See also: IRC log
[Agenda planning. . .]
NM: Let's try issue HttpRedirections-57
http://www.w3.org/2001/tag/2009/12/08-agenda.html#HttpRedire
JR:
http://lists.w3.org/Archives/Public/www-tag/2009Jun/0057.html
... Going through the history---first two points are the origin
of this
... 1) 303s aren't supposed to be cached -- bug in 2616 --
fixed in HTTPbis
DC: Let's endorse that fix
LM: Not sure about that -- not prepared to endorse -- abstain
NM: This becomes relevant because we encouraged people to use 303
JR: Any reason not cache 303 responses?
LM: No
NM: draft RESOLUTION: TAG endorses the proposed change to HTTPbis to allow caching of 303 responses
DC: Specific proposal is where?
<jar> http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-08#section-8.3.4
<DanC_> is this OK? "A 303 response SHOULD NOT be cached unless it is indicated as
<DanC_> cacheable by Cache-Control or Expires header fields."
JR: This is different from 307. . .
DC: I think the HTTP spec. is usually neutral wrt caching
JR: OK, we need to explore this further -- the difference from 307 is worrying
<noahm> I heard DC say HTTP was neutral in the absence of cache-control or expires header
<DanC_> ACTION: jonathan to research 303 caching change in HTTPbis [recorded in http://www.w3.org/2009/12/09-tagmem-minutes.html#action01]
<trackbot> Created ACTION-347 - Research 303 caching change in HTTPbis [on Jonathan Rees - due 2009-12-16].
JR: Sub-issue 2) There's a need
for a non-3xx response, in order that the original URI stays in
the status bar
... Unlike 302, 303 or 307, where the target goes in the
address bar
<DanC_> (researching the bug...)
JR: This is described as a security concern
<DanC_> (many/most purl users want the purl bookmarked, not the redirected addressed)
TBL: But we really don't want that for e.g. 307, because it's only a temporary redirect, so people shouldn't e.g. bookmark it
LM: The single result display in
the address bar is insufficient for what we want to tell the
user
... Doing UI design is inappropriate for us. . .
JR: I agree, that's why I want to lose this part of the issue
LM: The principle we can endorse
is that the URI you see should be a URI you can use to get you
what you see
... Going further to say it should be a long-term,
bookmarkable, etc. URI is a bit fuzzier
NM: WebArch says use one URI for
a resource
... even when they're not going away, it can be a problem, for
example when example.com redirects to example-1.com or
example-2.com for load balancing
JR: What should I do
<jar> For all practical purposes it's impossible to get a purl.org URI into your bookmarks list
DC: Let's find out why Mozilla decline to address the PURL folks' request to fix this, so that you could bookmark PURLs
TBL: Flight of fancy on 303x, 303y, 303z. . .
<DanC_> "304622 min -- All nobody RESO INVA Adding a live bookmark via feedview uses the location of the feed rather than the location given in the referring page's link element; redirects, PURLs don't work "
<DanC_> maybe this is the bug https://bugzilla.mozilla.org/show_bug.cgi?id=304622
<noahm> proposed ACTION: Jonathan to research reasons why browser providers (e.g. Mozilla) aren't willing to meet requests (e.g. from purl) to switch address bar URL following successful redirect
<noahm> ACTION: Jonathan to research reasons why browser providers (e.g. Mozilla) aren't willing to meet requests (e.g. from purl) to switch address bar URL following successful redirect [recorded in http://www.w3.org/2009/12/09-tagmem-minutes.html#action02]
<trackbot> Created ACTION-348 - Research reasons why browser providers (e.g. Mozilla) aren't willing to meet requests (e.g. from purl) to switch address bar URL following successful redirect [on Jonathan Rees - due 2009-12-16].
<jar> or to not switch
JR: 3) Rhys Lewis was working on
a finding wrt httpRange-14, but that work stopped when the SWEO
note Cool URIs for the SemWeb was published
... I think that work should be picked up and made into a
finding
... which would replace/elaborate the email message which
currently stands as the resolution of httpRange-14
... That was the context for ISSUE-57 at its inception
... Additional points that have been added, are my points
4--6
... Latest news: AWWSW task force has reported:
http://www.w3.org/2001/tag/awwsw/http-semantics-report-20091204.html
... A number of forms for this work, of which I'm the main
editor
... helped along by our discussion at the last f2f
... A lot of text to introduce one key definition:
... for the phrase "corresponds to", which comes from the
definition of the 200 response code, in 2616 and HTTPbis
LM: I wouldn't take this too seriously -- we didn't when we wrote it
JR: We agree entirely. It's the practice which matters to actually pin this down
LM: I note that this story works/should work pretty much for ftp: as well
JR: Wrt WebArch, 'representation'
corresponds to 'entity' or 'content entity'
... and 'represents' corresponds to 'corresponds to'
<DanC_> LMM: the HTML spec uses 'resource' for what HTTP calls entity. I filed a bug; we'll see...
