishing. These new links and app:
control elements MAY appear in URI Templates:

o index: allows selection into a collection's resources based as
though ordered by their 'atom:updated' property.

o daterange: allows selection into a collection's resources based on
their 'atom:updated' property

In both cases, membership lists and in member
representations.

10.1 The 'edit' Link Relation

This specification adds the response value "edit" to the selection request MUST be an Atom
Feed where all Registry of Link
Relations. The value of "edit" signifies that the entries fall within IRI in the requested criteria. The
request range value
of the href attribute is considered the IRI of the member resource, and is
intended to be used to update and delete resources as described in
this specification.

10.2 Publishing Control

This specification also adds a new element to Atom Entries for
controlling publishing.

pubControl =
element app:control {
atomCommonAttributes,
pubDraft?
& extensionElement
}

pubDraft =
element app:draft { "yes" | "no" }

The "app:control" element MAY appear as a closed set - if an entry matches one
end child of an "atom:entry"
which is being created or updated via the range exactly Atom Publishing Protocol.
The "app:control" element, if it MUST be included in the response. If no
members fall does appear in the requested range, the server MUST respond with an
Atom Feed containing no entries.

A Collection Document entry, MUST contain only
appear at least two app:uri-template
elements - most one for the {index} parameter template and the other for
the {daterange} parameter template. time.

The two parameters are not
mutually exclusive "app:control" element and its children elements MAY appear together be included
in a single Template URI.

11.2.1 \{index\} URI template variable Atom Feed or Entry Documents. The value "app:control" element is
considered "foreign markup" as defined in Section 6 of the {index} criterion MUST be a pair of non-negative
integer indices separated by a dash character. One or other index Atom
Syndication Format.

The "app:control" element MAY omitted, in which case the range is understood as stretching to
zero, contain exactly one app:draft element
and MAY contain zero or infinity.

index-specifier = [index] "-" [index]

For example, suppose the client is supplied this {index} URI
template:

http://example.org/blog/edit/{index}

If the client wants the first 15 entries more extension elements as outlined in the Collection it would
substitute the brace-delimited parameter {index}, with the value
1-15, giving:

http://example.org/blog/edit/1-15

11.2.2 \{daterange\} URI template variable

A URI Template with the variable 'daterange' allows querying for
Atom
Entries Syndication Format, Section 6. Both clients and servers MUST
ignore foreign markup present in a Collection according to their 'atom:updated' property. the app:control element that they do
not know.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 27] 23]

Internet-Draft The Atom Publishing Protocol October 2005

10.2.1 The value of the {daterange} criterion should be a pair of ISO
formatted dates separated by a dash character; either index may be
optionally omitted, in which case the range is understood as
stretching to infinity on that end.

daterange-specifier = [iso-date] "," [iso-date] app:draft Element

This specification defines only one child element for "app:control",
"app:draft".

The [iso-date] terminal MUST conform to the "date-time" production number of "app:draft" elements in
[RFC3339]. In addition, an uppercase "T" character "app:control" MUST be used to
separate date and time, and an uppercase "Z" character zero or
one. Its content MUST be
present in one of the absence values "yes" or "no". A value
of a numeric time zone offset.

For example, suppose "no" means that the client is supplied this {daterange} URI
Template:

http://example.org/blog/edit/{daterange} entry MAY be made publicly visible. If the client wants
"app:draft" element is missing then the entries in value is understood to be
"no". That is, if "app:control" and/or the collection between January "app:draft" elements are
missing from an entry then the entry is considered not a draft and
February 2006 it would substitute
can be made publicly visible. Clients MUST understand "app:draft"
elements and MUST NOT drop them from Atom Entries during editing.
Clients MUST NOT operate on the brace-delimited parameter
{daterange} with expectation that a server will honor
the desired selection value, giving this URI:

http://example.org/blog/edit/2006-01-01T00:00:00Z,\
2006-02-01T00:00:00Z

11.2.3 Other URI Template parameters

Other specifications value of an "app:draft" element. Servers MAY define new parameters for use in URI
templates ignore "app:draft"
elements and declared in the app:uri-template element. drop them from Atom Entries.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 28] 24]

Internet-Draft The Atom Publishing Protocol October 2005

12. Atom Entry Extensions

11. Example

This specification adds three new values to the Registry is an example of Link
Relations. a client creating a new entry with an image.
The value of 'collection' signifies client has an image to publish and an entry that the IRI in the value of the
href is the Collection includes an HTML
'img' element that uses that image. In this Entry belongs to. Any entry MAY
contain a link with scenario we consider a relation of 'collection'.

