Problem Details for HTTP APIs
draft-ietf-appsawg-http-problem-03
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2016-03-17
|
03 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2016-03-11
|
03 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2016-03-11
|
03 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2016-02-08
|
03 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2016-02-04
|
03 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2016-02-04
|
03 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2016-02-03
|
03 | (System) | IANA Action state changed to In Progress |
2016-02-02
|
03 | (System) | RFC Editor state changed to EDIT |
2016-02-02
|
03 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2016-02-02
|
03 | (System) | Announcement was received by RFC Editor |
2016-02-02
|
03 | Cindy Morgan | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2016-02-02
|
03 | Cindy Morgan | IESG has approved the document |
2016-02-02
|
03 | Cindy Morgan | Closed "Approve" ballot |
2016-02-02
|
03 | Cindy Morgan | Ballot approval text was generated |
2016-02-02
|
03 | Barry Leiba | IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
2016-01-19
|
03 | Mark Nottingham | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2016-01-19
|
03 | Mark Nottingham | New version available: draft-ietf-appsawg-http-problem-03.txt |
2016-01-07
|
02 | Spencer Dawkins | [Ballot comment] Thanks for helping me resolve my Discuss. |
2016-01-07
|
02 | Spencer Dawkins | [Ballot Position Update] Position for Spencer Dawkins has been changed to No Objection from Discuss |
2015-12-22
|
02 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'No Response' |
2015-12-22
|
02 | Tero Kivinen | Closed request for Last Call review by SECDIR with state 'No Response' |
2015-12-17
|
02 | Cindy Morgan | IESG state changed to IESG Evaluation::AD Followup from IESG Evaluation |
2015-12-17
|
02 | Spencer Dawkins | [Ballot discuss] I'm elevating this to a (late) Discuss, because I haven't heard anything back, and didn't want the document approved without having a (short) … [Ballot discuss] I'm elevating this to a (late) Discuss, because I haven't heard anything back, and didn't want the document approved without having a (short) discussion. I'll be back to Yes after that. In this text, The "status" member duplicates the information available in the HTTP status code itself, thereby bringing the possibility of disagreement between the two. Their relative precedence is not clear, since a disagreement might indicate that (for example) an intermediary has modified the HTTP status code in transit. As such, those defining problem types as well as generators and consumers of problems need to be aware that generic software (such as proxies, load balancers, firewalls, virus scanners) are unlikely to know of or respect the status code conveyed in this member. I understand what you're saying about a mismatch being possible, and some of the possible reasons why that might happen, but isn't this saying that anyone who can understand the "status" member should prefer its value when there's a mismatch (because it's less likely to have been dorked with by an intermediary - or is that even true)? So, the situation looks to me, like there's a MUST The status member, if present, is only advisory; it conveys the HTTP status code used for the convenience of the consumer. Generators MUST use the same status code in the actual HTTP response, to assure that generic HTTP software that does not understand this format still behaves correctly. that some intermediary can dork with, so the result violates the MUST, and we really can't tell the receiver what you should do at that point. "Gee, I guess you're gonna have to flip a coin to decide who to believe" would be sad, but it would be more guidance than the document has now :-) |
2015-12-17
|
02 | Spencer Dawkins | [Ballot comment] I've wished this mechanism was available, a few times already. In this text, If such additional members are defined, their names SHOULD … [Ballot comment] I've wished this mechanism was available, a few times already. In this text, If such additional members are defined, their names SHOULD start with a letter (ALPHA, as per [RFC5234], Appendix B.1) and SHOULD consist of characters from ALPHA, DIGIT (Ibid.), and "_" (so that it can be serialized in formats other than JSON), and SHOULD be three characters or longer. are there any benefits to not conforming to these SHOULDs? For example, would you really need to have a two-character member name, and you'd fail if the member name was three characters long? ("Why are these not MUSTs?") |
2015-12-17
|
02 | Spencer Dawkins | [Ballot Position Update] Position for Spencer Dawkins has been changed to Discuss from Yes |
2015-12-17
|
02 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2015-12-17
|
02 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2015-12-16
|
02 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2015-12-16
|
02 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2015-12-16
|
02 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2015-12-16
|
