New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Better explain 200 = ignored with Expect: 202-digest
?
#33
Comments
No reason to apologize-- this is exactly the kind of feedback we need! For my money, 4 is no. It's not an impl choice to ignore the header. 5 is not relevant, for exactly the reason you give. 3 is the sticky bit. I think we settled on 412 for that, no? Is that not what we have written down now? |
We went with 202 to make it as clear as possible that the server and client are acting according to the same expectations. Because of the particular nature of fixity checking, and because specifications are frequently incompletely implemented, I thought it should be explicitly reflected in the status. |
@barmintor - I think 202 response for good fixity check is fine (just trying to work out when, if ever, a 200 response is appropriate for a 202-digest request) @ajs6f - not sure whether 412 is appropriate for 3 (unrecognized or unsupported instance-digest) - that smells more like 400 to me. Either way, I think in the current text it isn't clear what code should be returned/expected for case 3 so should probably be made explicit. But anyway, if case 3 is 4xx, case 4 does not apply, and case 5 is irrelevant, then I do not know when a client would ever get a 200 so I think mention of that should be removed? |
Also, if support for 202-digest is required and there is no case when 200 is returned, I think section 3.3.2 Ignored Expectations and 200 (OK) should be deleted. |
I think, for what it's worth, that 3.3.2 is not the problem (I think it's useful non-normative guidance), but that you are right about the parallel sentence in 3.3.1 (which is normative). Generally speaking, I think it is a mistake to write a spec like this as if it will be completely implemented- as far as I know, none of the LDP implementations pass the entire TC- and I would expect backfilling against one of those, or a mixed approach to be more common. Let us say that a LDP implementation, we'll call it Marmothesis, decided to borrow the versioning spec. If the question were put to me, "Can I run Islandora or Hydra against Marmothesis?" I would like to be able to fall back on some guidance to know where my middleware needs to fill gaps. In many cases, this is detectable from response headers ("Is there a timemap?"). In the case of fixity checking generally, which we have feedback for that characterizes it as optional, and in this case, for which we introduce a new Expect header that we also have limited ability to forecast extensions of by different implementations (link values or hash algorithms), a reminder that HTTP 200 means the header was ignored strikes me as a useful caution. I'm willing to be overruled, but the lack of expected scenarios in which a conformant implementation returns a 200 is in this case the reason I think it should be noted. |
Support for 202-digest is a |
Yes, and I think that is causing a lot of confusion. I'm sympathetic to your points about the partial fulfillment of specs, @barmintor, but I think this |
I don't think the confusion of this ticket is changed according to I should add that we had (I thought) consensus that fixity was a required feature, but that the minimum server features to support it were only |
If we establish that a conforming implementation will never respond to a |
@barmintor No, that was not my understanding of our decision. I very much thought that |
@zimeon I think that exactly hinges on whether |
Well, as I said: I am sympathetic to dropping the note, or at least changing it to reaffirm that non-202 responses signal non-conformance. It might be worth noting the HTTP/1.1 spec's position on missing support for other expectations does not require a 417, only defines its meaning:
As a client, I only find the |
The "promotion of 202-digest support from |
My suggestion here is to modify section 3.3.2 as follows:
Given that we state that support for |
-1 to leaving support for |
@barmintor ? @zimeon ? @acoburn ? @birkland ? @ruebot ? @no-reply ? |
Reading the spec after having read the comments on this issue, I actually think it makes more sense to remove section 1.5.2.1, as it seems redundant to section 3. To me, it reads better when the concerns are orthogonal (resource management vs fixity). I think 3.3.2 can be eliminated as well; just move the non-normative text to 3.3.1. In that case, the narrative is simple: a |
The thing there seems to be some agreement on is that it is unhelpful to mention I'd suggest keeping section 1.5.2.1 for now, if only to avoid expanding the scope of this hard-to-resolve issue. If there is more debate there then perhaps new issue? I think the underling BIG ISSUE for much of the difficulty here is that there is not agreement on how prescriptive and how testable this spec should be. That will need to be resolved in order for a good outcome overall. |
Partially addressed with: 8223e7c |
Transmission fixity is consistently (internally and with LDP & RFC3230) described in the POST LDP-NR and PUT LDP-NR sections where server responses tell a client:
Persistence fixity is defined in terms of the 202-digest expectation where server responses tell a client:
I note that there is not agreement to make support for any particular digest type(s) mandatory (see also #32). I think that there are two changes that would tighten up persistence fixity to be clear:
|
Partially resolved with: fa627da |
Section 3.3.1 says:
Which on the face of it is very odd, and seems at odds with rfc2616 "A server that does not understand or is unable to comply with any of the expectation values in the Expect field of a request MUST respond with appropriate error status. The server MUST respond with a 417 (Expectation Failed) status if any of the expectations cannot be met or, if there are other problems with the request, some other 4xx status."
and then Section 3.3.2 says (non-normatively):
which suggests a server implementation choice about supporting the fixity check.
A while ago I thought I understood this all to mean:
but as I have tried to write this up I find myself unsure again. I think they key question to clarify this is "Under what conditions is it OK for a server to give 200 OK in response to an
Expect: 202-digest
request?" My attempt to enumerate is:202-digest
-- no, 417Expect
parameter, but since LDP is defined over HTTP/1.1 this seem irrelevant?Sorry this is so long!
The text was updated successfully, but these errors were encountered: