rfc2518.txt

RFC 的详细文档！

   resource, the set of principals who have taken out a shared lock also
   must trust each other, creating a (typically) smaller trust set
   within the access permission write set.

   Starting with every possible principal on the Internet, in most
   situations the vast majority of these principals will not have write
   access to a given resource.  Of the small number who do have write
   access, some principals may decide to guarantee their edits are free
   from overwrite conflicts by using exclusive write locks.  Others may
   decide they trust their collaborators will not overwrite their work
   (the potential set of collaborators being the set of principals who
   have write permission) and use a shared lock, which informs their
   collaborators that a principal may be working on the resource.

   The WebDAV extensions to HTTP do not need to provide all of the
   communications paths necessary for principals to coordinate their
   activities.  When using shared locks, principals may use any out of
   band communication channel to coordinate their work (e.g., face-to-
   face interaction, written notes, post-it notes on the screen,
   telephone conversation, Email, etc.)  The intent of a shared lock is
   to let collaborators know who else may be working on a resource.

   Shared locks are included because experience from web distributed
   authoring systems has indicated that exclusive locks are often too
   rigid.  An exclusive lock is used to enforce a particular editing
   process: take out an exclusive lock, read the resource, perform
   edits, write the resource, release the lock.  This editing process
   has the problem that locks are not always properly released, for
   example when a program crashes, or when a lock owner leaves without
   unlocking a resource.  While both timeouts and administrative action
   can be used to remove an offending lock, neither mechanism may be
   available when needed; the timeout may be long or the administrator
   may not be available.







Goland, et al.              Standards Track                    [Page 15]

RFC 2518                         WEBDAV                    February 1999


6.2 Required Support

   A WebDAV compliant server is not required to support locking in any
   form.  If the server does support locking it may choose to support
   any combination of exclusive and shared locks for any access types.

   The reason for this flexibility is that locking policy strikes to the
   very heart of the resource management and versioning systems employed
   by various storage repositories.  These repositories require control
   over what sort of locking will be made available.  For example, some
   repositories only support shared write locks while others only
   provide support for exclusive write locks while yet others use no
   locking at all.  As each system is sufficiently different to merit
   exclusion of certain locking features, this specification leaves
   locking as the sole axis of negotiation within WebDAV.

6.3 Lock Tokens

   A lock token is a type of state token, represented as a URI, which
   identifies a particular lock.  A lock token is returned by every
   successful LOCK operation in the lockdiscovery property in the
   response body, and can also be found through lock discovery on a
   resource.

   Lock token URIs MUST be unique across all resources for all time.
   This uniqueness constraint allows lock tokens to be submitted across
   resources and servers without fear of confusion.

   This specification provides a lock token URI scheme called
   opaquelocktoken that meets the uniqueness requirements.  However
   resources are free to return any URI scheme so long as it meets the
   uniqueness requirements.

   Having a lock token provides no special access rights. Anyone can
   find out anyone else's lock token by performing lock discovery.
   Locks MUST be enforced based upon whatever authentication mechanism
   is used by the server, not based on the secrecy of the token values.

6.4 opaquelocktoken Lock Token URI Scheme

   The opaquelocktoken URI scheme is designed to be unique across all
   resources for all time.  Due to this uniqueness quality, a client may
   submit an opaque lock token in an If header on a resource other than
   the one that returned it.

   All resources MUST recognize the opaquelocktoken scheme and, at
   minimum, recognize that the lock token does not refer to an
   outstanding lock on the resource.



Goland, et al.              Standards Track                    [Page 16]

RFC 2518                         WEBDAV                    February 1999


   In order to guarantee uniqueness across all resources for all time
   the opaquelocktoken requires the use of the Universal Unique
   Identifier (UUID) mechanism, as described in [ISO-11578].

   Opaquelocktoken generators, however, have a choice of how they create
   these tokens.  They can either generate a new UUID for every lock
   token they create or they can create a single UUID  and then add
   extension characters.  If the second method is selected then the
   program generating the extensions MUST guarantee that the same
   extension will never be used twice with the associated UUID.

   OpaqueLockToken-URI = "opaquelocktoken:" UUID [Extension]  ; The UUID
   production is the string representation of a UUID, as defined in
   [ISO-11578]. Note that white space (LWS) is not allowed between
   elements of this production.

   Extension = path  ; path is defined in section 3.2.1 of RFC 2068
   [RFC2068]

6.4.1 Node Field Generation Without the IEEE 802 Address

   UUIDs, as defined in [ISO-11578], contain a "node" field that
   contains one of the IEEE 802 addresses for the server machine.  As
   noted in section 17.8, there are several security risks associated
   with exposing a machine's IEEE 802 address. This section provides an
   alternate mechanism for generating the "node" field of a UUID which
   does not employ an IEEE 802 address.  WebDAV servers MAY use this
   algorithm for creating the node field when generating UUIDs.  The
   text in this section is originally from an Internet-Draft by Paul
   Leach and Rich Salz, who are noted here to properly attribute their
   work.

