draft-gregorio-09.txt   draft-ietf-atompub-protocol-00.txt 
yes J. Gregorio Network Working Group J. Gregorio, Ed.
BitWorking, Inc Internet-Draft BitWorking, Inc
December 10, 2003 Expires: December 30, 2004 R. Sayre, Ed.
Boswijck Memex Consulting
July 1, 2004
The AtomAPI The Atom Publishing Protocol
draft-ietf-atompub-protocol-00.txt
Abstract Status of this Memo
This memo presents a technique for using XML (Extensible Markup By submitting this Internet-Draft, I certify that any applicable
Language) and HTTP (HyperText Transport Protocol) to edit content. patent or other IPR claims of which I am aware have been disclosed,
and any of which I become aware will be disclosed, in accordance with
RFC 3668.
Table of Contents Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts.
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 3 Internet-Drafts are draft documents valid for a maximum of six months
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 and may be updated, replaced, or obsoleted by other documents at any
3. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . 5 time. It is inappropriate to use Internet-Drafts as reference
4. Introduction . . . . . . . . . . . . . . . . . . . . . . . 6 material or to cite them other than as "work in progress."
4.1 Purpose . . . . . . . . . . . . . . . . . . . . . . . . . 6
4.2 Terminology . . . . . . . . . . . . . . . . . . . . . . . 6
4.3 The AtomAPI Model . . . . . . . . . . . . . . . . . . . . 6
5. Functional Specification . . . . . . . . . . . . . . . . . 8
5.1 PostURI . . . . . . . . . . . . . . . . . . . . . . . . . 8
5.1.1 Locating . . . . . . . . . . . . . . . . . . . . . . . . . 8
5.1.2 Request . . . . . . . . . . . . . . . . . . . . . . . . . 8
5.1.3 Response . . . . . . . . . . . . . . . . . . . . . . . . . 8
5.2 EditURI . . . . . . . . . . . . . . . . . . . . . . . . . 9
5.2.1 Locating . . . . . . . . . . . . . . . . . . . . . . . . . 9
5.2.2 Request . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.3 FeedURI . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.3.1 Locating . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.3.2 Request . . . . . . . . . . . . . . . . . . . . . . . . . 11
5.3.3 Response . . . . . . . . . . . . . . . . . . . . . . . . . 11
5.4 Link Tag . . . . . . . . . . . . . . . . . . . . . . . . . 11
5.4.1 rel . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
5.4.2 href . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5.4.3 title . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5.4.4 type . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5.5 Atom Request and Response Body Constraints . . . . . . . . 12
5.5.1 id . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5.5.2 link . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
5.5.3 title . . . . . . . . . . . . . . . . . . . . . . . . . . 13
5.5.4 summary . . . . . . . . . . . . . . . . . . . . . . . . . 13
5.5.5 content . . . . . . . . . . . . . . . . . . . . . . . . . 14
5.5.6 issued . . . . . . . . . . . . . . . . . . . . . . . . . . 14
5.5.7 modified . . . . . . . . . . . . . . . . . . . . . . . . . 15
5.5.8 created . . . . . . . . . . . . . . . . . . . . . . . . . 15
5.5.9 author . . . . . . . . . . . . . . . . . . . . . . . . . . 15
The AtomAPI December 2003
5.5.10 contributor . . . . . . . . . . . . . . . . . . . . . . . 16 The list of current Internet-Drafts can be accessed at
5.5.11 generator . . . . . . . . . . . . . . . . . . . . . . . . 16 http://www.ietf.org/ietf/1id-abstracts.txt.
6. Security Considerations . . . . . . . . . . . . . . . . . 17
7. Appendices . . . . . . . . . . . . . . . . . . . . . . . . 18
7.1 SOAP Enabling . . . . . . . . . . . . . . . . . . . . . . 18
7.1.1 Servers . . . . . . . . . . . . . . . . . . . . . . . . . 18
7.1.2 Clients . . . . . . . . . . . . . . . . . . . . . . . . . 18
7.2 Example for a weblog . . . . . . . . . . . . . . . . . . . 18
7.3 Example for a wiki . . . . . . . . . . . . . . . . . . . . 19
8. Revision History . . . . . . . . . . . . . . . . . . . . . 20
9. Copyright . . . . . . . . . . . . . . . . . . . . . . . . 21
References . . . . . . . . . . . . . . . . . . . . . . . . 22
Author's Address . . . . . . . . . . . . . . . . . . . . . 22
The AtomAPI December 2003
1. Introduction The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
The AtomAPI is an application level protocol for publishing and This Internet-Draft will expire on December 30, 2004.
editing web resources. The protocol at its core is the HTTP transport
of Atom formatted representations.
To provide feedback on this draft RFC please visit the Atom Wiki [1] Copyright Notice
or join the atom-syntax mailing list [2].
The AtomAPI December 2003 Copyright (C) The Internet Society (2004). All Rights Reserved.
2. Terminology Abstract
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", This memo presents a protocol for using XML (Extensible Markup
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",the and "OPTIONAL" in Language) and HTTP (HyperText Transport Protocol) to edit content.
this document are to be interpreted as described in RFC2119.
The AtomAPI December 2003 The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources belonging to periodically
updated websites. The protocol at its core is the HTTP transport of
Atom-formatted representations. The Atom format is documented in the
Atom Syndication Format 0.3 PRE-DRAFT
(http://www.mnot.net/drafts/draft-nottingham-atom-format-02.html).