The value of 'edit' signifies
client that the IRI in the value has IRIs of the href
attribute identifies the resource that is used to edit the entry.
That is, it is the URI two collections, an entry collection and a
media collection, both of the Entry as which were discovered through an Editable Resource.
introspection document. The value IRI of 'srcedit' signifies that the entry collection is:

http://example.net/blog/edit/

The IRI in the value of the
href attribute identifies the resource that is used to edit media collection is:

http://example.net/binary/edit

First the client creates a new image resource pointed to by POSTing the 'src' attribute of the atom:content
element. That is, it is image to
the IRI of the atom:content@src as an
Editable Resource. If a link element with a relation of "srcedit" is
not given, then it's value defaults to the "src" attribute media collection.

POST /binary/edit/ HTTP/1.1
Host: example.net
User-Agent: Thingio/1.0
Content-Type: image/png
Content-Length: nnnn
Title: A picture of the
content element. List Resources for Generic Collections MUST return
entries that have 'srcedit' links or MUST have a atom:content@src
value.

If the "srcedit" link beach

...binary data...

The member resource is present, created and it's value is an empty string,
then there HTTP status code of 201 is no URI that can be treated in
returned.

HTTP/1.1 201 Created
Date: Fri, 25 Mar 2005 17:17:11 GMT
Content-Length: nnnn
Content-Type: application/atom+xml
Location: http://example.net/binary/edit/b/129.png

<?xml version="1.0" encoding="utf-8"?>
<entry xmlns="http://www.w3.org/2005/Atom">
<title>A picture of the way such a value
would be treated.

Clients SHOULD use beach.</title>
<link rel="edit"
href="http://example.net/binary/edit/b/129.png"/>
<id>urn:uuid:1225c695-cfb8-4ebb-aaaa-568596895695</id>
<updated>2005-09-02T10:30:00Z</updated>
<summary>Waves</summary>
<content type="image/png"
src="http://example.net/binary/readonly/129.png"/>
</entry>

Gregorio & de hOra Expires April 30, 2006 [Page 25]

Internet-Draft The Atom Publishing Protocol October 2005

The client then POSTs the "srcedit" value Atom Entry that refers to manipulate the resource
within the context of newly created
image resource. Note that the APP itself. Clients SHOULD prefer client takes the
"atom:content@src" value IRI
http://example.net/binary/readonly/129.png and uses it in any other context. For example, if the
resource is an image, a client may replace 'img'
element in the image data using a PUT Entry content:

POST /blog/edit/ HTTP/1.1
Host: example.net
User-Agent: Thingio/1.0
Content-Type: application/atom+xml
Content-Length: nnnn

<?xml version="1.0" encoding="utf-8"?>
<entry xmlns="http://www.w3.org/2005/Atom">
<title>What I did on my summer vacation</title>
<updated>2005-09-02T10:30:00Z</updated>
<summary>Beach!</summary>
<content type="xhtml" xml:lang="en">
<div xmlns="http://www.w3.org/1999/xhtml">
<p>We went to the "srcedit" value, and may even display beach for summer vacation.
Here is a preview picture of the image
by fetching the "srcedit" URI. But when creating a public, read-only
reference to the same image resource, the client should use waves rolling in:
<img
src="http://example.net/binary/readonly/129.png"
alt="A picture of the
"atom:content@src" value. beach."
/>
</p>
</div>
</content>
</entry>

Gregorio & de hOra Expires April 14, 30, 2006 [Page 29] 26]

Internet-Draft The Atom Publishing Protocol October 2005

13.

