Network Working Group C. Daboo
Internet-Draft October 16, 2005
Expires: April 19, 2006
vCard Extensions to WebDAV (CardDAV)
draft-daboo-carddav-00
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 19, 2006.
Copyright Notice
Copyright (C) The Internet Society (2005).
Abstract
This document specifies a set of methods, headers and resource types
that define an extension to the WebDAV protocol to support vCard data
stored as address books on the server. The new protocol elements are
intended to make WebDAV-based address book management an
intereropable standard that supports address book access, address
book sharing, and address book publishing.
Change History (to be removed prior to publication as an RFC)
Daboo Expires April 19, 2006 [Page 1]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
Initial document
Table of Contents
1. Introduction and Overview . . . . . . . . . . . . . . . . . . 4
1.1. IMSP . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.2. ACAP . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3. LDAP . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.4. WebDAV for Address Books . . . . . . . . . . . . . . . . . 6
1.5. vCard . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.1. Notational Conventions . . . . . . . . . . . . . . . . . . 6
2.2. XML Namespaces . . . . . . . . . . . . . . . . . . . . . . 7
2.3. Method Preconditions and Postconditions . . . . . . . . . 7
3. Required CardDAV features . . . . . . . . . . . . . . . . . . 8
4. Capability Discovery . . . . . . . . . . . . . . . . . . . . . 8
4.1. CardDAV Server Support . . . . . . . . . . . . . . . . . . 8
4.1.1. Example: Using OPTIONS for the Discovery of
Support for CardDAV . . . . . . . . . . . 9
5. Address Book Resources . . . . . . . . . . . . . . . . . . . . 9
5.1. Address Book Data Model . . . . . . . . . . . . . . . . . 9
5.1.1. Address Book Server . . . . . . . . . . . . . . . . . 10
5.2. Address Book Collection . . . . . . . . . . . . . . . . . 10
5.2.1. CARDDAV:adbk-description Property . . . . . . . . . . 11
5.3. vCard Object Resource Restrictions in Address Book
Collections . . . . . . . . . . . . . . . . . . . . . . . 11
5.4. Creating Resources . . . . . . . . . . . . . . . . . . . . 12
5.4.1. MKADBK Method . . . . . . . . . . . . . . . . . . . . 12
5.4.2. Creating vCard Object Resources . . . . . . . . . . . 15
6. Address Book Reports . . . . . . . . . . . . . . . . . . . . . 16
6.1. REPORT Method . . . . . . . . . . . . . . . . . . . . . . 17
6.2. Reports on collections containing address book
collections . . . . . . . . . . . . . . . . . . . . . . . 17
6.3. CARDDAV:adbk-query Report . . . . . . . . . . . . . . . . 17
6.3.1. Example: Partial retrieval of vCards matching a
NICKNAME . . . . . . . . . . . . . . . . . . . . . . . 18
6.3.2. Example: Partial retrieval of vCards matching a
full name . . . . . . . . . . . . . . . . . . . . . . 20
6.4. CARDDAV:adbk-multiget Report . . . . . . . . . . . . . . . 23
6.4.1. Example: CARDDAV:adbk-multiget Report . . . . . . . . 23
6.5. CARDDAV:adbk-sync Report . . . . . . . . . . . . . . . . . 25
6.5.1. Example: Initial CARDDAV:adbk-sync Report . . . . . . 27
6.5.2. Example: CARDDAV:adbk-sync Report with token . . . . . 28
7. Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . 29
7.1. Restrict the Properties Returned . . . . . . . . . . . . . 29
7.2. Use of Locking . . . . . . . . . . . . . . . . . . . . . . 30
7.3. Finding address books . . . . . . . . . . . . . . . . . . 30
Daboo Expires April 19, 2006 [Page 2]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
8. XML Element Definitions . . . . . . . . . . . . . . . . . . . 31
8.1. CARDDAV:adbk-query XML Element . . . . . . . . . . . . . . 31
8.2. CARDDAV:adbk-data XML Element . . . . . . . . . . . . . . 31
8.2.1. CARDDAV:comp XML Element . . . . . . . . . . . . . . . 31
8.2.2. CARDDAV:allcomp XML Element . . . . . . . . . . . . . 32
8.2.3. CARDDAV:allprop XML Element . . . . . . . . . . . . . 32
8.2.4. CARDDAV:prop XML Element . . . . . . . . . . . . . . . 32
8.3. CARDDAV:filter XML Element . . . . . . . . . . . . . . . . 33
8.3.1. CARDDAV:comp-filter XML Element . . . . . . . . . . . 33
8.3.2. CARDDAV:prop-filter XML Element . . . . . . . . . . . 34
8.3.3. CARDDAV:param-filter XML Element . . . . . . . . . . . 34
8.3.4. CARDDAV:is-defined XML Element . . . . . . . . . . . . 34
8.3.5. CARDDAV:text-match XML Element . . . . . . . . . . . . 35
8.4. CARDDAV:adbk-multiget XML Element . . . . . . . . . . . . 35
8.5. CARDDAV:adbk-sync XML Element . . . . . . . . . . . . . . 35
8.5.1. CARDDAV:sync-token XML Element . . . . . . . . . . . . 36
9. Internationalization Considerations . . . . . . . . . . . . . 36
10. Security Considerations . . . . . . . . . . . . . . . . . . . 36
11. IANA Consideration . . . . . . . . . . . . . . . . . . . . . . 37
11.1. Namespace Registration . . . . . . . . . . . . . . . . . . 37
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 37
12.1. Normative References . . . . . . . . . . . . . . . . . . . 37
12.2. Informative References . . . . . . . . . . . . . . . . . . 38
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 38
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 39
Intellectual Property and Copyright Statements . . . . . . . . . . 40
Daboo Expires April 19, 2006 [Page 3]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
1. Introduction and Overview
Address books are a key component of personal information management
tools, such as email or calendaring and scheduling clients. To date
several protocols have been used for remote access to address data,
including LDAP [RFC2251], IMSP and ACAP [RFC2244].