02 | Ben Campbell | [Ballot comment] Section 4 talks about how a problem type SHOULD resolve to HTML documentation. Is there ever a case where an API might be … [Ballot comment] Section 4 talks about how a problem type SHOULD resolve to HTML documentation. Is there ever a case where an API might be standardized to be used by multiple origin servers? Would each server host it's own documentation? Would the problem type be a relative URL under those circumstances? (You say it can be relative, but all the examples are fully qualified) - 4, 2nd paragraph: "New problem types need to carefully consider..." This is a pedantic nit, really a personal pet peeve: Designers of new problem types should consider this. I doubt the types themselves will :-) |
2015-12-16
|
02 | Ben Campbell | [Ballot Position Update] New position, Yes, has been recorded for Ben Campbell |
2015-12-16
|
02 | Spencer Dawkins | [Ballot comment] I've wished this mechanism was available, a few times already. In this text, If such additional members are defined, their names SHOULD … [Ballot comment] I've wished this mechanism was available, a few times already. In this text, If such additional members are defined, their names SHOULD start with a letter (ALPHA, as per [RFC5234], Appendix B.1) and SHOULD consist of characters from ALPHA, DIGIT (Ibid.), and "_" (so that it can be serialized in formats other than JSON), and SHOULD be three characters or longer. are there any benefits to not conforming to these SHOULDs? For example, would you really need to have a two-character member name, and you'd fail if the member name was three characters long? ("Why are these not MUSTs?") In this text, The "status" member duplicates the information available in the HTTP status code itself, thereby bringing the possibility of disagreement between the two. Their relative precedence is not clear, since a disagreement might indicate that (for example) an intermediary has modified the HTTP status code in transit. As such, those defining problem types as well as generators and consumers of problems need to be aware that generic software (such as proxies, load balancers, firewalls, virus scanners) are unlikely to know of or respect the status code conveyed in this member. I understand what you're saying about a mismatch being possible, and some of the possible reasons why that might happen, but isn't this saying that anyone who can understand the "status" member should prefer its value when there's a mismatch (because it's less likely to have been dorked with by an intermediary - or is that even true)? |
2015-12-16
|
02 | Spencer Dawkins | [Ballot Position Update] New position, Yes, has been recorded for Spencer Dawkins |
2015-12-15
|
02 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2015-12-15
|
02 | Dan Romascanu | Request for Telechat review by GENART Completed: Ready. Reviewer: Dan Romascanu. |
2015-12-15
|
02 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2015-12-14
|
02 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2015-12-13
|
02 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
2015-12-11
|
02 | Stephen Farrell | [Ballot comment] - 3.1: "SHOULD NOT automatically" de-ref the type URI. Hmm, under what circumstances would it be reasonable for any code to automatically de-ref … [Ballot comment] - 3.1: "SHOULD NOT automatically" de-ref the type URI. Hmm, under what circumstances would it be reasonable for any code to automatically de-ref the type URI? If none, then either s/SHOULD/MUST/ or maybe s/automatically// - 3.1, last para: I'm sure this is a known thing, but I don't know the answer, so I'll ask:-) If I send a request for URL example.com/foo and am re-directed to example.net/bar, against which of those is a relative URL in the problem detail evaluated? I hope the answer is example.net - if not, there could be some attack that could be mounted but I've not got a concrete example to offer. - 3.2, last para: should "media type" be "problem type" at the end? - 4: "typically with the "http" scheme" - your examples are all https, don't you mean https here too? |
2015-12-11
|
02 | Stephen Farrell | [Ballot Position Update] New position, Yes, has been recorded for Stephen Farrell |
2015-12-10
|
02 | Jean Mahoney | Request for Telechat review by GENART is assigned to Dan Romascanu |
2015-12-10
|
02 | Jean Mahoney | Request for Telechat review by GENART is assigned to Dan Romascanu |
2015-12-07
|
02 | (System) | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2015-12-05
|
02 | Barry Leiba | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead |
2015-12-05
|
02 | Mark Nottingham | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2015-12-05
|
02 | Mark Nottingham | New version available: draft-ietf-appsawg-http-problem-02.txt |
2015-12-05
|
01 | Barry Leiba | Ballot has been issued |
2015-12-05
|
01 | Barry Leiba | [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba |
2015-12-05
|
01 | Barry Leiba | Created "Approve" ballot |
2015-12-05
|
01 | Barry Leiba | Placed on agenda for telechat - 2015-12-17 |
2015-12-05
|
01 | Barry Leiba | Changed consensus to Yes from Unknown |
2015-12-04
|
01 | (System) | IESG state changed to Waiting for AD Go-Ahead from In Last Call |
2015-12-02
|
01 | (System) | IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed |
2015-12-02
|