12. Securing the Atom Protocol

All instances of publishing Atom entries SHOULD be protected by
authentication to prevent posting or editing by unknown sources.
Atom servers and clients MUST support one of the following
authentication mechanisms, and SHOULD support both.

o HTTP Digest Authentication [RFC2617]

o [@@TBD@@ CGI Authentication ref]

Atom servers and clients MAY support encryption of the Atom session using
TLS [RFC2246]. (see [RFC2246]).

There are cases where an authentication mechanism may is not be required,
such as a publicly editable Wiki, or when using the PostURI POST to post send comments
to a site that does not require authentication to
create comments.

13.1 from a commenter.

12.1 [@@TBD@@ CGI Authentication]

This authentication method is included as part of the protocol to
allow Atom servers and clients that cannot use HTTP Digest
Authentication but where the user can both insert its own HTTP
headers and create a CGI program to authenticate entries to the
server. This scenario is common in environments where the user
cannot control what services the server employs, but the user can
write their own HTTP services.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 30] 27]

Internet-Draft The Atom Publishing Protocol October 2005

14.

13. Security Considerations

Because Atom is a publishing protocol, it is important that only
authorized users can create and edit entries.

The security of Atom is based on HTTP Digest Authentication and/or
[@@TBD@@ CGI Authentication]. Any weaknesses in either of these
authentication schemes will affect the security of the Atom
Publishing Protocol.

Both HTTP Digest Authentication and [@@TBD@@ CGI Authentication] are
susceptible to dictionary-based attacks on the shared secret. If the
shared secret is a password (instead of a random string with
sufficient entropy), an attacker can determine the secret by
exhaustively comparing the authenticating string with hashed results
of the public string and dictionary entries.

See RFC 2617 [RFC2617] for more detailed the description of the security properties of HTTP
Digest Authentication.

@@TBD@@ Talk here about using HTTP basic and digest authentication.

@@TBD@@ Talk here about denial of service attacks using large XML
files, or the billion laughs DTD attack.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 31] 28]

Internet-Draft The Atom Publishing Protocol October 2005

15.

14. IANA Considerations

An Atom Collection Introspection Document, when serialized as XML 1.0, can be
identified with the following media type:

MIME media type name: application

MIME subtype name: atomcoll+xml atomserv+xml

Mandatory parameters: None.

Optional parameters:

"charset": This parameter has identical semantics to the charset
parameter of the "application/xml" media type as specified in
[RFC3023].

Encoding considerations: Identical to those of "application/xml" as
described in [RFC3023], section 3.2.

Security considerations: As defined in this specification.
[[anchor31:
[[anchor22: update upon publication]]

In addition, as this media type uses the "+xml" convention, it
shares the same security considerations as described in [RFC3023],
section 10.

Interoperability considerations: There are no known interoperability
issues.

Published specification: This specification. [[anchor32: [[anchor23: update upon
publication]]

Applications that use this media type: No known applications
currently use this media type.

Additional information:

Magic number(s): As specified for "application/xml" in [RFC3023],
section 3.2.

File extension: .atomcoll .atomsrv

Fragment identifiers: As specified for "application/xml" in
[RFC3023], section 5.

Gregorio & de hOra Expires April 14, 2006 [Page 32]

Internet-Draft The Atom Publishing Protocol October 2005

Base URI: As specified in [RFC3023], section 6.

Macintosh File Type code: TEXT

Person and email address to contact for further information: Joe
Gregorio <joe@bitworking.org>

Intended usage: COMMON

Author/Change controller: IESG

An Atom Introspection Document, when serialized as XML 1.0, can be
identified with the following media type:

MIME media type name: application

MIME subtype name: atomserv+xml

Mandatory parameters: None.

Optional parameters:

"charset": This parameter has identical semantics to the charset
parameter of the "application/xml" media type as specified in
[RFC3023].

Encoding considerations: Identical to those of "application/xml" as
described in [RFC3023], section 3.2.

Security considerations: As defined in this specification.
[[anchor33: update upon publication]]

In addition, as this media type uses the "+xml" convention, it
shares the same security considerations as described in [RFC3023],
section 10.

Interoperability considerations: There are no known interoperability
issues.

Published specification: This specification. [[anchor34: update upon
publication]]

Applications that use this media type: No known applications
currently use this media type.