1.1. IMSP
IMSP, which was the predessor to ACAP [RFC3253], received limited
support from vendors, but those that did implement solutions based on
it, found it to be a useful feature for large deployments of email
clients at sites where users may roam from machine to machine. IMSP
provided for multiple personal, shared or public address books,
organised in a hierarchy, and gave individual users the ability to
control access to their address books so that they could grant read
or write access rights to other specific users or groups. This
provided an easy and convenient way for users or workgroups to
quickly setup and manage shared address information. Address book
support in IMSP suffers from a number of problems, including a
limited format for the address data itself, and scalability issues
with large address books.
The key features of address book support in IMSP are:
1. Ability to use multiple address books with hierarchical layout.
2. Ability to control access to individual address books.
3. Server-side searching of address data, avoiding the need for
clients to download an entire address book in order to do a quick
address 'expansion' operation.
4. Ability to download/upload an individual address in and address
book.
The key disadvantages of address book support in IMSP are:
1. Limited schema for address data.
2. Does not scale to large address books (e.g. no way to page
through the list of addresses in an address book).
3. Does not provide any type of synchronisation capability, which
easily leads to 'lost update' problems when multiple users are
editing the same address book entries.
4. Lack of internationalisation support.
5. Does not provide per-address access control
6. Does not provide a simple way to lookup users on the system.
1.2. ACAP
ACAP [RFC3253] was meant as the successor to IMSP and as such was
designed to be a more 'generic' data access protocol for general
application use. ACAP defined specific 'datasets' (basically formal
Daboo Expires April 19, 2006 [Page 4]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
schema definitions) for different anticipated areas of use, including
address books, email accounts, application preferences, mime types
etc. The use of such formal schema defintions was intended to
enhance interoperability between clients. However, ACAP proved
difficult to implement due to over complexity in the protocol itself,
and this lead to few implementations.
The key features of address book support in ACAP are:
1. Ability to use multiple address books with hierarchical layout.
2. Ability to control access to individual address books and
address entries.
3. Server-side searching of address data, avoiding the need for
clients to download an entire address book in order to do a
quick address 'expansion' operation.
4. Ability to inherit address book data from others.
5. Ability to watch changes in address book data through use of
'contexts'.
6. Ability to page through address book data through use of
'contexts'.
7. Internationalisation support through use of utf8 for all data.
8. Well defined address schema to enhance client interoperability.
9. Compatability with vCard data format.
10. Users and groups dataset can be used to enumerate and find other
users on the system.
The key disadvantages of address book support in ACAP are:
1. Inheritance, access control and contexts all together is hard,
and ultimately proved one of the major hurdles to
implementations.
1.3. LDAP
LDAP [RFC2251] is a generic directory access protocol that is
specifically targeted at management applications and browser
applications that provide read/write interactive access to
directories. Often such directories contain information about
people, including contact/address data.
The key features of address book support in LDAP are:
1. To do
The key disadvantages of address book support in LDAP are:
1. Lack of schemas require overly complex client configuration to
map expected fields in the client to directory entries in the
server.
2. General reluctance to give 'ordinary' users write access to even
a small portion of the directory as often senstive information is
included in directory entries and a small mistake in configuring
Daboo Expires April 19, 2006 [Page 5]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
access control can lead to a major security breach.
1.4. WebDAV for Address Books
WebDAV offers a number of advantages as a framework or basis for
address book access and management. Most of these advantages boil
down to a significant reduction in design costs, implementation
costs, interoperability test costs and deployment costs.
The key features of address book support with WebDAV are:
1. Ability to use multiple address books with hierarchical layout.
2. Ability to control access to individual address books and address
entries.
3. Principal namespace can be used to enumerate and find other users
on the system.
4. Server-side searching of address data, avoiding the need for
clients to download an entire address book in order to do a quick
address 'expansion' operation.
5. Well-defined internationalisation support through standard HTTP.
6. Use of vCards for well defined address schema to enhance client
interoperability.
7. Many limited clients (e.g. mobile devices) contain an HTTP stack
which makes implementing WebDAV much easier than other protocols.
The key disadvantages of address book support in WebDAV are:
1. Lack of change notification.
2. Stateless nature of protocol can result in more data being sent
with each transaction to maintain per-user session across
requests.
1.5. vCard
vCard [RFC2426] is a MIME directory profile aimed at encapsulating
personal addressing and contact information about people. The
specification of vCard was originally done by the Versit consortium,
with a subsequent 3.0 version standardised by the IETF [RFC2426].
vCard is in wide spread use in email clients and mobile devices as a
means of encapsulating address information for transport via email,
or for import/export and synchronization operations.
2. Conventions
2.1. Notational Conventions
The augmented BNF used by this document to describe protocol elements
is described in Section 2.1 of [RFC2616]. Because this augmented BNF
uses the basic production rules provided in Section 2.2 of [RFC2616],
Daboo Expires April 19, 2006 [Page 6]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
those rules apply to this document as well.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
The term "protected" is used in the Conformance field of property
definitions as defined in Section 1.4.2 of RFC3253 [RFC3253].
When XML element types in the namespaces "DAV:" and
"urn:ietf:params:xml:ns:carddav" are referenced in this document
outside of the context of an XML fragment, the string "DAV:" and
"CARDDAV:" will be prefixed to the element type names respectively.
2.2. XML Namespaces
Definitions of XML elements in this document use XML element type
declarations (as found in XML Document Type Declarations), described
in Section 3.2 of [REC-XML].
The namespace "urn:ietf:params:xml:ns:carddav" is reserved for the
XML elements defined in this specification, its revisions, and
related CardDAV specifications. It MUST NOT be used for proprietary
extensions.
Note that the XML declarations used in this document are incomplete,
in that they do not include namespace information. Thus, the reader
MUST NOT use these declarations as the only way to create valid
CardDAV properties or to validate CardDAV XML element type. Some of
the declarations refer to XML elements defined by WebDAV which use
the "DAV:" namespace. Wherever such elements appear, they are
explicitly given the "DAV:" prefix to help avoid confusion.
Also note that some CardDAV XML element names are identical to WebDAV
XML element names, though their namespace differs. Care MUST be
taken not to confuse the two sets of names.