3. Scope To provide feedback on this Internet-Draft, join the atom-syntax
mailing list (http://www.imc.org/atom-syntax/index.html).
This document covers the editing of content of a periodically Table of Contents
updating website using the HTTP and XML. All of the XML payloads are
in Atom format, which is documented in the draft Atom Syndication
Format RFC [3].
The AtomAPI December 2003 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1 Notational Conventions . . . . . . . . . . . . . . . . . . 4
1.2 Terminology . . . . . . . . . . . . . . . . . . . . . . . 4
2. The Atom Publishing Protocol Model . . . . . . . . . . . . . 4
3. Functional Specification . . . . . . . . . . . . . . . . . . 5
3.1 PostURI . . . . . . . . . . . . . . . . . . . . . . . . . 5
3.1.1 Locating the PostURI . . . . . . . . . . . . . . . . . 5
3.1.2 Request . . . . . . . . . . . . . . . . . . . . . . . 5
3.1.3 Response . . . . . . . . . . . . . . . . . . . . . . . 5
3.2 EditURI . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2.1 Locating . . . . . . . . . . . . . . . . . . . . . . . 7
3.2.2 Request . . . . . . . . . . . . . . . . . . . . . . . 7
3.3 FeedURI . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.3.1 Locating . . . . . . . . . . . . . . . . . . . . . . . 8
3.3.2 Request . . . . . . . . . . . . . . . . . . . . . . . 8
3.3.3 Response . . . . . . . . . . . . . . . . . . . . . . . 8
3.4 Link Tag . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.4.1 rel . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.4.2 href . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.4.3 title . . . . . . . . . . . . . . . . . . . . . . . . 9
3.4.4 type . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.5 Atom Request and Response Body Constraints . . . . . . . . 9
3.5.1 id . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.5.2 link . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.5.3 title . . . . . . . . . . . . . . . . . . . . . . . . 10
3.5.4 summary . . . . . . . . . . . . . . . . . . . . . . . 10
3.5.5 content . . . . . . . . . . . . . . . . . . . . . . . 10
3.5.6 issued . . . . . . . . . . . . . . . . . . . . . . . . 11
3.5.7 modified . . . . . . . . . . . . . . . . . . . . . . . 11
3.5.8 created . . . . . . . . . . . . . . . . . . . . . . . 11
3.5.9 author . . . . . . . . . . . . . . . . . . . . . . . . 11
3.5.10 contributor . . . . . . . . . . . . . . . . . . . . 12
3.5.11 generator . . . . . . . . . . . . . . . . . . . . . 12
4. Security Considerations . . . . . . . . . . . . . . . . . . 12
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . 13
6. Appendix A - SOAP Enabling . . . . . . . . . . . . . . . . . 13
6.1 Servers . . . . . . . . . . . . . . . . . . . . . . . . . 13
6.2 Clients . . . . . . . . . . . . . . . . . . . . . . . . . 13
7. Appendix B - Examples . . . . . . . . . . . . . . . . . . . 13
7.1 Example for a weblog . . . . . . . . . . . . . . . . . . . 13
7.2 Example for a wiki . . . . . . . . . . . . . . . . . . . . 13
8. Revision History . . . . . . . . . . . . . . . . . . . . . . 14
9. Normative References . . . . . . . . . . . . . . . . . . . . 15
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 15
Intellectual Property and Copyright Statements . . . . . . . 16
4. Introduction 1. Introduction
4.1 Purpose The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources.
The AtomAPI is an application level protocol for publishing and 1.1 Notational Conventions
editing web resources.
4.2 Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", the and "OPTIONAL" in
this document are to be interpreted as described in RFC2119.
Atom Entry A fragment of a full Atom feed. In this case the fragment 1.2 Terminology
is a single 'entry' element and all it's child elements.
PostURI A URI that is used to create new resources. POSTing an Atom Atom Entry: An Atom Entry is a fragment of a full Atom feed. In this
case, the fragment is a single 'entry' element and all its child
elements. Each Atom Entry describes a single Web resource,
providing metadata and optionally a textual representation of that
resource.
PostURI: A URI that is used to create new resources. POSTing an Atom
Entry to this URI will create a new resource. Entry to this URI will create a new resource.
EditURI: A URI that is used to edit a resource. The editing is done
EditURI A URI that is used to edit a resource. The editing is done
using the HTTP verbs GET, PUT and DELETE. The representation of using the HTTP verbs GET, PUT and DELETE. The representation of
the resource is always that of an Atom Entry. the resource is always that of an Atom Entry.
FeedURI: The URI which identifies an Atom Feed.
FeedURI A URI that has a representation as a full Atom feed. 2. The Atom Publishing Protocol Model
4.3 The AtomAPI Model
AtomAPI is an application level protocol for publishing and editing
web resources. Using the common HTTP verbs provides a pattern for
working with all such web resources:
The Atom Publishing Protocol is an application-level protocol for
publishing and editing Web resources. Using the common HTTP verbs
provides a pattern for working with all such Web resources:
o GET is used to retrieve a representation of a resource or perform o GET is used to retrieve a representation of a resource or perform
a read-only query. a read-only query.
o PUT is used to update a known resource. o PUT is used to update a known resource.
o POST is used to create a new dynamically-named resource. o POST is used to create a new dynamically-named resource.
o DELETE is used to remove a resource. o DELETE is used to remove a resource.
