Re: Feedback on INHIBIT and RESTORE, please?
Glenn Strauss <gs-lists-ietf-http-wg@gluelogic.com> Tue, 05 March 2024 09:20 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0A6BC14F6A4 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 5 Mar 2024 01:20:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.759
X-Spam-Level:
X-Spam-Status: No, score=-2.759 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="iywZ+K0n"; dkim=pass (2048-bit key) header.d=w3.org header.b="i3YM7XfR"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4iEhi7UqEtVT for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 5 Mar 2024 01:20:59 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E163C14F696 for <httpbisa-archive-bis2Juki@ietf.org>; Tue, 5 Mar 2024 01:20:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:In-Reply-To:Content-Type:Mime-Version:References:Message-ID: Cc:To:From:Date:Reply-To; bh=zSpVs7ms/KjE3XBjwhXFru49KISGtOjN44GTZuQ5Nbw=; b= iywZ+K0nP27qg93O6JYOe3/N67AuGL8aOtSDxP/DbP/udoL9vyzsT+5fmiCkPIuhUjLSR6DCu8EwD lLAz5QW4AGcl63dcwRJKoLT1CY3Y0HaVNK2iDDRfsSADXtQqQyF6JwpnEqkQbIw81w8Y9myU59nWm PMUSQroumFjW+r0svL3Wo6qz5O+tv3BDulZx3RaPtFLyiW9oQXNex2xVaejKhgLSBJGFy1o2Vnm+5 vOEfRAA605Hh7Jn+xHIIAXe6/334WSlQJMyaO7Oz01xUkG8CFRJidePYDAnqpPoWQV/I1A/pymSHT YLTyCmj9wiDOm29jKTASstmw+2Ah1u5mlA==;
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1rhQw9-002Egw-11 for ietf-http-wg-dist@listhub.w3.org; Tue, 05 Mar 2024 09:18:13 +0000
Resent-Date: Tue, 05 Mar 2024 09:18:13 +0000
Resent-Message-Id: <E1rhQw9-002Egw-11@lyra.w3.org>
Received: from pan.w3.org ([3.222.182.102]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <gs-lists-ietf-http-wg@gluelogic.com>) id 1rhQw6-002EZw-0j for ietf-http-wg@listhub.w3.org; Tue, 05 Mar 2024 09:18:10 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=In-Reply-To:Content-Type:Mime-Version:References:Message-ID:Subject: Cc:To:From:Date:Reply-To; bh=zSpVs7ms/KjE3XBjwhXFru49KISGtOjN44GTZuQ5Nbw=; t=1709630289; x=1710494289; b=i3YM7XfRAYFXfRL2I5xh7r/MK7jlFKuc2LmPPiPaBRC1kho DlTQekJmaYrCLouVWU2iPQVskvI8REu5lZqGQpHnPvohEfis6KfOwECcTU4OsGUoaz4rVRftecWHn sbN1yJSVmkhc9D2xa/MIS4/L8EhnNWi4DOZwbJS3oyIoC8RQcntMC3P96CxXzV0eWl0v9pD+qDX8q 4SA2XNOi/J5dRUEn5cYbQcLcQVSrpi9zGjfoD3LnAt9PxM8oF3HVMGTbFgjSNA+r3iz08YDQC/3oK LZRNTg/GyIw89txX1R5e0jvb68xK0kjtEU2ggtRASI1bRMazri7JaHpbn6NvKUXA==;
Received-SPF: pass (pan.w3.org: domain of gluelogic.com designates 52.86.233.228 as permitted sender) client-ip=52.86.233.228; envelope-from=gs-lists-ietf-http-wg@gluelogic.com; helo=smtp1.atof.net;
Received: from smtp1.atof.net ([52.86.233.228]) by pan.w3.org with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (Exim 4.96) (envelope-from <gs-lists-ietf-http-wg@gluelogic.com>) id 1rhQw5-007ZKc-0u for ietf-http-wg@w3.org; Tue, 05 Mar 2024 09:18:09 +0000
X-Spam-Language: en
X-Spam-Relay-Country:
X-Spam-DCC: B=; R=smtp1.atof.net 1202; Body=1 Fuz1=1 Fuz2=1
X-Spam-RBL:
X-Spam-PYZOR: Reported 0 times.