Additional information:

Gregorio & de hOra Expires April 14, 30, 2006 [Page 33] 29]

Internet-Draft The Atom Publishing Protocol October 2005

Magic number(s): As specified for "application/xml" in [RFC3023],
section 3.2.

File extension: .atomsrv

Fragment identifiers: As specified for "application/xml" in
[RFC3023], section 5.

Base URI: As specified in [RFC3023], section 6.

Macintosh File Type code: TEXT

Person and email address to contact for further information: Joe
Gregorio <joe@bitworking.org>

Intended usage: COMMON

Author/Change controller: This specification's author(s). [[anchor35: [[anchor24:
update upon publication]]

Gregorio & de hOra Expires April 14, 30, 2006 [Page 34] 30]

Internet-Draft The Atom Publishing Protocol October 2005

16.

15. References

16.1

15.1 Normative References

[AtomFormat]
Nottingham, M. and R. Sayre, "The Atom Syndication
Format", 1.0, July 2005.

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2246] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
RFC 2246, January 1999.

[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

[RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
Leach, P., Luotonen, A., and L. Stewart, "HTTP
Authentication: Basic and Digest Access Authentication",
RFC 2617, June 1999.

[RFC3023] Murata, M., St. Laurent, S., and D. Kohn, "XML Media
Types", RFC 3023, January 2001.

[RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet:
Timestamps", RFC 3339, July 2002.

[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, January 2005.

[RFC3987] Duerst, M. and M. Suignard, "Internationalized Resource
Identifiers (IRIs)", RFC 3987, January 2005.

[W3C.REC-xml-20040204]
Yergeau, F., Paoli, J., Sperberg-McQueen, C., Bray, T.,
and E. Maler, "Extensible Markup Language (XML) 1.0 (Third
Edition)", W3C REC REC-xml-20040204, February 2004.

[W3C.REC-xml-names-19990114]
Hollander, D., Bray, T., and A. Layman, "Namespaces in
XML", W3C REC REC-xml-names-19990114, January 1999.

[W3C.REC-xmlbase-20010627]
Marsh, J., "XML Base", W3C REC W3C.REC-xmlbase-20010627,
June 2001.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 35] 31]

Internet-Draft The Atom Publishing Protocol October 2005

16.2

15.2 Informative References

[RNC] Clark, J., "RELAX NG Compact Syntax", December 2001.

[W3C.REC-webarch-20041215]
Walsh, N. and I. Jacobs, "Architecture of the World Wide
Web, Volume One", W3C REC REC-webarch-20041215,
December 2004.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 32]

Internet-Draft The Atom Publishing Protocol October 2005

URIs

[1] <http://www.imc.org/atom-protocol/index.html>

Authors' Addresses

Joe Gregorio (editor)
BitWorking, Inc
1002 Heathwood Dairy Rd.
Apex, NC 27502
US

Phone: +1 919 272 3764
Email: joe@bitworking.com
URI: http://bitworking.com/

Bill de hOra (editor)
Propylon Ltd.
45 Blackbourne Square, Rathfarnham Gate
Dublin, Dublin D14
IE

Phone: +353-1-4927444
Email: bill.dehora@propylon.com
URI: http://www.propylon.com/

Gregorio & de hOra Expires April 30, 2006 [Page 33]

Internet-Draft The Atom Publishing Protocol October 2005

Appendix A. Contributors

The content and concepts within are a product of the Atom community
and the Atompub Working Group.

Gregorio & de hOra Expires April 30, 2006 [Page 34]

Internet-Draft The Atom Publishing Protocol October 2005

Appendix B. RELAX NG Compact Schema

This appendix is informative.

The Relax NG schema explicitly excludes elements in the APP namespace
which are not defined in this revision of the specification.
Requirements for APP Processors encountering such markup are given in
Section 6.2 and Section 6.3 of [AtomFormat].