LM: Note that the correspondence is at a particular instant
JR: Yes, at a particular time
LM: And in a particular context
JR: It's hard to pare things down
to the point where we could focus
... So there's now a bunch of stuff which has been moved off
the table
... Section HTTP Exchanges summarizes what we all know about
GET requests
<DanC_> DC: hmm... in pt 5, "preferably"? the server decides which resource the name refers to...
<DanC_> JAR: but an intermediary might get confused
<DanC_> DC: ah... "preferably" makes more sense for intermediaries
TBL: 304? 307?
JR: Yes, step 6 pbly should be
clarified wrt responses other than 200
... [works through the RDF formalization]
TBL: Why did you avoid 'representation'
JR: Because people objected to giving a URI to something called 'representation' a URI
TBL: All I was concerned is to distinguish the original resource, identified by its URI, and the 'resource' which is some representation of that resource, which also may have a URI, but is not the same
JR: Right
... correspondence is a 4-place rel'n between resource, a
content entity, a start time and an end time
HST: Context is richer than just time
LM: Accept headers
TBL: But there's still something core
JR: I try to work breadth first
HST: I didn't mean Accept Headers, but rather deixis, e.g. http://localhost/
DC: or http://my.yahoo.com/
JR: On to section "What this semantics is careful not to say"
<masinter> http://tools.ietf.org/html/draft-masinter-dated-uri-05
<masinter> vs http://tools.ietf.org/html/draft-masinter-dated-uri-06
LM: Server response is a speech act
JR: Precisely -- let's look at
some more recent slides
... How do you prove correctness of an HTTP proxy, cache, API
or theory
<DanC_> Potatoes don't say anything
<DanC_> bug in "Content negotiation" slide: speaks_for should be corresponds_to
slide21 should have corresponds_to instead of speaks_for in conneg slide (21?)
<jar> TOPLAS 1993 ?
<DanC_> (I think of it as BAN logic)
JR: Now make use of Abadi,
Burrows, Lampson and Plotkin logic (ABLP)
... originally for crypto
... and access control
<DanC_> (a larch formalization http://www.w3.org/Architecture/iiir-larch/BAN.lsl based on a 1989 SRC Research Report )
LM: What's good about this is precisely that it qualifies everything with the principal who/which/that says it
JR: Crucial observation -- HTTP defines corresponds_to as follows:
"example.com controls {http://example.com/foo corresponds_to E}"
JR: The domain of "says" is
principals, Non-principals don't say anything
... Not all resources are principals
NM: Break for 15 minutes
<jar> There are two versions of ABLP, the DEC SRC TR from 1991, and the TOPLAS paper from 93 or 94
<jar> not to be confused with the earlier BAN paper from 1990, which overlaps in content
NM: Resumed
JR: [Gets to slide 12, reconstruction of httpRange-14]
NM: So this is stronger than the original conclusion?
JR: Yes
... The original 'resolution' simply constrained the range of
the corresponds_to relation
... but it didn't actually address the original problem
NM: Elaborating the "image conneg example": URI identifies a photo. Conneg used to retrieve either jpeg or gif. They agree up to a point in conveying the photo, but not completely, does the theory allow/explain that?
JR: This theory as it stands isn't articulated enough to determine the relationship between corresponds_to and speaks_for
NM: Good progress here, wrt
httpRange-14
... Note that we're OK, mostly, when we ask for, say, the
Declaration of Independence, and what we get back has some
advertising in a sidebar
... and I think this can address that
LM: I think this is very good stuff. I hope we can use it to clarify what is meant by Origin
LM: The whole CORS, confused deputy, etc. debate is hampered by a lack of clear definition of precisely this kind of thing: what is an origin, a deputy, etc.
LM: Linking SemWeb and Security would be a great thing, possibly a win for both sides
NM: Great idea -- specific action?
DC: I'd like to write this up in a different editorial style
<timbl> Have we finished JAR's slide set?
JR: Sure
<timbl> ah
JR: Connects with CAPdesk, DARPA-funded DARPAbrowser
<noahm> The chair would very much like for Dan to propose an action for himself.