2.3. Method Preconditions and Postconditions
A "precondition" of a method describes the state of the server that
must be true for that method to be performed. A "postcondition" of a
method describes the state of the server that must be true after that
method has been completed. If a method precondition or postcondition
for a request is not satisfied, the response status of the request
MUST be either 403 (Forbidden) if the request should not be repeated
because it will always fail, or 409 (Conflict) if it is expected that
the user might be able to resolve the conflict and resubmit the
request.
Daboo Expires April 19, 2006 [Page 7]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
In order to allow better client handling of 403 and 409 responses, a
distinct XML element type is associated with each method precondition
and postcondition of a request. When a particular precondition is
not satisfied or a particular postcondition cannot be achieved, the
appropriate XML element MUST be returned as the child of a top-level
DAV:error element in the response body, unless otherwise negotiated
by the request. In a 207 Multi-Status response, the DAV:error
element would appear in the appropriate DAV:responsedescription
element.
3. Required CardDAV features
This section lists what functionality is required of a CardDAV
server.
To advertise support for the 'adbk-access' features of CardDAV, a
server:
o MUST support WebDAV Class 1 and 2 (all of RFC2518 [RFC2518]
including locking).
o MUST support WebDAV ACLs [RFC3744].
o MUST support SSL.
o MUST support strong ETags to support disconnected operations.
o MUST support address book REPORTs as described in this document.
o MUST support MKADBK.
To advertise support for the 'adbk-sync' features of CardDAV, a
server:
o MUST support the 'adbk-access' features described above.
o MUST support the 'adbk-sync' REPORT on address book collections.
In addition, a server:
o MAY support WebDAV DeltaV [RFC3253] or some of its components.
4. Capability Discovery
4.1. CardDAV Server Support
If the server supports the CardDAV features described in this
document, it MUST include "adbk-access" as a field in the DAV
response header from an OPTIONS request on any resource that supports
any address book properties, reports, or methods. A value of "adbk-
access" in the DAV header MUST indicate that the server supports all
MUST level requirements and REQUIRED features specified in this
document.
CardDAV includes a special report to allow better client/server
Daboo Expires April 19, 2006 [Page 8]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
synchronization performance. Support for this featrure is OPTIONAL,
though RECOMMENDED. If a server supports this feature then it MUST
include "adbk-sync" as a field in the DAV response header from an
OPTIONS request on any address book collection resource that supports
the report.
4.1.1. Example: Using OPTIONS for the Discovery of Support
for CardDAV
>> Request <<
OPTIONS /addressbooks/users/ HTTP/1.1
Host: adbk.example.com
>> Response <<
HTTP/1.1 200 OK
Allow: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE
Allow: MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, REPORT
Allow: MKADBK, ACL
DAV: 1, 2, access-control, adbk-access
Content-Length: 0
In this example, the OPTIONS response indicates that the server
supports CardDAV in this namespace, therefore the '/addressbooks/
users/' collection may be used as a parent for address book
collections as the MKADBK method is available, and as a possible
target for REPORT requests for address book reports.
5. Address Book Resources
5.1. Address Book Data Model
One of the features which has made WebDAV a successful protocol is
its firm data model. This makes it a useful framework for other
applications such as address books. This specification attempts to
follow the same pattern by developing all new features based on a
well-described data model.
In the CardDAV data model, every VCARD component is stored as an
individual HTTP/WebDAV resource - a 'vCard object resource'. That
means each vCard object resource may be individually locked and have
individual WebDAV properties. These resources are placed into WebDAV
collections with a mostly-fixed structure.
Daboo Expires April 19, 2006 [Page 9]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
5.1.1. Address Book Server
A CardDAV server is a vCard-aware engine combined with a WebDAV
repository. A WebDAV repository is a set of WebDAV collections,
containing other WebDAV resources, within a unified URL namespace.
For example, the repository "http://example.org/webdav/" may contain
WebDAV collections and resources, all of which have URLs beginning
with "http://example.org/webdav/". Note that the root URL
"http://example.org/" may not itself be a WebDAV repository (for
example, if the WebDAV support is implemented through a servlet or
other Web server extension).
A WebDAV repository MAY include address book data in some parts of
its URL namespace, and non-address book data in other parts.
A WebDAV repository can advertise itself as a CardDAV server if it
supports the functionality defined in this specification at any point
within the root of the repository. That might mean that vCard data
is spread throughout the repository and mixed with non-vCard data in
nearby collections (e.g. vCard data may be found in /lisa/
addressbook/ as well as in /bernard/addressbook/, and non-vCard data
in /lisa/calendars/). Or, it might mean that vCard data can be found
only in certain sections of the repository (e.g. /addressbooks/
user/). Address book features are only required in the repository
sections that are or contain vCard objects. So a repository
confining vCard data to the /carddav/ collection would only need to
support the CardDAV required features within that collection.
The CardDAV server or repository is the canonical location for vCard
data and state information. Both CardDAV servers and clients MUST
ensure that the data is consistent and compliant. Clients may submit
requests to change data or download data. Clients may store vCard
objects offline and attempt to synchronize at a later time. However,
clients MUST be prepared for vCard data on the server to change
between the time of last synchronization and when attempting an
update, as address book collections may be shared and accessible via
multiple clients. HTTP ETags and other features help this work.
5.2. Address Book Collection
CardDAV defines the following new resource type for use in WebDAV
repositories holding vCard data.
Address book collections appear to clients as a WebDAV resource
collection, identified by a URL. An address book collection MUST
report the DAV:collection and CARDDAV:adbk XML elements in the value
of the DAV:resourcetype property. The element type declaration for
CARDDAV:adbk is:
Daboo Expires April 19, 2006 [Page 10]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
An address book collection contains resources that represent the
vCard objects within an address book. An address book collection may
be created through provisioning (e.g. automatically created when a
user's account is created), or it may be created through MKADBK (see
Section 5.4.1). This can be useful for a user to create a second
address book (e.g. "family") or for users to share an address book
(e.g. "soccer team"). Note however that this document doesn't define
what extra address book collections are for, users must rely on non-
standard cues to find out what an address book collection is for, or
use the CARDDAV:adbk-description property defined in Section 5.2.1 to
provide such a cue.
