Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add HTTP section #26

Merged
merged 7 commits into from
Aug 29, 2019
Merged

Add HTTP section #26

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
1720e80
Write HTTP section.
RubenVerborgh Aug 6, 2019
fd68114
Add security consideration on TLS/TCP.
RubenVerborgh Aug 6, 2019
ed5c3fb
Clarify which requirements should be satisfied.
RubenVerborgh Aug 6, 2019
55a57b5
Add HTTP background.
RubenVerborgh Aug 6, 2019
c921bc2
Add client requirements for HTTP.
RubenVerborgh Aug 6, 2019
a52ae50
Review after feedback by @kjetilk.
RubenVerborgh Aug 7, 2019
8c5eaf9
Review after feedback by @csarven, @TallTed, @justinwb.
RubenVerborgh Aug 9, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
83 changes: 60 additions & 23 deletions main/resource-access.bs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,28 +5,65 @@ Issue: Write introduction to the Authenticated Resource Access section.

## Hypertext Transfer Protocol ## {#http}

Issue: Write Hypertext Transfer Protocol section.

Draft:
A Solid data pod MUST implement HTTP/1.1 Message Syntax and Routing [[!RFC7230]]

Draft:
A Solid data pod MUST implement HTTP/1.1 Semantics and Content [[!RFC7231]].

Draft:
A Solid data pod MUST implement HTTP/1.1 Authentication [[!RFC7235]].

Draft:
A Solid data pod SHOULD implement HTTP/1.1 Conditional Requests [[!RFC7232]].

Draft:
A Solid data pod SHOULD implement HTTP/1.1 Range Requests [[!RFC7233]].

Draft:
A Solid data pod SHOULD implement HTTP/1.1 Caching [[!RFC7234]].

Draft:
A Solid data pod MAY implement HTTP/2 [[!RFC7540]].
### Background and Need ### {#http-need}
<em>This section is non-normative.</em>

Solid clients and servers need to exchange data securely over the Internet,
and they do so using the Web protocol HTTP.
This section describes in detail
which parts of HTTP must be implemented by clients and servers.

### Required server-side implementation ### {#http-server}

A [=data pod=] MUST be an HTTP/1.1 server [[!RFC7230]][[!RFC7231]].
It SHOULD additionally be an HTTP/2 server [[!RFC7540]]
to improve performance,
especially in cases where individual clients
are expected to send high numbers of successive requests.

A data pod SHOULD use TLS connections
through the `https` URI scheme
in order to secure the communication between clients and servers.
When both `http` and `https` are supported,
all `http` URIs MUST redirect to their `https` counterparts
using a response with a `301` status code and a `Location` header.

A data pod MUST implement the server part
of <cite>HTTP/1.1 Conditional Requests</cite> [[!RFC7232]]
to ensure that updates requested by clients
will only be applied if given preconditions are met.
It SHOULD additionally implement the server part
of <cite>HTTP/1.1 Caching</cite> [[!RFC7234]]
to improve performance.
A data pod MAY implement the server part
of <cite>HTTP/1.1 Range Requests</cite> [[!RFC7233]]
to further improve performance for large representations.

A data pod MUST implement the server part
of <cite>HTTP/1.1 Authentication</cite> [[!RFC7235]].
When a client does not provide valid credentials
when requesting a resource that requires it (see [[#webid]]),
the data pod MUST send a response with a `401` status code
(unless `404` is preferred for security reasons).

### Required client-side implementation ### {#http-client}

A Solid client MUST be an HTTP/1.1 client [[!RFC7230]][[!RFC7231]].
It MAY additionally be an HTTP/2 client [[!RFC7540]]
to improve performance.

A Solid client MAY implement the client parts of
<cite>HTTP/1.1 Conditional Requests</cite> [[!RFC7232]]
to only trigger updates when certain preconditions are met.
It MAY implement
<cite>HTTP/1.1 Caching</cite> [[!RFC7234]]
and
<cite>HTTP/1.1 Range Requests</cite> [[!RFC7233]]
to improve performance.

A Solid client MUST implement the client part
of <cite>HTTP/1.1 Authentication</cite> [[!RFC7235]]
if it needs to access resources requiring authentication (see [[#webid]]).


## Linked Data Platform ## {#ldp}
Expand All @@ -40,7 +77,7 @@ A Solid data pod MUST conform to the LDP specification [[!LDP]].
## WebID ## {#webid}

Issue: Explain inline that agents accessing non-public Solid resources
need a WebID, and that this is a URL
need to authenticate with a WebID, which is a URL
pointing to a document with an RDF representation.


Expand Down
8 changes: 8 additions & 0 deletions main/security.bs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,14 @@ Security Considerations {#security}

Issue: Write Security Considerations section.

Data pods SHOULD use TLS connections
to protect the contents of requests and responses
from eavesdropping and modification by third parties.
Regular TCP connections MAY be used
in testing environments
or when the data pod is behind a reverse proxy
that terminates a secure connection.

## Privacy Considerations ## {#privacy}

Issue: Write Privacy Considerations section.
Expand Down