<DanC_> . ACTION Dan write up speaks_for applied to httpRedirections and httpRange using motivating examples
<noahm> Thank you!
<DanC_> ACTION Dan write up speaks_for applied to httpRedirections and httpRange using motivating examples
<trackbot> Created ACTION-349 - Write up speaks_for applied to httpRedirections and httpRange using motivating examples [on Dan Connolly - due 2009-12-16].
<johnk> Pointing out Miller et al's Horton paper: http://www.erights.org/elib/capability/horton/
<johnk> re: "delegating responsibility in digital systems"
<jar> JAR is babbling about Mark Miller's previous work: DARPAbrowser and CAPdesk (w.r.t our discussion of 307 and what's in the browser URI bar, etc. )
TBL: Slides done, can we try to
find a replacement for 'speaks_for'
... We have a URI, we get a 200
... Using 'speaks_for' as the relationship which relates
content to the resource
... but if R is a person, the content can't 'speak_for' a
person
<DanC_> contexts in which the term gets used "a secure channel from Bob speaks for bob"
TBL: that is, an entity speaking for the agent
<masinter> you get a 200 from a server, where the server speaks for the person
JR: In the old days we sent
letters, and my letter did 'speak_for' me
... No resource speaks for me, it doesn't say that
<DanC_> (it's clear to me that offline witing is going to be more efficient than group discussion, but if Tim has a clear example, I'm interested to capture it.)
<DanC_> i identifies Pat Hayes
<DanC_> 2. 200 from resource identified by i
Slide 9 appears to back Tim
<DanC_> conjecture: 200 response speaks for Pat
HST: Stipulate that we have a URI
for Pat Hayes
... Then your slides appear to say that if I get a
ContentEntity from GETting that URI
... that it a) corresponds_to Pat and therefore, per the
'Controversial Axiom', that it speaks_for Pat
<masinter> JAR: would give us a reason to ask Pat not to assert such things, because it breaks our theory
JR: Ah -- the ContAx isn't
licensed by any existing spec.
... I think it's useful to explain a lot of WebArch
TBL: So if it is, we have a reductio wrt Pat saying what he says about that URI
<DanC_> phpht
JR: Oh, yes, and, the ContAx
should include server says that E speaks for R
... not E speaks for R directly
AM: Looking at R doesn't say any s, then E doesn't (mustn't) say any s
JR: This is meant just to be a restatement of the positive direction
AM: This says E's only role is to say what R says
JR: Yes, that's the ContAx
<DanC_> JAR: yes, advertising conflicts
DC: I'm getting useful input, not guaranteed to end up in the same place
LM: Please try to include Origin
DC: Not sure how, but I'll at least try.
HT: I think perhaps there are too many levels at which entities say things. It's clear to me that an XML document says some things, because of the semantics of XML. I.e. the infoset.
TBL: I dispute that it says those things.
DC: I understand both positions.
JAR: Me too.
HT: I'm being intentionally obtuse in part to get to talking about a 3rd party, which is the interpreter of the message. We often think of this as a human observing a screen, can also be listening to audio.
HT: It's that which ultimately says things.
JAR: Similar to the crypto case, in which the interpreters have to be part of the proof system.
<masinter> A potato says "help i'm a potato" ?
<DanC_> (the dispute between TBL and HT is issue ISSUE-28 fragmentInXML-28; odd that tracker considers it closed when it's plain that the TAG doesn't have consensus.)
TBL: When it's RDF, what it says is what the triples it produces say
<DanC_> (the resolution in tracker sides with Tim)
HT: Isn't that analagous to my statement that what an XML document "says" is first order the Infoset, and then 2nd order the interpretation of those.
TBL: No, I'm talking about the interpretation of the graph.
HT: Ah.
HT: What I [originally] scribed is wrong when I attributed to TBL "what it says is the triples it produces"; should have scribed "what it says is what the triples it produces say"
NM: good progress here, great
work JR
... DC is going to try to restate/elaborate
<DanC_> action-201?
<trackbot> ACTION-201 -- Jonathan Rees to report on status of AWWSW discussions -- due 2009-12-01 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2001/tag/group/track/actions/201
<DanC_> . action-201 due 15 Mar 2010
[procedural discussion]
<DanC_> action-201 due 15 Mar 2010
<trackbot> ACTION-201 Report on status of AWWSW discussions due date now 15 Mar 2010
TBL: I'd like to see some interaction with the Tabulator work
<DanC_> ACTION-116 due 31 Dec 2009
<trackbot> ACTION-116 Align the tabulator internal vocabulary with the vocabulary in the rules http://esw.w3.org/topic/AwwswDboothsRules, getting changes to either as needed. due date now 31 Dec 2009
<noah> ACTION-201 Due 2 March 2010
<trackbot> ACTION-201 Report on status of AWWSW discussions due date now 2 March 2010
LM: Could we have used a Link Header in a 404 response?