Address book collections MUST NOT contain other address book
collections. Multiple address book collections MAY be children of
the same WebDAV collection.
An address book collection MAY contain additional collections and
non-collection resources of types not defined here. How such items
are used is not defined by this specification. However, additional
collections contained in an address book collection MUST NOT contain
address book collections.
5.2.1. CARDDAV:adbk-description Property
Name: adbk-description
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Provides a description for the resource that is suitable for
presentation to a user.
Description: The CARDDAV:adbk-description property MAY be defined on
any address book collection resource. If present, the property
contains a description of the resource that is suitable for
presentation to the user in some form.
5.3. vCard Object Resource Restrictions in Address Book Collections
vCard object resources contained in address book collections MUST
contain a single VCARD component only.
vCard components in an address book collection MUST have a UID
property value that MUST be unique in the scope of the address book
collection, and all its descendant collections, in which the vCard
object resource is contained.
Daboo Expires April 19, 2006 [Page 11]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
5.4. Creating Resources
The creation of address book collections and vCard object resources
may be initiated by either a CardDAV client or by the CardDAV server.
For example, a server might come preconfigured with a user's address
book collection, or the CardDAV client might request the server to
create a new address book collection for a given user. Servers might
populate vCard objects inside an address book collection, or clients
might request the server to create vCards. Either way, both client
and server MUST comply with the requirements in this document, and
MUST understand objects appearing in address book collections or
according to the data model defined here.
5.4.1. MKADBK Method
An HTTP request using the MKADBK method creates a new address book
collection resource.
Clients SHOULD use the DAV:displayname property for a human-readable
name of the address book. Clients can either specify the value of
the DAV:displayname property in the request body of the MKADBK
request, or alternatively issue a PROPPATCH request to change the
DAV:displayname property to the appropriate value immediately after
issuing the MKADBK request. Clients SHOULD NOT set the DAV:
displayname property to be the same as any other calendar collection
at the same URI "level". When displaying address book collections to
users, clients SHOULD check the DAV:displayname property and use that
value as the name of the address book. In the event that the DAV:
displayname property is empty, the client MAY use the last part of
the address book collection URI as the name.
If a MKADBK request fails, the server state preceding the request
MUST be restored.
Marshalling:
If a request body is included, it MUST be a CARDDAV:mkadbk XML
element. Instruction processing MUST occur in the order
instructions are received (i.e., from top to bottom).
Instructions MUST either all be executed or none executed. Thus
if any error occurs during processing all executed instructions
MUST be undone and a proper error result returned. Instruction
processing details can be found in the definition of the DAV:set
instruction in section 12.13 of [RFC2518].
Daboo Expires April 19, 2006 [Page 12]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
If a response body for a successful request is included, it MUST
be a CARDDAV:mkadbk-response XML element.
The response MUST include a Cache-Control:no-cache header.
Preconditions:
(DAV:resource-must-be-null): A resource MUST NOT exist at the
Request-URI.
(CARDDAV:adbk-collection-location-bad): The Request-URI MUST
identify a location where an address book collection can be
created.
(CARDDAV:insufficient-privilege): The DAV:bind privilege MUST be
granted to the current user.
Postconditions:
(CARDDAV:initialize-adbk-collection): A new address book
collection exists at the Request-URI. The DAV:resourcetype of the
address book collection MUST contain both DAV:collection and
CARDDAV:adbk XML elements.
5.4.1.1. Status Codes
201 (Created) - The address book collection resource was created in
its entirety.
207 (Multi-Status) - The address book collection resource was not
created since one or more DAV:set instructions specified in the
request body could not be processed successfully. The following are
examples of response codes one would expect to be used in a 207
(Multi-Status) response:
403 (Forbidden) - The client, for reasons the server chooses not
to specify, cannot alter one of the properties.
409 (Conflict) - The client has provided a value whose semantics
are not appropriate for the property. This includes trying to set
read-only properties.
424 (Failed Dependency) - The DAV:set instruction on the specified
resource would have succeeded if it were not for the failure of
another DAV:set instruction specified in the request body.
423 (Locked) - The specified resource is locked and the client
either is not a lock owner or the lock type requires a lock token
to be submitted and the client did not submit it.
507 (Insufficient Storage) - The server did not have sufficient
space to record the property.
403 (Forbidden) - This indicates at least one of two conditions: 1)
Daboo Expires April 19, 2006 [Page 13]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
the server does not allow the creation of address book collections at
the given location in its namespace, or 2) the parent collection of
the Request-URI exists but cannot accept members.
405 (Method Not Allowed) - MKADBK can only be executed on a null
resource.
409 (Conflict) - A collection cannot be made at the Request-URI until
one or more intermediate collections have been created.
415 (Unsupported Media Type)- The server does not support the request
type of the body.
507 (Insufficient Storage) - The resource does not have sufficient
space to record the state of the resource after the execution of this
method.
5.4.1.2. Example - MKADBK
>> Request <<
MKADBK /home/lisa/addressbook/ HTTP/1.1
Host: adbk.example.com
Content-Type: text/xml; charset="utf-8"
Content-Length: xxx
Lisa's Address Book
My primary address book.
>> Response <<
HTTP/1.1 201 Created Date: Fri, 22 Oct 2004 12:17:08 GMT
Content-Length: 0
Cache-Control: no-cache
In this example, a new address book collection is created at
http://adbk.example.com/home/lisa/addressbook/
Daboo Expires April 19, 2006 [Page 14]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
5.4.2. Creating vCard Object Resources
Clients typically populate address book collections with vCard object
resources. The URL for each vCard object resource is entirely
arbitrary, and does not need to bear a specific relationship (but
might) to the vCard object resource's full name, UID or other
metadata. A new vCard object resource must have a unique URL,
otherwise the new component would instead be an update to an existing
vCard object resource.