There are different kinds of resources managed by the AtomAPI, each There are three major classes of URIs in this specification: PostURI,
of these have URIs and those URIs support a subset of the above FeedURI and EditURI. This specification defines the expected actions
methods. There are three major classes of URIs in this specification: for each of the methods listed. A URI MAY support methods not listed
PostURI, FeedURI and EditURI. This specification defines the expected here. For example, an EditURI could support a POST or OPTIONS
actions for each of the methods listed. Note that this does not method. However, what those methods do is beyond the scope of this
restrict a URI to only supporting just those methods listed, for
example an EditURI could support a POST method, or the OPTIONS
method, what those methods do is beyond the scope of this
specification. specification.
o EditURI: PUT, GET, DELETE o EditURI: PUT, GET, DELETE
The AtomAPI December 2003
o PostURI: POST o PostURI: POST
o FeedURI: GET o FeedURI: GET
This RFC does not specify the form of the URIs that are used. The URI This document does not specify the form of the URIs that are used.
space of each server is controlled, as defined by HTTP, by the server The URI space of each server is controlled, as defined by HTTP, by
alone. What this RFC does specify are the formats of the files that the server alone. What this document does specify are the formats of
are exchanged and the actions that can be performed on the URIs the files that are exchanged and the actions that can be performed on
embedded in those files. the URIs embedded in those files.
The AtomAPI December 2003
5. Functional Specification 3. Functional Specification
5.1 PostURI 3.1 PostURI
The PostURI is used to create entries. These can be either full The PostURI is used to create entries. These can be either full
entries, such as a weblog post, or they can be comments, or even a entries, such as a weblog post, or they can be comments, or even a
wiki page. The client POSTs a filled in Atom Entry to this URI. If wiki page. The client POSTs a filled-in Atom Entry to this URI. If
the request is succesful then multiple new URIs may be created that the request is successful, one or more Web resources MAY be created.
contain representations of varying types. For example, POSTing an For example, POSTing an Atom entry to a PostURI may create two new
Atom entry to a PostURI may create a new weblog entry with both an Web resources, an HTML representation and an Atom representation.
HTML and Atom representation now available. The URI of the newly
created Atom representation may in fact be an EditURI through which
the resource can be edited.
5.1.1 Locating 3.1.1 Locating the PostURI
For creating a new site Entry, the link tag is used. Note that a link The PostURI can be discovered in a link element with an @rel of
tag is used in both HTML and in the Atom format. A link tag of the 'service.post'. The link element containing a PostURI used to create
following format points to the PostURI for a site. In HTML the link a new entry MAY be discovered in three different places. The first
tags are always found in the head element, while in Atom they may place it may be found is in a <link> element in the 'head' element of
appear as children of the Feed and entry elements. an HTML document.
The second place a PostURI may be found an atom:link element that is
a child of the atom:feed element. The third place a PostURI may be
found is in the atom:link element of an atom:entry.
@@ TBD @@ - Discuss subordinate resources and what a PostURI means
based on where the URI was found.
<link rel="service.post" <link rel="service.post"
type="application/x.atom+xml" type="application/atom+xml"
href="URI for Posting goes here" href="URI for Posting goes here"
title="The name of the site."> title="The name of the site.">
Note: Multiple link tags may appear together and can be distinguished 3.1.2 Request
by having different 'rel', 'type' and 'title' attributes.
5.1.2 Request
The request contains a filled in Atom entry, subject to the The request contains a filled-in Atom entry, subject to the
constraints in section @@ TBD @@. constraints in section Section 3.5.
5.1.3 Response 3.1.3 Response
The expected status codes from a POST are 201, 303, 400, and 500. The possible status codes from a POST are 201, 303, 400, 401, 404,
401, 404, and 410 are also possible. 410 and 500.
5.1.3.1 201 3.1.3.1 Response code 201
Response includes a Location: header with the URI of the created Response includes a Location: header with the URI of the created
resource, i.e. the URI used to edit the entry, as opposed to the URI resource, i.e. the URI used to edit the entry, as opposed to the URI
used to display the content. The body of the response will contain used to display the content. The body of the response will contain
the entry "filled in" with time stamps and any other data the server the entry "filled-in" with time stamps and any other data the server
choses to reveal. This must contain enough information to enable a chooses to reveal. This must contain enough information to enable a
client to issue a subsequent PUT to this location. Note that the client to issue a subsequent PUT to this location. Note that the
The AtomAPI December 2003
server may chose to omit the content in the response, particularly if server may chose to omit the content in the response, particularly if
it is large. it is large.
5.1.3.2 303 3.1.3.2 Response code 303
The body of this response does not contain the filled in Entry, but The body of this response does not contain the filled-in Entry, but
the filled in Entry can be found under a different URI and SHOULD be the filled-in Entry can be found under a different URI and can be
retrieved using a GET method on that resource. The different URI retrieved using a GET method on that resource. The URI SHOULD be
SHOULD be given by the Location field in the response. given by the Location field in the response.
5.1.3.3 400 3.1.3.3 Response code 400
Indicates that the server believes that that data sent constitutes an Indicates that the server believes that that data sent constitutes an
invalid request. A short description of the error will appear on the invalid request. A short description of the error will appear on the
status line itself. A longer description will appear in the body. <http://www.w3.org/Protocols/rfc2616/rfc2616-sec6.html#sec6.1>
itself. A longer description will appear in the body.