JR: Yes
LM: But not a link in the body of 404 document itself?
DC: No
LM: But I like the idea of having links in the body, because you can have lots of them
http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html
<noah> http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html
<noah> This is in relation to ACTION-303
AM: Doesn't this allow me to just support an earlier version?
<Zakim> noah, you wanted to talk about problems with >requiring< future proofing
HST: The 'earliest appropriate'
sentence is meant to rule that out.
... Maybe that needs to be stronger
NM: I have a long history of
interest in this
... I like this as a goal for many circumstances
... But there are cases where it doesn't work
... The XML 1.1 experience is illustrative in this case
... So we shouldn't require this kind of future-proofing of
references
... Specifically in terms of systems which are involved in
communication
<DanC_> +1 "should future-proof" is too strong. The simple case of citing a frozen spec is fine in many cases
<Zakim> johnk, you wanted to wonder whether it is confusing to combine conformance and referencing behaviour in one statement
<noah> Seeing where you're going, Henry, unless new editions >never< allow for new content, I think my concern stands.
JK: Conformant implementations? Should that be separated from what is referenced? Trying to pack too much in?
<noah> Or maybe I'm not guessing right as to what your concern/suggestion will be.
JK: How references are written is different from what is a conformant implementation
<Zakim> DanC_, you wanted to ask for a reminder of a specific case we're particularly interested in... it was somewhere in the HTML 5 references, yes?
DC: There was a specific case wrt the HTML 5
<masinter> think IETF tradition is to make the 'future proofing' more part of general policy than being specific in each draft. A1 references B1. When B2 updates B1, implementations of A1 may or may not follow B2
HT: As it stands, there are only stubs in the HTML 5 references.
DC:HT: No.
HT: Last I looked. E.g. following link from content-sniffing you got something that just said content sniffing.
<DanC_> http://dev.w3.org/html5/spec/references.html#references
<noah> We pause to read HTML 5 references section....
HT: Ah, it's better than it was.
DC: So if we pushed on any of these, we would pbly find the editor would have a reason
HT: E.g. the text in the references says "[CSS] Cascading Style Sheets Level 2 Revision 1, B. Bos, T. Celik, I. Hickson, H. Lie. W3C, April 2009.", but links the undated copy.
HST: So what does it mean for an implementor? Specifically, implementors 5 years from now have to figure out what was meant. We're trying to fix that.
<Zakim> TBL, you wanted to point out that anyone using this language assumes there is a contract with future working groups to maintain the operability of the referencing spec, when
TBL: If you propose we use the
present and the future -- why not earlier ones?
... As for the future, that depends on the sort of WG and the
sort of spec.
... If the group doesn't commit to back compatibility, you
can't rely on it
<masinter> Is the distinction between "edition" and "version" important?
TBL: You might try to negotiate a
commitment from the WG that they won't change. . .
... Or you might just require people to check
<masinter> Can distinction between "technical specification" and "applicability statement" be useful? "applicability statement" calls out specific dated versions, while general "technical specification" doesn't? Two documents, one of which updates.
TBL: So it's not clear that we can go with what you propose
LM: I like the difference between
edition and version
... We used to differentiate between applicability statements
and language specs.
... So you would only have to update the appl. statement
<Zakim> ht, you wanted to reply to Noah wrt editions vs. versions
LM: Alternatively, you could have policy outside the doc. altogether
NM: You haven't addressed my concern, because it wasn't lack of back-compat that broke the XML 1.1 situation
HT: The response to Noah and Tim is to say "yes, all those criticisms apply to unrestricted blank checks" (leaving aside for a sec refs to older versions), by relying on the W3C Policy for Edtions (stepping gently around XML 1.1/10 5th edition in particular), is precisely because it makes this plausible.
NM: Do new editions allow new content?
HT: Yes.
NM: Then I still have a problem. See problems deploying XML 1.0 5th edition. A sometimes inappropriate (depending on the specs) expectation is created that implementations that haven't been updated will support new content sourced by those that have been.
JR: Conformance to a spec. that has a variable in it is intrinsically vague
<Zakim> jar, you wanted to consider classes of comforming implementations (conforming to various combinations of specs)
JR: So there's a time-sensitivity wrt the answer to "does this conform?"