When servers create new resources, it's not hard for the server to
choose a unique URL. It's slightly tougher for clients, because a
client might not want to examine all resources in the collection, and
might not want to lock the entire collection to ensure that a new one
isn't created with a name collision. However, there are http
features to mitigate this. If the client intends to create a new
vCard resource the client SHOULD use the HTTP header "If-None-Match:
*" on the PUT request. The Request-URI on the PUT request MUST
include the target collection, where the resource is to be created,
plus the name of the resource in the last path segment. The last
path segment could be a random number, or it could be a sequence
number, or a string related to the object's 'full name' property. No
matter how the name is chosen, the "If-None-Match" header ensures
that the client cannot overwrite an existing resource even if it has
accidentally chosen a duplicate resource name.
Servers SHOULD return an ETag header containing the actual ETag of
the newly created resource on a successful creation.
Daboo Expires April 19, 2006 [Page 15]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
>> Request <<
PUT /lisa/addressbook/newvcard.vcf HTTP/1.1
If-None-Match: *
Host: adbk.example.com
Content-Type: text/vcard
Content-Length: xxx
BEGIN:VCARD
VERSION:3.0
FN:Cyrus Daboo
N:Daboo;Cyrus
ADR;TYPE=POSTAL:;2822 Email HQ;Suite 2821;RFCVille;PA;15213;USA
EMAIL;TYPE=INTERNET,PREF:cyrus@daboo.name
NICKNAME:me
NOTE:Example VCard.
ORG:Self Employed
TEL;TYPE=WORK,VOICE:412 605 0499
TEL;TYPE=FAX:412 605 0705
URL:http://www.daboo.name
END:VCARD
>> Response <<
HTTP/1.1 201 Created
Date: Thu, 02 Sep 2004 16:53:32 GMT
Content-Length: 0
ETag: "123456789-000-111"
The request to change an existing vCard is the same, but with a
specific ETag in the "If-Match" header, rather than the "If-None-
Match" header.
File names for vCards are commonly suffixed by ".vcf", and clients
may choose to use the same convention for URLs.
Preconditions for PUT within address book collections:
(CARDDAV:uid-already-exists): The component UID chosen is not
unique and the client must choose another if it attempts again.
(CARDDAV:invalid-vcard-resource): The vCard object syntax or
structure was invalid.
6. Address Book Reports
This section defines the reports which a CardDAV server supports on
Daboo Expires April 19, 2006 [Page 16]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
address book collections and vCard object resources. Some of these
reports are REQUIRED and others are OPTIONAL or RECOMMENDED.
CardDAV servers MUST advertise support for all the reports
implemented with the DAV:supported-report-set property defined in
RFC3253 [RFC3253].
Some of these reports allow vCard data (from possibly multiple
resources) to be returned.
6.1. REPORT Method
The REPORT method (defined in Section 3.6 of RFC3253 [RFC3253])
provides an extensible mechanism for obtaining information about a
resource. Unlike the PROPFIND method, which returns the value of one
or more named properties, the REPORT method can involve more complex
processing. REPORT is valuable in cases where the server has access
to all of the information needed to perform the complex request (such
as a query), and where it would require multiple requests for the
client to retrieve the information needed to perform the same
request.
A server that supports adbk-access MUST support the DAV:expand-
property report (defined in Section 3.8 of RFC3253 [RFC3253]).
6.2. Reports on collections containing address book collections
A WebDAV collection which contains one or more address book
collections is not a new type of resource, but it may support these
new REPORTs. If so, then the REPORT is expected to have the
semantics of including information from all the vCard data contained
in the collection, and its children, recursively. These collections
may contain non-vCard resources. It's up to the server, if it
supports these REPORTs on a normal WebDAV collection, to find vCard
object resources and decide what to do with non-vCard resources and
whether those may also appear in the collection or its children.
If these reports are supported on ordinary collections the server
advertises the capability with the DAV:supported-report-set property
as already described.
6.3. CARDDAV:adbk-query Report
Support for this report is REQUIRED.
The CARDDAV:adbk-query REPORT performs a search for all vCard object
resources that match a specified search filter. The response of this
report will contain all the WebDAV properties and vCard object
Daboo Expires April 19, 2006 [Page 17]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
resource data specified in the request. In the case of the CARDDAV:
adbk-data XML element, one can explicitly specify the vCard
properties that should be returned in the vCard object resource data
that matches the search filter.
The format of this report is modeled on the PROPFIND method. The
request and response bodies of the CARDAV:adbk-query report use XML
elements that are also used by PROPFIND. In particular the request
can include XML elements to request WebDAV properties to be returned.
When that occurs the response should follow the same behavior as
PROPFIND with respect to the DAV:multistatus response elements used
to return specific property results. For instance, a request to
retrieve the value of a property which does not exist is an error and
MUST be noted with a response XML element which contains a 404 (Not
Found) status value.
Support for the CARDDAV:adbk-query REPORT is REQUIRED.
Marshalling:
The request body MUST be a CARDDAV:adbk-query XML element as
defined in Section 8.1.
The response body for a successful request MUST be a DAV:
multistatus XML element (i.e., the response uses the same format
as the response for PROPFIND). In the case where there are no
response elements, the returned DAV:multistatus XML element is
empty.
The response body for a successful CARDDAV:adbk-query REPORT
request MUST contain a DAV:response element for each vCard object
that matched the search filter. vCard data is being returned in
the CARDDAV:adbk-data XML element inside the DAV:propstat XML
element.
Preconditions:
None.
Postconditions:
(DAV:number-of-matches-within-limits): The number of matching
vCard object resources must fall within server-specific,
predefined limits. For example, this condition might be triggered
if a search specification would cause the return of an extremely
large number of responses.
6.3.1. Example: Partial retrieval of vCards matching a
NICKNAME
In this example, the client requests the server to search for vCard
object resources that contain a NICKNAME property whose value equals
some specific text, and to return specific vCard properties for those
Daboo Expires April 19, 2006 [Page 18]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
vCards found. In addition the DAV:getetag property is also requested
and returned as part of the response.