5.1.3.4 500 3.1.3.4 Response code 500
Indicates that the server detected an internal error on the server Indicates that the server detected an internal error on the server
processing this request (such as an unhandled exception). A short processing this request (such as an unhandled exception). A short
description of the error will appear on the status line itself. A description of the error will appear on the
longer description will appear in the body. <http://www.w3.org/Protocols/rfc2616/rfc2616-sec6.html#sec6.1>
itself. A longer description will appear in the body.
5.2 EditURI 3.2 EditURI
An EditURI is used to edit a single entry. Each entry that is An EditURI is used to edit a single entry. Each entry that is
editable MUST have a unique URI. This URI supports both GET and PUT editable MUST have a unique URI. This URI supports both GET and PUT
and they are used in tandem for an editing cycle. The client GET's and they are used in tandem for an editing cycle. The client GETs
the represenation which is formatted as an Atom entry. The client may the representation which is formatted as an Atom entry. The client
then update the entry and then PUT it back to the same URI. The PUT may then update the entry and then PUT it back to the same URI. The
will cause all the related resources to be updated, for example, the PUT will cause all the related resources to be updated, for example,
HTML representaion. the HTML representation.
Note that the value of the content element in the Atom entry does not Note that the value of the content element in the Atom entry does not
have to exactly match the content element for the same entry when it have to exactly match the content element for the same entry when it
is represented in an Atom feed. For example, a server may allow the is represented in an Atom feed. For example, a server may allow the
client to post entries whose content is formatted as WikiML, yet the client to post entries whose content is formatted as WikiML, yet the
server may clean up such markup and transform it into well-formed server may clean up such markup and transform it into well-formed
XHTML before placing it in the publicly avialable Atom feed. Another XHTML before placing it in the publicly available Atom feed. Another
scenario is summaries, the EditURI is for editing the full content of scenario is summaries--the EditURI is for editing the full content of
an entry, but the server may only present excerpts when it produces an entry, but the server may only present excerpts when it produces
an Atom feed. an Atom feed.
A client will send a DELETE to the EditURI to delete an entry. A client will send a DELETE to the EditURI to delete an entry.
5.2.1 Locating 3.2.1 Locating
For editing a site Entry, the link tag is used. Note that a link tag For editing a site Entry, the link tag is used. Note that a link tag
The AtomAPI December 2003
is used in both HTML and in the Atom format. A link tag of the is used in both HTML and in the Atom format. A link tag of the
following format points to the EditURI for a site. In HTML the link following format points to the EditURI for a site. In HTML, the link
tags for editing are always found in the head element, while in Atom tags for editing are always found in the head element, while in Atom
they may appear as children of the entry elements. they may appear as children of the entry elements.
<link rel="service.edit" <link rel="service.edit"
type="application/x.atom+xml" type="application/atom+xml"
href="URI for Editing goes here" href="URI for Editing goes here"
title="Readable desc of the entry."> title="Readable desc of the entry.">
Note: The critical characteristic of this link tag is the @rel of Note: The critical characteristic of this link tag is the @rel of
'service.edit' and the @type of 'application/x.atom+xml'. 'service.edit' and the @type of 'application/atom+xml'.
5.2.2 Request 3.2.2 Request
A PUT request, and a GET response both contain a filled in Atom A PUT request, and a GET response both contain a filled-in Atom
entry, subject to the constraints in section @@ TBD @@. entry, subject to the constraints in section Section 3.5.
5.3 FeedURI 3.3 FeedURI
The FeedURI is used to retrieve a represenation in Atom format. Note The FeedURI is used to retrieve a representation in Atom format.
that this feed is different from a typical Atom feed in that it Note that this feed is different from a typical Atom feed in that it
contains "link" elements for navigating and manipulating the content contains "link" elements for navigating and manipulating the content
of the site. For example there should be a "link" element with of the site. For example there should be a "link" element with
rel="next" whose URI points to the next block of entries on the site. rel="next" whose URI points to the next block of entries on the site.
Similarly the feed element can contain a "link" element with Similarly, the feed element can contain a "link" element with
rel="service.post", the URI of which is a PostURI. Individual entries rel="service.post", the URI of which is a PostURI. Individual
should contain "link" elements with rel="service.edit" whose URIs are entries should contain "link" elements with rel="service.edit" whose
EditURIs. URIs are EditURIs.
@@ Editor's Note: @@ Note that the "service.feed" takes the place of @@ Editor's Note: @@ Note that the "service.feed" takes the place of
the Introspection File and the Search facet in previous versions of the Introspection File and the Search facet in previous versions of
the specification. That is, facet discovery, which was previously the specification. That is, facet discovery, which was previously
done by inspecting the Introspection file is now done by looking for done by inspecting the Introspection file is now done by looking for
"link" tags with an attribute "rel" set to "service.[something]" in "link" tags with an attribute "rel" set to "service.[something]" in
the "service.feed" file. At the same time the same representation the "service.feed" file. At the same time the same representation
replaces the search facet by having "link" tags that point to other replaces the search facet by having "link" tags that point to other
feeds using well knows 'rel' attribute values such as 'next' and feeds using well knows 'rel' attribute values such as 'next' and
'prev', or the search can branch in multiple directions by specifying 'prev', or the search can branch in multiple directions by specifying
multiple link tags with rel="service.feed" and having differing title multiple link tags with rel="service.feed" and having differing title
attributes that announce the kind of search results in that feed. attributes that announce the kind of search results in that feed.
5.3.1 Locating 3.3.1 Locating
A link tag of the following format points to the FeedURI. A link tag of the following format points to the FeedURI.