01 | Sabrina Tanamal | (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has completed its review of draft-ietf-appsawg-http-problem-01.txt. If any part of this review is inaccurate, please let us know. IANA … (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has completed its review of draft-ietf-appsawg-http-problem-01.txt. If any part of this review is inaccurate, please let us know. IANA understands that, upon approval of this document, there is a single action which IANA must complete. In the application media types registry located at: http://www.iana.org/assignments/media-types/ two new media types are to be added as follows: Name: problem+json Template: [ TBD-at-Registration ] Reference: [ RFC-to-be ] Name: problem+xml Template: [ TBD-at-Registration ] Reference: [ RFC-to-be ] IANA understands that this is the only action required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. Thank you, Sabrina Tanamal IANA Specialist ICANN |
2015-11-30
|
01 | Dan Romascanu | Request for Last Call review by GENART Completed: Ready with Issues. Reviewer: Dan Romascanu. |
2015-11-29
|
01 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Niclas Comstedt |
2015-11-29
|
01 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Niclas Comstedt |
2015-11-26
|
01 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Sam Hartman |
2015-11-26
|
01 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Sam Hartman |
2015-11-23
|
01 | Jean Mahoney | Request for Last Call review by GENART is assigned to Dan Romascanu |
2015-11-23
|
01 | Jean Mahoney | Request for Last Call review by GENART is assigned to Dan Romascanu |
2015-11-20
|
01 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2015-11-20
|
01 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: appsawg-chairs@ietf.org, apps-discuss@ietf.org, "Murray Kucherawy" , superuser@gmail.com, barryleiba@gmail.com, … The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: appsawg-chairs@ietf.org, apps-discuss@ietf.org, "Murray Kucherawy" , superuser@gmail.com, barryleiba@gmail.com, draft-ietf-appsawg-http-problem@ietf.org Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Problem Details for HTTP APIs) to Proposed Standard The IESG has received a request from the ART Area General Applications Working Group WG (appsawg) to consider the following document: - 'Problem Details for HTTP APIs' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-12-04. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document defines a "problem detail" as a way to carry machine- readable details of errors in a HTTP response, to avoid the need to invent new error response formats for HTTP APIs. Note to Readers This draft should be discussed on the apps-discuss mailing list [1]. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-appsawg-http-problem/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-appsawg-http-problem/ballot/ No IPR declarations have been submitted directly on this I-D. |
2015-11-20
|
01 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2015-11-20
|
01 | Barry Leiba | Last call was requested |
2015-11-20
|
01 | Barry Leiba | Last call announcement was generated |
2015-11-20
|
01 | Barry Leiba | Ballot approval text was generated |
2015-11-20
|
01 | Barry Leiba | IESG state changed to Last Call Requested from AD Evaluation |
2015-11-20
|
01 | Barry Leiba | IESG state changed to AD Evaluation from Publication Requested |
2015-11-20
|
01 | Barry Leiba | Ballot writeup was changed |
2015-11-20
|
01 | Barry Leiba | Murray Kucherawy is the document shepherd. Barry Leiba is the responsible Area Director. This document defines a "problem detail" as a way to carry machine- … Murray Kucherawy is the document shepherd. Barry Leiba is the responsible Area Director. This document defines a "problem detail" as a way to carry machine- readable details of errors in a HTTP response, to avoid the need to invent new error response formats for HTTP APIs. The working group requests Proposed Standard status, as it qualifies for such per RFC 2026 Section 4.1.1. In particular, the proposal is thought to be useful enough that there are several implementations (see https://github.com/mnot/I-D/wiki/http-problem), it has review from both the HTTP community at the IETF and the W3C (the TAG), and its advancement has the support of APPSAWG. WGLC finished almost a year ago, and there has been a small amount of activity since then which has been incorporated into the document. Much of the delay since then has been caused by waiting for TAG feedback (which never came), and the remainder of the blame falls on the WG chairs. It's ready for formal processing. 2. Review and Consensus The document originally appeared as an individual submission in July of 2012 and went through some evolution resulting in several revisions before being adopted by APPSAWG about a year ago. It has been largely stable since then. There has been cross-development between APPSAWG participants and W3C TAG. Development has stabilized since its WGLC, and implementations have matured with little change to the document. Perhaps noteworthy with respect to consensus is that the participants of APPSAWG cover a broad area of applications, and only some focus on HTTP work. However, that smaller group does tend to be active and thorough when they take up a work item in their specific interest area. With that in mind, consensus on the current content appears to be solid rather than rough. One of the document authors is both HTTPBIS chair and also the IETF liaison to the W3C, so I'm satisfied that there has been ample airing of this proposal on both sides of that particular fence. 3. Intellectual Property Both authors have affirmed that they have already disclosed all direct, personal knowledge of any IPR related to this document, in conformance with BCPs 78 and 79. 4. Other Points IANA Considerations appears to be properly formed. To the eyes of this media type reviewer-in-training, the registrations appear to be sound, especially in the areas for which we usually send registrations back to the authors. There are no downward normative references. Nothing else of note. |