   The ideal solution is to obtain a 47 bit cryptographic quality random
   number, and use it as the low 47 bits of the node ID, with the most
   significant bit of the first octet of the node ID set to 1.  This bit
   is the unicast/multicast bit, which will never be set in IEEE 802
   addresses obtained from network cards; hence, there can never be a
   conflict between UUIDs generated by machines with and without network
   cards.

   If a system does not have a primitive to generate cryptographic
   quality random numbers, then in most systems there are usually a
   fairly large number of sources of randomness available from which one
   can be generated. Such sources are system specific, but often
   include:






Goland, et al.              Standards Track                    [Page 17]

RFC 2518                         WEBDAV                    February 1999


     - the percent of memory in use
     - the size of main memory in bytes
     - the amount of free main memory in bytes
     - the size of the paging or swap file in bytes
     - free bytes of paging or swap file
     - the total size of user virtual address space in bytes
     - the total available user address space bytes
     - the size of boot disk drive in bytes
     - the free disk space on boot drive in bytes
     - the current time
     - the amount of time since the system booted
     - the individual sizes of files in various system directories
     - the creation, last read, and modification times of files in
       various system directories
     - the utilization factors of various system resources (heap, etc.)
     - current mouse cursor position
     - current caret position
     - current number of running processes, threads
     - handles or IDs of the desktop window and the active window
     - the value of stack pointer of the caller
     - the process and thread ID of caller
     - various processor architecture specific performance counters
       (instructions executed, cache misses, TLB misses)

   (Note that it is precisely the above kinds of sources of randomness
   that are used to seed cryptographic quality random number generators
   on systems without special hardware for their construction.)

   In addition, items such as the computer's name and the name of the
   operating system, while not strictly speaking random, will help
   differentiate the results from those obtained by other systems.

   The exact algorithm to generate a node ID using these data is system
   specific, because both the data available and the functions to obtain
   them are often very system specific. However, assuming that one can
   concatenate all the values from the randomness sources into a buffer,
   and that a cryptographic hash function such as MD5 is available, then
   any 6 bytes of the MD5 hash of the buffer, with the multicast bit
   (the high bit of the first byte) set will be an appropriately random
   node ID.

   Other hash functions, such as SHA-1, can also be used. The only
   requirement is that the result be suitably random _ in the sense that
   the outputs from a set uniformly distributed inputs are themselves
   uniformly distributed, and that a single bit change in the input can
   be expected to cause half of the output bits to change.





Goland, et al.              Standards Track                    [Page 18]

RFC 2518                         WEBDAV                    February 1999


6.5 Lock Capability Discovery

   Since server lock support is optional, a client trying to lock a
   resource on a server can either try the lock and hope for the best,
   or perform some form of discovery to determine what lock capabilities
   the server supports.  This is known as lock capability discovery.
   Lock capability discovery differs from discovery of supported access
   control types, since there may be access control types without
   corresponding lock types.  A client can determine what lock types the
   server supports by retrieving the supportedlock property.

   Any DAV compliant resource that supports the LOCK method MUST support
   the supportedlock property.

6.6 Active Lock Discovery

   If another principal locks a resource that a principal wishes to
   access, it is useful for the second principal to be able to find out
   who the first principal is.  For this purpose the lockdiscovery
   property is provided.  This property lists all outstanding locks,
   describes their type, and where available, provides their lock token.

   Any DAV compliant resource that supports the LOCK method MUST support
   the lockdiscovery property.

6.7 Usage Considerations

   Although the locking mechanisms specified here provide some help in
   preventing lost updates, they cannot guarantee that updates will
   never be lost.  Consider the following scenario:

   Two clients A and B are interested in editing the resource '
   index.html'.  Client A is an HTTP client rather than a WebDAV client,
   and so does not know how to perform locking.
   Client A doesn't lock the document, but does a GET and begins
   editing.
   Client B does LOCK, performs a GET and begins editing.
   Client B finishes editing, performs a PUT, then an UNLOCK.
   Client A performs a PUT, overwriting and losing all of B's changes.

   There are several reasons why the WebDAV protocol itself cannot
   prevent this situation.  First, it cannot force all clients to use
   locking because it must be compatible with HTTP clients that do not
   comprehend locking.  Second, it cannot require servers to support
   locking because of the variety of repository implementations, some of
   which rely on reservations and merging rather than on locking.
   Finally, being stateless, it cannot enforce a sequence of operations
   like LOCK / GET / PUT / UNLOCK.



Goland, et al.              Standards Track                    [Page 19]

RFC 2518                         WEBDAV                    February 1999