<link rel="service.feed" <link rel="service.feed"
type="application/x.atom+xml" type="application/atom+xml"
The AtomAPI December 2003
href="URI goes here" href="URI goes here"
title="The name of the site."> title="The name of the site.">
5.3.2 Request 3.3.2 Request
The request is a simple GET. No other verbs are currently specified The request is a simple GET. No other verbs are currently specified
for this URI. for this URI.
5.3.3 Response 3.3.3 Response
The expected status codes from a GET are 200, 301, 307, and 500. 401, The expected status codes from a GET are 200, 301, 307, and 500.
404, and 410 are also possible. 401, 404, and 410 are also possible.
5.3.3.1 301 3.3.3.1 Response code 301
The Feed has moved permanently, the new URI is given in the the The Feed has moved permanently, the new URI is given in the Location
Location header. header.
5.3.3.2 307 3.3.3.2 Response code 307
The Feed has moved temporarily, the new URI is given in the the The Feed has moved temporarily, the new URI is given in the Location
Location header. header.
5.4 Link Tag 3.4 Link Tag
The link tag is used in both HTML and Atom formats. There are slight The link tag is used in both HTML and Atom formats. There are slight
differences between the two usages. Here are the commonalities, differences between the two usages. Here are the commonalities,
differences, and a list of well-known values for the rel attribute. differences, and a list of well-known values for the rel attribute.
The link tag in HTML documents appears in the 'head' of the document. <http://www.w3.org/TR/html4/struct/links.html#edef-LINK> appears in
The 'head' section only allows a linear list of 'link' tags. The Atom the 'head' of the document. The 'head' section only allows a linear
format allows 'link' tags as children of both the 'feed' element and list of 'link' tags. The Atom format allows 'link' tags as children
of the 'entry' element. Note that this gives the information present of both the 'feed' element and of the 'entry' element. Note that
in the link tag more context. For example ... @@ TBD @@ this gives the information present in the link tag more context. For
example ... @@ TBD @@
5.4.1 rel 3.4.1 rel
This attribute describes the relationship from the current document, This attribute describes the relationship from the current document,
be it HTML or Atom, to the anchor specified by the href attribute. be it HTML or Atom, to the anchor specified by the href attribute.
The value of this attribute is a space-separated list of link types. The value of this attribute is a space-separated list of link types.
Note that these values are case insensitive. With type="application/ Note that these values are case insensitive. When used in concert
x.atom+xml" we have the following interpretations of the relations. with type="application/atom+xml", the relations may be interpreted as
follows.
alternate The URI in the href attribute points to an alternate alternate: The URI in the href attribute points to an alternate
representation of the containing resource. representation of the containing resource.
start: The Atom feed at the URI supplied in the href attribute
The AtomAPI December 2003
start The Atom feed at the URI supplied in the href attribute
contains the first feed in a linear sequence of entries. contains the first feed in a linear sequence of entries.
next: The Atom feed at the URI supplied in the href attribute
next The Atom feed at the URI supplied in the href attribute contains contains the next N entries in a linear sequence of entries.
the next N entries in a linear sequence of entries. prev: The Atom feed at the URI supplied in the href attribute
contains the previous N entries in a linear sequence of entries.
prev The Atom feed at the URI supplied in the href attribute contains service.edit: The URI given in the href attribute is used to edit a
the previous N entries in a linear sequence of entries.
service.edit The URI given in the href attribute is used to edit a
representation of the referred resource. representation of the referred resource.
service.post: The URI in the href attribute is used to create new
service.post The URI in the href attribute is used to create new
resources. resources.
service.feed: The URI given in the href attribute is a starting point
service.feed The URI given in the href attribute is a starting point
for navigating content and services. for navigating content and services.
5.4.2 href 3.4.2 href
URI of the resource being described by this link element. URI of the resource being described by this link element.
5.4.3 title 3.4.3 title
Offers advisory information about the link. Rendered to the user to Offers advisory information about the link. Rendered to the user to
help them choose among a set of links with the same rel and type help them choose among a set of links with the same rel and type
attributes. attributes.
5.4.4 type 3.4.4 type
The content type of the resource avaialable at the URI given in the The content type of the resource available at the URI given in the
href attribute of the link element. Most of the link types in this href attribute of the link element. Most of the link types in this
specification are on type 'application/x.atom+xml'. specification are on type 'application/atom+xml'.
5.5 Atom Request and Response Body Constraints 3.5 Atom Request and Response Body Constraints
The Atom format is used as the representation of all the resources in The Atom format is used as the representation of all the resources in
this specification. As it is used in differing contexts, there are this specification. As it is used in differing contexts, there are
different constraints of which elements may be present, and how their different constraints of which elements may be present, and how their
values should be interpreted. values should be interpreted.
5.5.1 id 3.5.1 id
PostURI MUST NOT be present. PostURI MUST NOT be present.
The AtomAPI December 2003
FeedURI MUST be present. FeedURI MUST be present.
EditURI EditURI
GET MUST be present. GET MUST be present.
PUT MUST be present. PUT MUST be present.
5.5.2 link 3.5.2 link
PostURI MAY be present. Servers may use the information to determine PostURI MAY be present. Servers MAY use the information to determine
the URI of the created resource. Relative URLs are to be the URI of the created resource. Relative URLs are to be
interpreted relative to xml:base. interpreted relative to xml:base.
FeedURI MUST be present. FeedURI MUST be present.
EditURI EditURI
GET MUST be present. GET MUST be present.