>> Request <<
REPORT /home/bernard/addressbook/ HTTP/1.1
Host: adbk.example.com
Depth: 1
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
me
Daboo Expires April 19, 2006 [Page 19]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
>> Response <<
HTTP/1.1 207 Multi-Status
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
http://adbk.example.com/home/bernard/addressbook/v102.vcf
"23ba4d-ff11fb"
BEGIN:VCARD
VERSION:3.0
NICKNAME:me
UID:34222-232@example.com
FN:Cyrus Daboo
EMAIL:daboo@example.com
END:VCARD
HTTP/1.1 200 OK
6.3.2. Example: Partial retrieval of vCards matching a full
name
In this example, the client requests the server to search for vCard
object resources that contain a FN property whose value contains some
specific text, and to return specific vCard properties for those
vCards found. In addition the DAV:getetag property is also requested
and returned as part of the response.
Daboo Expires April 19, 2006 [Page 20]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
>> Request <<
REPORT /home/bernard/addressbook/ HTTP/1.1
Host: adbk.example.com
Depth: 1
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
Daboo
Daboo Expires April 19, 2006 [Page 21]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
>> Response <<
HTTP/1.1 207 Multi-Status
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
http://adbk.example.com/home/bernard/addressbook/v102.vcf
"23ba4d-ff11fb"
BEGIN:VCARD
VERSION:3.0
NICKNAME:me
UID:34222-232@example.com
FN:Cyrus Daboo
EMAIL:daboo@example.com
END:VCARD
HTTP/1.1 200 OK
http://adbk.example.com/home/bernard/addressbook/v104.vcf
"23ba4d-ff11fc"
BEGIN:VCARD
VERSION:3.0
NICKNAME:oliver
UID:34222-23222@example.com
FN:Oliver Daboo
EMAIL:oliver@example.com
END:VCARD
HTTP/1.1 200 OK
Daboo Expires April 19, 2006 [Page 22]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
6.4. CARDDAV:adbk-multiget Report
Support for this report is REQUIRED.
The CARDDAV:adbk-multiget REPORT is used to retrieve specific vCard
object resources from within a collection, if the Request-URI is a
collection, or to retrieve a specific vCard object resource, if the
Request-URI is a vCard object resource. This report is similar to
the CARDDAV:adbk-query REPORT (see Section 6.3), except that it takes
a list of DAV:href elements instead of a CARDDAV:filter element to
determine which vCard object resources to return.
Support for the adbk-multiget REPORT is REQUIRED.
Marshalling:
The request body MUST be a CARDDAV:adbk-multiget XML element (see
Section 8.4, which MUST contain at least one DAV:href XML element,
and one optional CARDDAV:adbk-data element as defined in
Section 8.2. If the Request-URI is a collection resource, then
the DAV:href elements MUST refer to resources within that
collection, and they MAY refer to resources at any depth within
the collection. As a result the "Depth" header MUST be ignored by
the server and SHOULD NOT be sent by the client. If the Request-
URI refers to a non-collection resource, then there MUST be a
single DAV:href element that is equal to the Request-URI.
The response body for a successful request MUST be a DAV:
multistatus XML element. In the case where there are no response
elements, the returned DAV:multistatus XML element is empty.
The response body for a successful CARDDAV:adbk-multiget REPORT
request MUST contain a DAV:response element for each vCard object
resource referenced by the provided set of DAV:href elements.
vCard data is being returned in the CARDDAV:adbk-data element
inside the DAV:prop element.
In the case of an error accessing any of the provided DAV:href
resources, the server MUST return the appropriate error status
code in the DAV:status element of the corresponding DAV:response
element.
Preconditions:
None.
Postconditions:
None.
6.4.1. Example: CARDDAV:adbk-multiget Report
In this example, the client requests the server to return specific
properties of the vCards components referenced by specific URIs. In
Daboo Expires April 19, 2006 [Page 23]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
addition the DAV:getetag property is also requested and returned as
part of the response. Note that in this example, the resource at
http://adbk.example.com/home/bernard/addressbook/vcf1.vcf does not
exist, resulting in an error status response.
>> Request <<
REPORT /home/bernard/addressbook/ HTTP/1.1
Host: adbk.example.com
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
http://adbk.example.com/home/bernard/addressbook/vcf102.vcf
http://adbk.example.com/home/bernard/addressbook/vcf1.vcf
Daboo Expires April 19, 2006 [Page 24]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
>> Response <<
HTTP/1.1 207 Multi-Status
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
http://adbk.example.com/home/bernard/addressbook/vcf102.vcf
"23ba4d-ff11fb"
BEGIN:VCARD
VERSION:3.0
NICKNAME:me
UID:34222-232@example.com
FN:Cyrus Daboo
EMAIL:daboo@example.com
END:VCARD
HTTP/1.1 200 OK
http://adbk.example.com/home/bernard/addressbook/vcf1.vcf
HTTP/1.1 404 Resource not found
6.5. CARDDAV:adbk-sync Report
Support for this report is OPTIONAL but RECOMMENDED.
The CARDDAV:adbk-sync REPORT is used to provide an overview of what
has changed on the server since a previous execution of this report.
The primary purpose of this is to aid the client in synchronizing its
local cache of data with the server, in an efficient manner with as
few round trips as possible.
Support for the adbk-sync REPORT is OPTIONAL. If this report is
implemented by the CardDAV server, then the server MUST include
"carddav-sync" in any DAV: response header to an OPTIONS request as
per Section 4.1. If the report is not available, clients MUST NOT
Daboo Expires April 19, 2006 [Page 25]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
attempt to execute one.
To implement the behaviour for this report a server needs to keep
track of changes to vCard data in an address book collection. This
includes noting the addition of new vCards, noting changes to vCards
and noting removal of vCards (where "removal" could be the result of
a DELETE or MOVE operation). The server will track each change and
provide a synchronization "token" to the client that describes the
state of the server at a specific point in time. This "token" is
returned as part of the response to the "adbk-sync" report. Clients
include the last token they got from the server in the next "adbk-
sync" report that they execute and the server provides the changes
from the previous state represented by the token to the current
state, represented by the new token returned.
The synchronization token itself is an "opaque" string - i.e., the
actual string data has no specific meaning or syntax. A simple
implementation of such a token would be a numeric counter that counts
each change as it occurs and relates that change to the specific
object that changed.
The "adbk-sync" reports allows the client to specify whether it
should receive vCard data for those objects that are new or have
changed, and it uses the "adbk-data" element (also used in the "adbk-
query" and "adbk-multiget" reports) for that purpose.