2015-11-20
|
01 | Barry Leiba | Ballot writeup was generated |
2015-11-11
|
01 | Murray Kucherawy | Murray Kucherawy is the document shepherd. Barry Leiba is the responsible Area Director. This document defines a "problem detail" as a way to carry … Murray Kucherawy is the document shepherd. Barry Leiba is the responsible Area Director. This document defines a "problem detail" as a way to carry machine- readable details of errors in a HTTP response, to avoid the need to invent new error response formats for HTTP APIs. The working group requests Proposed Standard status, as it qualifies for such per RFC 2026 Section 4.1.1. In particular, the proposal is thought to be useful enough that there are several implementations (see https://github.com/mnot/I-D/wiki/http-problem), it has review from both the HTTP community at the IETF and the W3C (the TAG), and its advancement has the support of APPSAWG. WGLC finished almost a year ago, and there has been a small amount of activity since then which has been incorporated into the document. Much of the delay since then has been caused by waiting for TAG feedback (which never came), and the remainder of the blame falls on the WG chairs. It's ready for formal processing. 2. Review and Consensus The document originally appeared as an individual submission in July of 2012 and went through some evolution resulting in several revisions before being adopted by APPSAWG about a year ago. It has been largely stable since then. There has been cross-development between APPSAWG participants and W3C TAG. Development has stabilized since its WGLC, and implementations have matured with little change to the document. Perhaps noteworthy with respect to consensus is that the participants of APPSAWG cover a broad area of applications, and only some focus on HTTP work. However, that smaller group does tend to be active and thorough when they take up a work item in their specific interest area. With that in mind, consensus on the current content appears to be solid rather than rough. One of the document authors is both HTTPBIS chair and also the IETF liaison to the W3C, so I'm satisfied that there has been ample airing of this proposal on both sides of that particular fence. 3. Intellectual Property Both authors have affirmed that they have already disclosed all direct, personal knowledge of any IPR related to this document, in conformance with BCPs 78 and 79. 4. Other Points IANA Considerations appears to be properly formed. To the eyes of this media type reviewer-in-training, the registrations appear to be sound, especially in the areas for which we usually send registrations back to the authors. There are no downward normative references. Nothing else of note. |
2015-11-11
|
01 | Murray Kucherawy | Responsible AD changed to Barry Leiba |
2015-11-11
|
01 | Murray Kucherawy | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2015-11-11
|
01 | Murray Kucherawy | IESG state changed to Publication Requested |
2015-11-11
|
01 | Murray Kucherawy | IESG process started in state Publication Requested |
2015-11-11
|
01 | Murray Kucherawy | Tag Awaiting Expert Review/Resolution of Issues Raised cleared. |
2015-11-11
|
01 | Murray Kucherawy | Notification list changed to "Murray Kucherawy" <superuser@gmail.com> |
2015-11-11
|
01 | Murray Kucherawy | Document shepherd changed to Murray Kucherawy |
2015-11-10
|
01 | Murray Kucherawy | Changed document writeup |
2015-10-14
|
01 | (System) | Notify list changed from "Alexey Melnikov" to (None) |
2015-09-06
|
01 | Mark Nottingham | New version available: draft-ietf-appsawg-http-problem-01.txt |
2015-01-09
|
00 | Murray Kucherawy | Feedback from the W3C TAG is forthcoming. |
2015-01-09
|
00 | Murray Kucherawy | Tag Awaiting Expert Review/Resolution of Issues Raised set. |
2015-01-09
|
00 | Murray Kucherawy | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2014-12-07
|
00 | Murray Kucherawy | WGLC ends December 21, 2014. |
2014-12-07
|
00 | Murray Kucherawy | IETF WG state changed to In WG Last Call from WG Document |
2014-10-14
|
00 | Murray Kucherawy | Notification list changed to "Alexey Melnikov" <alexey.melnikov@isode.com> |
2014-10-14
|
00 | Murray Kucherawy | Document shepherd changed to Alexey Melnikov |
2014-09-19
|
00 | Murray Kucherawy | Intended Status changed to Proposed Standard from None |
2014-09-19
|
00 | Murray Kucherawy | This document now replaces draft-nottingham-http-problem instead of None |
2014-09-19
|
00 | Mark Nottingham | New version available: draft-ietf-appsawg-http-problem-00.txt |