PUT MUST be present. PUT MUST be present.
5.5.3 title 3.5.3 title
PostURI MUST be present. The element may be empty, to explicitly PostURI MUST be present. The element may be empty, to explicitly
indicate "no title". Servers SHOULD NOT try to generate a title if indicate "no title". Servers SHOULD NOT try to generate a title
one is not provided. The type attribute MAY be present, and if not if one is not provided. The type attribute MAY be present, and if
it defaults to "text/plain". If present, it MUST represent a mime not it defaults to "text/plain". If present, it MUST represent a
type that the server supports The mode attribute MAY be present, MIME type that the server supports. The mode attribute MAY be
if not it defaults to "xml". If present, it must be "xml", present. If not present, it defaults to "xml". If present, it
"base64", or "escaped". MUST be "xml", "base64", or "escaped".
FeedURI MUST be present. FeedURI MUST be present.
EditURI EditURI
GET MUST be present. GET MUST be present.
PUT MUST be present. The element may be empty, to explicitly PUT MUST be present. The element may be empty, to explicitly
indicate "no title". Servers SHOULD NOT try to generate a title indicate "no title". Servers SHOULD NOT try to generate a
if one is not provided. title if one is not provided.
5.5.4 summary
The AtomAPI December 2003
PostURI MAY be present, if not present, indicates the server is 3.5.4 summary
welcome to produce its own summary. If present but empty then the
server SHOULD NOT generate a summary of its own. The type
attribute MAY be present, if not it defaults to "text/plain". If
present it must represent a mime type that the server supports.
The mode attribute MAY be present and defaults to "xml". If
present, it must be "xml","base64", or "escaped".
PostURI MAY be present. If not present, the server is welcome to
produce its own summary. If present but empty, the server SHOULD
NOT generate a summary of its own. The type attribute MAY be
present. If not, it defaults to "text/plain". If present, it
must represent a MIME type that the server supports. The mode
attribute MAY be present and defaults to "xml". If present, it
must be "xml","base64", or "escaped".
FeedURI MAY be present. FeedURI MAY be present.
EditURI EditURI
GET MAY be present. GET MAY be present.
PUT MAY be present. The element may be empty, to explicitly PUT MAY be present. The element may be empty, to explicitly
indicate "no summary". Servers SHOULD NOT try to generate a indicate "no summary". Servers SHOULD NOT try to generate a
title if one is not provided. title if one is not provided.
5.5.5 content 3.5.5 content
PostURI MAY be present but may be empty, to explicitly indicate "no PostURI MAY be present but may be empty, to explicitly indicate "no
content". The type attribute MAY be present, but defaults to content". The type attribute MAY be present, but defaults to
"text/plain" if not present. It must represent a mime type that "text/plain" if not present. It must represent a MIME type that
the server supports. The MODE attribute may be present and the server supports. The MODE attribute may be present and
defaults to "xml" if not present. It must be "xml","base64", or defaults to "xml" if not present. It must be "xml","base64", or
"escaped". "escaped".
FeedURI MAY be present. FeedURI MAY be present.
EditURI EditURI
GET MAY be present. GET MAY be present.
PUT MAY be present. The element may be empty, to explicitly PUT MAY be present. The element may be empty, to explicitly
indicate "no content". indicate "no content".
5.5.6 issued 3.5.6 issued
PostURI MUST be present but may be empty in which case it signifies PostURI MUST be present, but may be empty, in which case it signifies
"now" in the timezone of the server. "now" in the timezone of the server.
FeedURI MUST be present. FeedURI MUST be present.
EditURI EditURI
The AtomAPI December 2003
GET MUST be present. GET MUST be present.
PUT MUST be present. Server policy determines if an updated time PUT MUST be present. Server policy determines if an updated time
is accepted. is accepted.
5.5.7 modified 3.5.7 modified
PostURI MUST NOT be present. PostURI MUST NOT be present.
FeedURI MAY be present. FeedURI MAY be present.
EditURI EditURI
GET MAY be present. GET MAY be present.
PUT MAY be present. The element may be empty, to explicitly PUT MAY be present. The element may be empty, to explicitly
indicate that 'now' on the server time is to be used. indicate that 'now' on the server time is to be used.
5.5.8 created 3.5.8 created
PostURI MAY be present. PostURI MAY be present.
FeedURI MAY be present. FeedURI MAY be present.
EditURI EditURI
GET MAY be present. GET MAY be present.
PUT MAY be present. The server may or may not accept an updated PUT MAY be present. The server may or may not accept an updated
value. If the server does not allow updating the issued time value. If the server does not allow updating the issued time
then any PUT request with a differenct issued value MUST be then any PUT request with a different issued value MUST be
rejected. rejected.
5.5.9 author 3.5.9 author
PostURI MAY be present. If not present the server determines the PostURI MAY be present. If not present, the server determines the
author. If present and it conflicts with valid values as author. If present, and conflicting with valid values as
determined by the server, then the server may change the value of determined by the server, then the server may change the value of
author. author.
FeedURI MAY be present. FeedURI MAY be present.
EditURI EditURI
The AtomAPI December 2003
GET MAY be present. GET MAY be present.
PUT MAY be present. PUT MAY be present.
5.5.10 contributor 3.5.10 contributor
PostURI MAY be present. PostURI MAY be present.
FeedURI MAY be present. FeedURI MAY be present.
EditURI EditURI
GET MAY be present. GET MAY be present.
PUT MAY be present. PUT MAY be present.