Marshalling:
The request URI MUST be an address book collection. The "Depth"
header MUST be ignored by the server and SHOULD NOT be sent by the
client. The request body MUST be a CARDDAV:adbk-sync XML element
(see Section 8.5, which MUST contain one CARDDAV:sync-token XML
element, and one optional CARDDAV:adbk-data element as defined in
Section 8.2.
The response body for a successful request MUST be a DAV:
multistatus XML element, which MUST contain one CADRDDAV:sync-
token element in addition to any DAV:response elements.
The response body for a successful CARDDAV:adbk-multiget REPORT
request MUST contain a DAV:response element for each vCard object
resource that was created, has changed or been deleted since the
last syncrhonization operation as specified by the CARDDAV:sync-
token provided in the request. vCard data is returned in the
CARDDAV:adbk-data element inside the DAV:prop element.
The DAV:status element in each DAV:response element is used to
indicate how the vCard resource may have changed:
A status code of '201 Created' is used to indicate vCards that
are new.
Daboo Expires April 19, 2006 [Page 26]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
A status code of '200 OK' is used to indicate vCards that have
changed.
A status code of '404 Not Found' is used to indicate vCards
that have been removed.
If the synchronization token element is not empty and not
recognized by the server, then the server MUST respond with 400
Bad Request response.
Preconditions:
None.
Postconditions:
None.
6.5.1. Example: Initial CARDDAV:adbk-sync Report
In this example, the client is making its first synchronization
request to the server, so the CARDDAV:sync-token element in the
request is empty. The server responds with the items currently in
the targetted address book collection (indicating that they are 'new'
via the '201 Created' status code). The current synchronzation token
is also returned.
>> Request <<
REPORT /home/bernard/addressbook/ HTTP/1.1
Host: adbk.example.com
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
Daboo Expires April 19, 2006 [Page 27]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
>> Response <<
HTTP/1.1 207 Multi-Status
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
http://adbk.example.com/home/bernard/addressbook/vcf100.vcf
HTTP/1.1 201 Created
http://adbk.example.com/home/bernard/addressbook/vcf105.vcf
HTTP/1.1 201 Created
http://adbk.example.com/home/bernard/addressbook/vcf106.vcf
HTTP/1.1 201 Created
1234
6.5.2. Example: CARDDAV:adbk-sync Report with token
In this example, the client is making a synchronization request to
the server and is using the CARDDAV:sync-token element returned from
the last report it ran on this address book collection. The server
responds listing the items that have been added, changed or removed.
The (new) current synchronzation token is also returned.
>> Request <<
REPORT /home/bernard/addressbook/ HTTP/1.1
Host: adbk.example.com
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
1234
Daboo Expires April 19, 2006 [Page 28]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
>> Response <<
HTTP/1.1 207 Multi-Status
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
http://adbk.example.com/home/bernard/addressbook/vcf107.vcf
HTTP/1.1 201 Created
http://adbk.example.com/home/bernard/addressbook/vcf100.vcf
HTTP/1.1 200 OK
http://adbk.example.com/home/bernard/addressbook/vcf105.vcf
HTTP/1.1 404 Not Found
1238
7. Guidelines
7.1. Restrict the Properties Returned
Clients may not need all the properties in a vCard object when
presenting information to the user, or looking up specific items for
their email address, for example. Since some property data can be
large (e.g., PHOTO or SOUND with inline content) clients can choose
to ignore those by only requesting the specific items it knows it
will use, through use of the CARDDAV:adbk-data XML element in the
relevant reports.
However, if a client needs to make a change to a vCard, it can only
change the entire vCard data via a PUT request. There is no way to
incrementally make a change to a set of properties within a vCard
object resource. As a result the client will have to cache the
entire set of properties on a resource that is being changed.
Daboo Expires April 19, 2006 [Page 29]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
7.2. Use of Locking
WebDAV locks can be used to prevent two clients modifying the same
resource from either overwriting each others' changes (though that
problem can also be solved by using ETags) and also to prevent the
user from making changes that will conflict with another set of
changes. In a multi-user address book system, the address book
client could lock a vCard while the user is editing the vCard data,
and unlock the vCard when the user finishes or cancels. Locks can
also be used to prevent changes while data is being reorganized. For
example, an address book client might lock two address book
collections prior to moving a bunch of vCard object resources from
one to another.
Clients may request a lock timeout period that is appropriate to the
use case. When the user explicitly decides to reserve a resource and
prevent other changes, a long timeout might be appropriate, but in
cases when the client automatically decides to lock the resource the
timeout should be short (and the client can always refresh the lock
should it need to). A short lock timeout means that if the client is
unable to remove the lock, the other address book users aren't
prevented from making changes.
7.3. Finding address books
Much of the time an address book client (or agent) will discover a
new address book's location by being provided directly with the URL.
E.g. a user will type his or her own address book location into
client configuration information, or cut and paste a URL from email
into the address book application. The client need only confirm that
the URL points to a resource which is an address book. The client
may also be able to browse WebDAV collections to find address book
collections.
The choice of HTTP URLs means that vCard object resources are
backward compatible with existing software, but does have the
disadvantage that existing software does not usually know to look at
the OPTIONS response to that URL to determine what can be done with
it. This is somewhat of a barrier for WebDAV usage as well as with
CardDAV usage. This specification does not offer a way through this
other than making the information available in the OPTIONS response
should this be requested.
For address book sharing use cases, one might wish to find the
address book belonging to another user. If the other user has an
address book in the same repository, that address book can be found
by using the principal namespace required by WebDAV ACL support.
Daboo Expires April 19, 2006 [Page 30]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
8. XML Element Definitions
8.1. CARDDAV:adbk-query XML Element
Name: adbk-query
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Defines a report for querying address book data
Description: See Section 6.3.
8.2. CARDDAV:adbk-data XML Element
Name: adbk-data
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Used to define which parts of a vCard object should be
returned by the report that uses this element.
Description: When used in a request, the CARDDAV:adbk-data element
specifies the vCard properties to be returned in the vCard objects
part of the response. If this element doesn't contain any
CARDDAV:comp element, vCard objects will be returned with all
their properties.
