IETF Logo Mail Archive

Re: [scim] Ticket 13, required flag for etags

Phil Hunt <phil.hunt@oracle.com> Thu, 01 May 2014 22:39 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83EDE1A09AB for <scim@ietfa.amsl.com>; Thu, 1 May 2014 15:39:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.551
X-Spam-Level:
X-Spam-Status: No, score=-4.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G_BVmfFxuW6o for <scim@ietfa.amsl.com>; Thu, 1 May 2014 15:39:23 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id F11B91A6EF1 for <scim@ietf.org>; Thu, 1 May 2014 15:39:22 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s41MdJKh028465 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 1 May 2014 22:39:20 GMT
Received: from aserz7022.oracle.com (aserz7022.oracle.com [141.146.126.231]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s41MdHSq027132 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 1 May 2014 22:39:17 GMT
Received: from abhmp0001.oracle.com (abhmp0001.oracle.com [141.146.116.7]) by aserz7022.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s41MdHqd027127; Thu, 1 May 2014 22:39:17 GMT
Received: from [192.168.1.186] (/24.86.29.34) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 01 May 2014 15:39:16 -0700
Content-Type: multipart/alternative; boundary="Apple-Mail=_411D51F6-A4B3-43BE-A96E-6CDFCEBC1E6C"
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <829B0F9E-1CA0-4179-A209-E5B988BD8904@nexusgroup.com>
Date: Thu, 01 May 2014 15:39:13 -0700
Message-Id: <C459C947-3D67-4539-A1B9-63B1C25A0EB7@oracle.com>
References: <C16F24B3-C1B3-4F08-98AF-03EC1E022DFB@oracle.com> <206127dda63a4c76a5716e553256f15b@BN1PR04MB392.namprd04.prod.outlook.com> <3EA1BE6B-0926-418E-A8E1-A2289BD0E638@oracle.com> <36e4fe35ff664070a40d2c171cf13318@BN1PR04MB392.namprd04.prod.outlook.com> <829B0F9E-1CA0-4179-A209-E5B988BD8904@nexusgroup.com>
To: Erik Wahlström <erik.wahlstrom@nexusgroup.com>
X-Mailer: Apple Mail (2.1874)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
Archived-At: http://mailarchive.ietf.org/arch/msg/scim/Iqm8AFD4FqxJECadEAh-1NTssvs
Cc: "scim@ietf.org WG" <scim@ietf.org>, Kelly Grizzle <kelly.grizzle@sailpoint.com>
Subject: Re: [scim] Ticket 13, required flag for etags
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 May 2014 22:39:26 -0000

I missed that. I agree, MUST should be MAY.

In many cases, such as adding a user to a large group via PATCH, the fact that the underlying resource MAY have changed a 1000 times will have no impact — unless multiple clients start trying to add the same user.

I also think there is a consideration that ETags could cause accidental performance problems.  E.g. a client keeps trying to do read-before-write (to get the version) and fails continually because of a high rate of change of the target resource. In many of these cases, an approach of discrete PATCH operations may solve the problem at scale.

I’m going to review what http://tools.ietf.org/html/draft-ietf-httpbis-p4-conditional-26 spec is saying on this and see how we should apply to SCIM.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com



On May 1, 2014, at 3:23 PM, Erik Wahlström <erik.wahlstrom@nexusgroup.com> wrote:

> But the following texts makes it all rather unclear.
> 
> If the Service Providers supports versioning of resources the
>    Consumer MUST supply an If-Match [15] header for PUT and PATCH
>    operations to ensure that the requested operation succeeds only if
>    the supplied ETag matches the latest Service Provider Resource; e.g.,
>    If-Match: W/"e180ee84f0671b1"
> 
> 
> How about changing MUST to MAY?
> 
> / Erik
> 
> 
> 
> 
> 
> 
> On 01 May 2014, at 22:37, Kelly Grizzle <kelly.grizzle@sailpoint.com> wrote:
> 
>> Good info.  And I believe that the spec already suggests that these should be optional for the client (section 3.11 of the API):
>>  
>>    With the returned ETag, clients MAY choose to retrieve the resource
>>    only if the resource has been modified.
>>  
>> Given the “MAY” in this statement, I think we should close this ticket as WONTFIX.
>>  
>>  
>> From: Phil Hunt [mailto:phil.hunt@oracle.com] 
>> Sent: Thursday, May 01, 2014 2:47 PM
>> To: Kelly Grizzle
>> Cc: scim@ietf.org WG
>> Subject: Re: [scim] Ticket 13, required flag for etags
>>  
>> My understanding of etags is that they are always optional.  From an interop perspective a server can’t require them.
>>  
>> Phil
>>  
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>  
>>  
>>  
>> On May 1, 2014, at 12:45 PM, Kelly Grizzle <kelly.grizzle@sailpoint.com> wrote:
>> 
>> 
>> IIRC this came up at a SCIM interop event.  The SCIM Proxy server supported ETags and failed if they were not supplied by the client.  However, it seemed like the correct behavior was to accept client requests with or without an ETag.  My understanding of the “supported” attribute was that the server accepted ETags but they were not mandatory for the client to send.
>>  
>>  
>> From: scim [mailto:scim-bounces@ietf.org] On Behalf Of Phil Hunt
>> Sent: Thursday, May 01, 2014 2:42 PM
>> To: scim@ietf.org WG
>> Subject: [scim] Ticket 13, required flag for etags
>>  
>> Does anybody have any explanation of this ticket?  
>> http://trac.tools.ietf.org/wg/scim/trac/ticket/13
>>  
>> This is one of the old tickets from SCIM 1.  The explanation here https://code.google.com/p/scim/issues/detail?id=92 didn’t provide any more detail.
>>  
>> I’m wondering if what is meant is whether the server configuration should indicate whether etags are “supported” rather than “required”.
>>  
>> Section 12.5 of core-schema already indicates that the service provider config includes an attribute etags whose sub attribute “supported’ indicated that the server supports etags.
>>  
>> Was there something else?
>>  
>> Or, is this just a ticket that should have been closed a long time ago?
>>  
>> Phil
>>  
>> @independentid
>> www.independentid.com
>> phil.hunt@oracle.com
>>  
>>  
>>  
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>>  
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
> 
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

v2.23.0 | Report a Bug | By Email