5.5.11 generator 3.5.11 generator
PostURI MUST be present. The value of the element indicates the code
base used to create this request. MUST contain a valid URI. MUST
also have an attribute 'version' with a version number.
PostURI MUST be present and contain a URI. The value of the element
indicates the code base used to create this request. MUST also
have an attribute 'version' with a version number.
FeedURI MUST NOT be present. FeedURI MUST NOT be present.
EditURI EditURI
GET MUST NOT be present. GET MUST NOT be present.
PUT MUST NOT be present. PUT MUST NOT be present.
The AtomAPI December 2003 4. Security Considerations
6. Security Considerations Because Atom is a publishing protocol, it is important that only
authorized users can create and edit entries. The security of Atom
is based on HTTP Digest Authentication and/or the WSSE-style
authentication described in this document. Any weaknesses in either
of these two protocols will obviously affect the security of the Atom
publishing protocol.
Both HTTP Digest Authentication and the WSSE-style authentication
described in this document are susceptible to dictionary-based
attacks on the shared secret. If the shared secret is a password
(instead of a random string with sufficient entropy), an attacker can
determine the secret by exhaustively comparing the authenticating
string with hashed results of the public string and dictionary
entries.
See RFC 2617 for more detailed description of the security properties
of HTTP Digest Authentication.
@@TBD@@ Talk here about using HTTP basic and digest authentication. @@TBD@@ Talk here about using HTTP basic and digest authentication.
@@TBD@@ Talk here about denial of service attacks using large XML @@TBD@@ Talk here about denial of service attacks using large XML
files, or the billion laughs DTD attack. files, or the billion laughs DTD attack.
The AtomAPI December 2003 5. IANA Considerations
7. Appendices This document has no actions for IANA.
7.1 SOAP Enabling 6. Appendix A - SOAP Enabling
All servers SHOULD support the following alternate interface All servers SHOULD support the following alternate interface
mechanisms to enable a wider variety of clients to interact with mechanisms to enable a wider variety of clients to interact with Atom
AtomAPI servers. The following requirements are in addition to the Publishing Protocol servers. The following requirements are in
ones listed in the Functional Specification Section. If a server addition to the ones listed in the Functional Specification Section.
supports SOAP Enabling then it MUST support all of the following. If a server supports SOAP Enabling then it MUST support all of the
following.
7.1.1 Servers 6.1 Servers
1. All servers MUST support the limited use of the SOAPAction HTTP 1. All servers MUST support the limited use of the SOAPAction HTTP
Header as described below in the Client section. Header as described below in the Client section.
2. All servers MUST be able to process well formed XML. Servers
2. All servers MUST be able to process well formed XML. Servers need need not be able to handle processing instructions or DTDs.
not be able to handle processing instructions or DTDs.
3. Servers MUST accept content in a SOAP Envelope, and if they 3. Servers MUST accept content in a SOAP Envelope, and if they
receive a request that is wrapped in a SOAP Envelope then they receive a request that is wrapped in a SOAP Envelope then they
MUST wrap their responses in SOAP envelopes or produce a SOAP MUST wrap their responses in SOAP envelopes or produce a SOAP
Fault. Fault.
7.1.2 Clients 6.2 Clients
1. Clients SHOULD use the appropriate HTTP Method when possible. 1. Clients SHOULD use the appropriate HTTP Method when possible.
When not possible, they should use POST and include a SOAPAction When not possible, they should use POST and include a SOAPAction
HTTP header which is constrained as follows: HTTP header which is constrained as follows:
2. SOAPAction: "http://schemas.xmlsoap.org/wsdl/http/[METHOD]" 2. SOAPAction: "http://schemas.xmlsoap.org/wsdl/http/[METHOD]"
3. Where [METHOD] is replaced by the desired HTTP Method. 3. Where [METHOD] is replaced by the desired HTTP Method.
4. Clients MAY wrap their XML payload in a SOAP Envelope. If so, 4. Clients MAY wrap their XML payload in a SOAP Envelope. If so,
they must also wrap it in an element which exactly matches the they must also wrap it in an element which exactly matches the
HTTP Method. HTTP Method.
7.2 Example for a weblog 7. Appendix B - Examples
7.1 Example for a weblog
Fill this in with an example for how all the above is used for a Fill this in with an example for how all the above is used for a
weblog. Start with main HTML page, link tag of type service.feed to weblog. Start with main HTML page, link tag of type service.feed to
the 'introspection' file. 1. Creating a new entry 2. Finding an old the 'introspection' file. 1. Creating a new entry 2. Finding an
entry 3. editing an old entry 4. commenting on a entry (via HTML and old entry 3. editing an old entry 4. commenting on a entry (via
Atom) HTML and Atom)
The AtomAPI December 2003
7.3 Example for a wiki 7.2 Example for a wiki
Fill this in like above but for a wiki. Fill this in like above but for a wiki.
The AtomAPI December 2003
8. Revision History 8. Revision History
Rev draft-ietf-atompub-protocol-00 - 5Jul2004 - Renamed the file and
re-titled the document to conform to IETF submission guidelines.
Changed MIME type to match the one selected for the Atom format.
Numerous typographical fixes. We used to have two 'Introduction'
sections. One of them was moved into the Abstract the other absorbed
the Scope section. IPR and copyright notifications were added.
Rev 09 - 10Dec2003 - Added the section on SOAP enabled clients and Rev 09 - 10Dec2003 - Added the section on SOAP enabled clients and
servers. servers.