# -*- rnc -*-
# RELAX NG Compact Syntax Grammar for the Atom Protocol

namespace app = "http://purl.org/atom/app#"
namespace local = ""

start = appService

# common:attrs

appCommonAttributes =
attribute xml:base { atomUri }?,
attribute xml:lang { atomLanguageTag }?,
undefinedAttribute*

undefinedAttribute =
attribute * - (xml:base | xml:lang | local:*) { text }

atomUri = text

atomLanguageTag = xsd:string {
pattern = "[A-Za-z]{1,8}(-[A-Za-z0-9]{1,8})*"
}

# app:service

appService =
element app:service {
appCommonAttributes,
( appWorkspace+
& extensionElement* )
}

# app:workspace

appWorkspace =
element app:workspace {
appCommonAttributes,
attribute title { text },

Gregorio & de hOra Expires April 30, 2006 [Page 35]

Internet-Draft The Atom Publishing Protocol October 2005

( appCollection+
& extensionElement* )
}

# app:collection

appCollection =
element app:collection {
appCommonAttributes,
attribute title { text },
attribute href { text },
( appMemberType
& appListTemplate
& extensionElement* )
}

# app:member

appMemberType =
element app:member-type {
appCommonAttributes,
( appTypeValue )
}

appTypeValue = "entry" | "media"

# app:list-template

appListTemplate =
element app:list-template {
appCommonAttributes,
( appUriTemplate )
}

# Whatever an IRI template is, it contains at least {index}

appUriTemplate = xsd:string { pattern = ".+\{index\}.*" }

# Simple Extension

simpleExtensionElement =
element * - app:* {
text
}

# Structured Extension

Gregorio & de hOra Expires April 30, 2006 [Page 36]

Internet-Draft The Atom Publishing Protocol October 2005

URIs

[1] <http://www.imc.org/atom-protocol/index.html>

Authors' Addresses

Joe Gregorio (editor)
BitWorking, Inc
1002 Heathwood Dairy Rd.
Apex, NC 27502
US

Phone: +1 919 272 3764
Email: joe@bitworking.com
URI: http://bitworking.com/

Bill de hOra (editor)
Propylon Ltd.
45 Blackbourne Square, Rathfarnham Gate
Dublin, Dublin D14
IE

Phone: +353-1-4927444
Email: bill.dehora@propylon.com
URI: http://www.propylon.com/

structuredExtensionElement =
element * - app:* {
(attribute * { text }+,
(text|anyElement)*)
| (attribute * { text }*,
(text?, anyElement+, (text|anyElement)*))
}

# Other Extensibility

extensionElement =
simpleExtensionElement | structuredExtensionElement

# Extensions

anyElement =
element * {
(attribute * { text }
| text
| anyElement)*
}

# EOF

Gregorio & de hOra Expires April 14, 30, 2006 [Page 37]

Internet-Draft The Atom Publishing Protocol October 2005

Appendix A. Contributors

The content C. Revision History

draft-ietf-atompub-protocol-06 - Removed: Robert Sayre from the
contributors section per his request. Added in
PaceCollectionControl. Fixed all the {daterange} verbage and concepts within are
examples so they all use a product dash. Added full rnc schema. Collapsed
Introspection and Collection documents into a single document.
Removed {dateRange} queries. Renamed search to list. Moved
discussion of media and entry collection until later in the Atom community document
and tied the Atompub Working Group. Robert Sayre was an editor for drafts
00-04.

Gregorio & de hOra Expires April 14, 2006 [Page 38]

Internet-Draft The Atom Publishing Protocol October 2005

Appendix B. Revision History discussion to the Introspection element app:member-type.

draft-ietf-atompub-protocol-05 - Added: Contributors section. Added:
de hOra to editors. Fixed: typos. Added diagrams and description to
model section. Incorporates PaceAppDocuments, PaceAppDocuments2,
PaceSimplifyCollections2 (large-sized chunks of it anyhow: the
notions of Entry and Generic resources, the section 4 language on the
Protocol Model, 4.1 through 4.5.2, the notion of a Collection
document, as in Section 5 through 5.3, Section 7 "Collection
resources", Selection resources (modified from pace which talked
about search); results in major mods to Collection Documents, Section
9.2 "Title: Header" and brokeout para to section 9.1 Editing Generic
Resources). Added XML namespace and language section. Some cleanup
of front matter. Added Language Sensitivity to some attributes.
Removed resource descriptions from terminology. Some juggling of
sections. See:
http://www.imc.org/atom-protocol/mail-archive/msg01812.html.