<Zakim> noah, you wanted to mention that there can be issues with 3rd party specs.
NM: TBL mentioned SOAP in passing
[AM leaves]
NM: SOAP wasn't sure about
supporting XML 1.1
... It depended on the Infoset, and we weren't sure that even
if we went to XML 1.1, the Infoset would have been
well-future-proofed enough for it all to hold together
... So in some ways, my willingness to future-proof my
references depends on other specs also being well
future-proofed
<Zakim> johnk, you wanted to ask how can we apply henry'd text to the specific issue noted?
HST: Yes, we have a real case of this with XML 1.0 5e and XML NS 3e
JK: Addressing dated prose in conjunction with an undated URI is separate from future-proofing?
LM: My assumption is that the dated ref. is normative
<jar> If dated spec A normatively cites undated spec B, and artifact Z conforms to A - what does that mean? Maybe: (1) it conforms to A(B(t)) for some t, or (2) it conforms to A(B(t)) for all t, or (3) if conforms to A(B(t)) for t >= now
DC: Hidden URIs are less significant
<DanC_> (editorially I like including the full, dated URI in a citation, but I much prefer using the document title as the link text.)
HST: Jonathan attempted
to answer John. I agree as far as it goes but want to go
further. You're right, I was trying to address two problems: 1)
dated vs. undated refs conflict, and BTW some peoples' styles
to make the URI explict...
... there are many
variations on that 2) usually, all that people tend to say is
by grouping into normative and non-normative. It's rare for the
conformance section to clarify what is meant by making a
reference normative.
<noah> FWIW, Dan, though it's clunky, I tend to feel that making both live links, to the same URI, is the least bad approach.
<jar> the normative reference speaks for the spec that refers to it
<DanC_> (oh... and I don't like "available at"; I consider the semantics "identified by", and I leave it implicit)
<DanC_> http://lists.w3.org/Archives/Public/public-html-comments/2009Dec/0002.html
<noah> Queue is open only for next steps discussion
DC: I asked the HTML 5 editor to
add 'work in progress' to links to documents which identify
themselves as work in progress
... The response was 'busywork'
NM: I don't think this can go further unless my concerns and maybe TBL's are addressed
<DanC_> (aha! found some work I did in this area: http://lists.w3.org/Archives/Public/public-swbp-wg/2005Sep/0136 'formally defining W3C's namespace change policy options w.r.t. recent TAG versioning terminology' )
JR: I thought restricting to editions was good enough
TBL: I had missed that HST meant to constrain to editions, that satisfies me
<noah> What I have in mind is something along the lines of:
<noah> The TAG believes that this is good practice in many cases, but not in all. We recognize that, particularly in cases where no assurance is given that future editions won't support use of new (I.e. previously invalid) content, the advice given here may be impractical.
<DanC_> I think the short para HT proposed is "too clever by half"; it'll only be an effective communication if it recapitulates critical parts of the edition policy
<DanC_> also, I want to make it clear that it's not the only "template" we endorse by providing more than one template; e.g. another one for really frozen, dated specs
<jar> whether in practice the "edition" process as specified and executed is sufficient to protect investment is something I'm not qualified to answer. it sounds as if it would be, as specified, if followed, but haven't checked...
<DanC_> close action-303
<trackbot> ACTION-303 Draft text on writing references closed
<DanC_> close action-304
<trackbot> ACTION-304 Write up issue around normative references to particular versions of specs closed
<scribe> ACTION: Henry to revise http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html based on feedback on www-tag and the feedback from TAG f2f 2009-12-09 discussion [recorded in http://www.w3.org/2009/12/09-tagmem-minutes.html#action03]
<trackbot> Created ACTION-350 - Revise http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html based on feedback on www-tag and the feedback from TAG f2f 2009-12-09 discussion [on Henry S. Thompson - due 2009-12-16].
<johnk> http://www.erights.org/elib/capability/horton/
<DanC_> Miller et. al.
<timbl> http://pinpoint.microsoft.com/en-US/Dallas
<noah> Tim, if you're interested in Microsoft's Dallas, it was introduced at their developer's conference a couple of weeks ago. You can go to the transcript of the keynote at http://www.microsoft.com/presspass/exec/ozzie/2009/11-17pdc.mspx and look for the word "Dallas". The video of the keynote, with demos, is at http://cdn-smooth.ms-studiosmedia.com/presspass/mpeg2/1001009_PDCD1_500k.mpg
<noah> You can use the transcript to find the right place in the video.
NM: Adjourned for lunch.