Rev 08 - 01Dec2003 - Refactored the specification, merging the Rev 08 - 01Dec2003 - Refactored the specification, merging the
Introspection file into the feed format. Also dropped the distinction Introspection file into the feed format. Also dropped the
between the type of URI used to create new entries and the kind used distinction between the type of URI used to create new entries and
to create comments. Dropped user preferences. the kind used to create comments. Dropped user preferences.
Rev 07 - 06Aug2003 - Removed the use of the RSD file for Rev 07 - 06Aug2003 - Removed the use of the RSD file for
auto-discovery. Changed copyright until a final standards body is auto-discovery. Changed copyright until a final standards body is
chosen. Changed query parameters for the search facet to all begin chosen. Changed query parameters for the search facet to all begin
with atom- to avoid name collisions. Updated all the Entries to with atom- to avoid name collisions. Updated all the Entries to
follow the 0.2 version. Changed the format of the search results and follow the 0.2 version. Changed the format of the search results and
template file to a pure element based syntax. template file to a pure element based syntax.
Rev 06 - 24Jul2003 - Moved to PUT for updating Entries. Changed all Rev 06 - 24Jul2003 - Moved to PUT for updating Entries. Changed all
the mime-types to application/x.atom+xml. Added template editing. the mime-types to application/x.atom+xml. Added template editing.
Changed 'edit-entry' to 'create-entry' in the Introspection file to Changed 'edit-entry' to 'create-entry' in the Introspection file to
more accurately reflect it's purpose. more accurately reflect it's purpose.
Rev 05 - 17Jul2003 - Renamed everything Echo into Atom. Added version Rev 05 - 17Jul2003 - Renamed everything Echo into Atom. Added
numbers in the Revision history. Changed all the mime-types to version numbers in the Revision history. Changed all the mime-types
application/atom+xml. to application/atom+xml.
Rev 04 - 15Jul2003 - Updated the RSD version used from 0.7 to 1.0. Rev 04 - 15Jul2003 - Updated the RSD version used from 0.7 to 1.0.
Change the method of deleting an Entry from POSTing <delete/> to Change the method of deleting an Entry from POSTing <delete/> to
using the HTTP DELETE verb. Also changed the query interface to GET using the HTTP DELETE verb. Also changed the query interface to GET
instead of POST. Moved Introspection Discovery to be up under instead of POST. Moved Introspection Discovery to be up under
Introspection. Introduced the term 'facet' for the services listed in Introspection. Introduced the term 'facet' for the services listed
the Introspection file. in the Introspection file.
Rev 03 - 10Jul2003 - Added a link to the Wiki near the front of the Rev 03 - 10Jul2003 - Added a link to the Wiki near the front of the
document. Added a section on finding an Entry. Retrieving an Entry document. Added a section on finding an Entry. Retrieving an Entry
now broken out into it's own section. Changed the HTTP status code now broken out into it's own section. Changed the HTTP status code
for a successful editing of an Entry to 205. for a successful editing of an Entry to 205.
Rev 02 - 7Jul2003 - Entries are no longer returned from POSTs, Rev 02 - 7Jul2003 - Entries are no longer returned from POSTs,
instead they are retrieved via GET. Cleaned up figure titles, as they instead they are retrieved via GET. Cleaned up figure titles, as
are rendered poorly in HTML. All content-types have been changed to they are rendered poorly in HTML. All content-types have been
application/atom+xml. changed to application/atom+xml.
Rev 01 - 5Jul2003 - Renamed from EchoAPI.html to follow the more Rev 01 - 5Jul2003 - Renamed from EchoAPI.html to follow the more
commonly used format: draft-gregorio-NN.html. Renamed all references commonly used format: draft-gregorio-NN.html. Renamed all references
to URL to URI. Broke out introspection into it's own section. Added to URL to URI. Broke out introspection into it's own section. Added
the Revision History section. Added more to the warning that the the Revision History section. Added more to the warning that the
example URIs are not normative. example URIs are not normative.
The AtomAPI December 2003 9 Normative References
9. Copyright
Copyright (C) Joe Gregorio (2003). All Rights Reserved.
The AtomAPI December 2003
References
[RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629, [RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629,
June 1999. June 1999.
[1] <http://www.intertwingly.net/wiki/pie/RestEchoApiDiscuss> Authors' Addresses
[2] <http://www.imc.org/atom-syntax/index.html>
[3] <http://www.mnot.net/drafts/
draft-nottingham-atom-format-00.html>
Author's Address
Joe Gregorio Joe Gregorio (editor)
BitWorking, Inc BitWorking, Inc
1002 Heathwood Dairy Rd. 1002 Heathwood Dairy Rd.
Apex, NC 27502 Apex, NC 27502
US US
Phone: +1 919 272 3764 Phone: +1 919 272 3764
EMail: joe@bitworking.com EMail: joe@bitworking.com
URI: http://bitworking.com/ URI: http://bitworking.com/
Robert Sayre (editor)
Boswijck Memex Consulting
148 N 9th St. 4R
Brooklyn, NY 11211
US
EMail: rfsayre@boswijck.com
URI: http://boswijck.com
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
The IETF has been notified of intellectual property rights claimed in
regard to some or all of the specification contained in this
document. For more information consult the online list of claimed
rights.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2004). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
 End of changes. 

This html diff was produced by rfcdiff 1.12, available from http://www.levkowetz.com/ietf/tools/rfcdiff/