Date: Tue, 05 Mar 2024 04:17:54 -0500
From: Glenn Strauss <gs-lists-ietf-http-wg@gluelogic.com>
To: Eric J Bowman <mellowmutt@zoho.com>
Cc: Ietf Http Wg <ietf-http-wg@w3.org>
Message-ID: <ZebjQugyclUcpUMZ@xps13>
References: <18e0d72a16c.12ba6e4e539841.2176589173863326330@zoho.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
In-Reply-To: <18e0d72a16c.12ba6e4e539841.2176589173863326330@zoho.com>
X-W3C-Hub-Spam-Status: No, score=-3.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DMARC_MISSING=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: pan.w3.org 1rhQw5-007ZKc-0u 56b5aea10f5d691e04d47148454f17e0
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Feedback on INHIBIT and RESTORE, please?
Archived-At: <https://www.w3.org/mid/ZebjQugyclUcpUMZ@xps13>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51860
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On Mon, Mar 04, 2024 at 11:10:00PM -0800, Eric J Bowman wrote: > INHIBIT and RESTORE Methods for HTTP > > Abstract > > Temporarily changing the availability status of a resource, is a common procedure in webserver administration. It is typically accomplished by editing a configuration file, or overloading the POST method by using it to affect changes which fall outside the scope of altering the content of, or creating, a resource. HTTP additionally attaches creation and destruction semantics to PUT and DELETE. This proposal suggests two new HTTP methods, INHIBIT and RESTORE, as a mechanism for clarifying server behavior for intermediaries, and in log files. First impressions (and not well-formulated): ISTM that you want the origin server to implement a policy layer, but stored in/near/with a resource. Just as authentication and authorization are often server configuration rather than attributes or properties of a resource, so too are INHIBIT and RESTORE. Just as with WebDAV properties, certain properties may be attached to a resource, such as owner information and ACLs, but the origin server must check these properties and act on them. Should such properties be served to the end user? The ACLs list is not generally served to an unprivileged user. Similarly, INHIBIT and RESTORE likely are also privileged commands which should require authentication and authorization. Overall, this implementation of the INHIBIT and RESTORE policy seems to me to be something that is an admin control panel which handles some sorts of requests (POST request to inhibit, POST request to restore), but not something which needs to be separate methods at the HTTP layer. POST /cgi-bin/admin-control?method=inhibit&target=/url/to/resource (e.g. similar to an example you described in the Abstract) Instead of knowing the /cgi-bin/admin-control panel URI, it seems as if you want a meta-layer in requests to invoke the admin-control panel application to handle the request instead of the origin server handling the request natively. Is this extending WebDAV? Or is this building an admin control panel into the HTTP layer? Inhibiting a resource to always return 503 is a server configuration policy, not wholly a property of the resource, even if a randomly-named property could be added to a resource and the server configuration could check for and act on said property. Why should INHIBIT and RESTORE be separate methods at the HTTP layer? (Honest question) You mentioned that PUT and DELETE operate directly on the resource, and they operate on the resource content. I hear that you are suggesting that INHIBIT temporarily be an alternate response (not actually resource content!). That is not a modifying the resource per-say, but instead modifying the policy response to requests for the resource. (Please forgive me if I am not using the resource terminology correctly or precisely.) Why is the result of the INHIBIT command not something like HTTP/1.1 503 Service Unavailable Cache-Control: purge-all-your-variants # (fabricated) or HTTP/1.1 451 Unavailable For Legal Reasons Cache-Control: purge-all-your-variants # (fabricated) For the sake of being gross (don't do this), instead of using POST, I can overload the DELETE method with some headers, such as If-None-Match: * Inhibit-Policy: xxxxx for "temporary deletion" of the resource and If-None-Match: * overloaded to prevent the server from accidentally deleting the file but leveraging authentication and authorization to make sure I have DELETE access (as long as the server implemented If-None-Match and ETag for the resource, and special-cased Inhibit-Policy to change server configuration instead of 412 Precondition Failed because of If-None-Match: *). Again, apologies for the scatter-brained response. The ideas behind INHIBIT and RESTORE are interesting, but IMHO the policy implications and potential implementation details are far more complicated and would need to be fleshed out a bit for general guidance in an RFC. Your multipart request to provide the response content for 503 pages for different languages is a good example of this complexity. INHIBIT and RESTORE feel to me more an extension to WebDAV or new admin interfaces rather than base HTTP layer. Servers with those layers might be able to incrementally add INHIBIT-like and RESTORE-like properties to resources and implement policies based on those properties. Cheers, Glenn
- Feedback on INHIBIT and RESTORE, please? Eric J Bowman
- Re: Feedback on INHIBIT and RESTORE, please? Glenn Strauss