draft-ietf-atompub-protocol-04 - Add ladder diagrams, reorganize, add
SOAP interactions

draft-ietf-atompub-protocol-03 - Incorporates PaceSliceAndDice3 and
PaceIntrospection.

draft-ietf-atompub-protocol-02 - Incorporates Pace409Response,
PacePostLocationMust, and PaceSimpleResourcePosting.

draft-ietf-atompub-protocol-01 - Added in sections on Responses for
the EditURI. Allow 2xx for response to EditURI PUTs. Elided all
mentions of WSSE. Started adding in some normative references.
Added the section "Securing the Atom Protocol". Clarified that it is
possible that the PostURI and FeedURI could be the same URI. Cleaned
up descriptions for Response codes 400 and 500.

Rev draft-ietf-atompub-protocol-00 - 5Jul2004 - Renamed the file and
re-titled the document to conform to IETF submission guidelines.
Changed MIME type to match the one selected for the Atom format.
Numerous typographical fixes. We used to have two 'Introduction'
sections. One of them was moved into the Abstract the other absorbed

Gregorio & de hOra Expires April 30, 2006 [Page 38]

Internet-Draft The Atom Publishing Protocol October 2005

the Scope section. IPR and copyright notifications were added.

Rev 09 - 10Dec2003 - Added the section on SOAP enabled clients and
servers.

Rev 08 - 01Dec2003 - Refactored the specification, merging the
Introspection file into the feed format. Also dropped the
distinction between the type of URI used to create new entries and
the kind used to create comments. Dropped user preferences.

Gregorio & de hOra Expires April 14, 2006 [Page 39]

Internet-Draft The Atom Publishing Protocol October 2005

Rev 07 - 06Aug2003 - Removed the use of the RSD file for auto-
discovery. Changed copyright until a final standards body is chosen.
Changed query parameters for the search facet to all begin with atom-
to avoid name collisions. Updated all the Entries to follow the 0.2
version. Changed the format of the search results and template file
to a pure element based syntax.

Rev 06 - 24Jul2003 - Moved to PUT for updating Entries. Changed all
the mime-types to application/x.atom+xml. Added template editing.
Changed 'edit-entry' to 'create-entry' in the Introspection file to
more accurately reflect it's its purpose.

Rev 05 - 17Jul2003 - Renamed everything Echo into Atom. Added
version numbers in the Revision history. Changed all the mime-types
to application/atom+xml.

Rev 04 - 15Jul2003 - Updated the RSD version used from 0.7 to 1.0.
Change the method of deleting an Entry from POSTing <delete/> to
using the HTTP DELETE verb. Also changed the query interface to GET
instead of POST. Moved Introspection Discovery to be up under
Introspection. Introduced the term 'facet' for the services listed
in the Introspection file.

Rev 03 - 10Jul2003 - Added a link to the Wiki near the front of the
document. Added a section on finding an Entry. Retrieving an Entry
now broken out into it's its own section. Changed the HTTP status code
for a successful editing of an Entry to 205.

Rev 02 - 7Jul2003 - Entries are no longer returned from POSTs,
instead they are retrieved via GET. Cleaned up figure titles, as
they are rendered poorly in HTML. All content-types have been
changed to application/atom+xml.

Rev 01 - 5Jul2003 - Renamed from EchoAPI.html to follow the more
commonly used format: draft-gregorio-NN.html. Renamed all references
to URL to URI. Broke out introspection into it's its own section. Added
the Revision History section. Added more to the warning that the
example URIs are not normative.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 40] 39]

Internet-Draft The Atom Publishing Protocol October 2005

Intellectual Property Statement

The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.

Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.

The IETF has been notified of intellectual property rights claimed in
regard to some or all of the specification contained in this
document. For more information consult the online list of claimed
rights.

Disclaimer of Validity

This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 41] 40]

Internet-Draft The Atom Publishing Protocol October 2005

Acknowledgment

Funding for the RFC Editor function is currently provided by the
Internet Society.

Gregorio & de hOra Expires April 14, 30, 2006 [Page 42] 41]

----