Value: When used inside a response, the CARDDAV:adbk-data element
contains a vCard object that matched the search filter specified
in the request.
8.2.1. CARDDAV:comp XML Element
Name: comp
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Defines which component types to return
Description: The name value is a the vCard component name (i.e.,
"VCARD") and is optional
NOTE: The CARDDAV:prop and CARDDAV:allprop elements used here have
the same name as elements defined in WebDAV. However, the elements
used here have the "urn:ietf:params:xml:ns:carddav" namespace, as
opposed to the "DAV:" namespace used for elements defined in WebDAV.
Daboo Expires April 19, 2006 [Page 31]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
8.2.2. CARDDAV:allcomp XML Element
Name: allcomp
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Specifies that all components shall be returned
Description: This element can be used when the client wants all types
of components returned by a report. Note that since vCard objects
currentgly have only one type of component, this element would not
normally be used, but is provided for possible extensions and
compatability with CalDAV.
8.2.3. CARDDAV:allprop XML Element
Name: allprop
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Specifies that all properties shall be returned.
Description: This element can be used when the client wants all
properties of components returned by a report.
NOTE: The CARDDAV:allprop element defined here has the same name as
the DAV:allprop element defined in WebDAV. However, the CARDDAV:
allprop element defined here uses the
"urn:ietf:params:xml:ns:carddav" namespace, as opposed to the "DAV:"
namespace used for the DAV:allprop element defined in WebDAV.
8.2.4. CARDDAV:prop XML Element
Name: prop
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Defines which properties to return in the response.
Description: The "name" attribute specifies the name of the adbk
property to return (e.g., "NICKNAME"). The "novalue" attribute
can be used by clients to request that the actual value of the
property not be returned (if the "novalue" attribute is set to
"yes"). In that case the server will return just the vCard
property name and any vCard parameters and a trailing ":" without
the subsequent value data.
NOTE: The CARDDAV:prop element defined here has the same name as the
Daboo Expires April 19, 2006 [Page 32]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
DAV:prop element defined in WebDAV. However, the CARDDAV:prop
element defined here uses the "urn:ietf:params:xml:ns:carddav"
namespace, as opposed to the "DAV:" namespace used for the DAV:prop
element defined in WebDAV.
8.3. CARDDAV:filter XML Element
Name: filter
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Determines which matching objects are returned.
Description: The "filter" element specifies the search filter used to
match vCard objects that should be returned by a report.
8.3.1. CARDDAV:comp-filter XML Element
Name: comp-filter
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Limits the search to only the chosen component types.
Description: The "name" attribute is the vCard component type (i.e.,
"VCARD"). When this element is present, the server should only
return a component if it matches the filter, which is to say:
("no is-defined element" OR "is-defined matches") AND
("no sub-component filter" OR "all sub-component filters match") AND
("no property filter elements" OR "all property filters match")
Since vCard only has one component type, this element would not
normally be used. It is present for future extensions and for
compatability with CalDAV.
Since vCard does not support embedded components, a child comp-
filter element would not normally be used. It is present for
future extensions and for compatability with CalDAV.
Daboo Expires April 19, 2006 [Page 33]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
8.3.2. CARDDAV:prop-filter XML Element
Name: prop-filter
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Limits the search to specific properties.
Description: The "name" attribute MUST contain a vCard property name
(e.g., "NICKNAME"). When the CARDDAV:prop-filter executes, a
property matches if:
("no is-defined element" OR "is-defined matches") AND
("no time-range element" OR "time-range matches") AND
("no text match element" OR "text-match matches") AND
("no parameter filter elements" OR "all parameter filters match")
8.3.3. CARDDAV:param-filter XML Element
Name: param-filter
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Limits the search to specific parameters.
Description: The "param-filter" element limits the search result to
the set of vCard objects containing properties with parameters
that meet the parameter filter rules. When this filter executes,
a parameter matches if:
("is-defined matches" OR "text-match matches")
8.3.4. CARDDAV:is-defined XML Element
Name: is-defined
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Causes a search to match a resource if a component type,
property or parameter name exists.
Description: The CARDDAV:is-defined XML element limits the filter to
vCard objects where the named component, property or parameter is
defined.
Daboo Expires April 19, 2006 [Page 34]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
8.3.5. CARDDAV:text-match XML Element
Name: text-match
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: Specifies a match on a property or parameter value, using
four possible matching operations.
Description: The specified text is used for a match against the
property or parameter value specified in a report. The "caseless"
attribute indicates whether the match is case-sensitive (value set
to "no") or case-insensitive (value set to "yes"). The default
value is server-specified. Caseless matching SHOULD be
implemented as defined in section 5.18 of the Unicode Standard
([UNICODE4]). Support for the "caseless" attribute is optional.
A server should respond with a status of 422 if it is used but
cannot be supported.
The "match-type" attribute specifies how the match should be done.
In all of these the matching is either case-sensitive or case-
insenstive as defined by the "caseless" attaribute.
contains A substring match. i.e. if the specified text is
contained anywhere in the value being tested, then the match is
true.
equals An exact match.
starts-with A match at the start of the value being tested.
ends_with A match at the end of the value being tested.
8.4. CARDDAV:adbk-multiget XML Element
Name: adbk-multiget
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: CardDAV report used to retrieve specific vCard objects via
their URIs.
Description: See Section 6.4.
8.5. CARDDAV:adbk-sync XML Element
Daboo Expires April 19, 2006 [Page 35]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
Name: adbk-sync
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: CardDAV report used to synchronize data between client and
server.
Description: See Section 6.5.
8.5.1. CARDDAV:sync-token XML Element
Name: sync-token
Namespace: urn:ietf:params:xml:ns:carddav
Purpose: The synchronization token provided by the server and
returned by the client.
Description: See Section 6.5.
9. Internationalization Considerations
Clients SHOULD use utf-8 text encoding for the vCard object resource
data. When storing data to the server the client MUST include the
"charset" parameter on the "Content-Type" header in the HTTP request,
set to the appropriate charset, unless the minimal character set of
the data is "us-ascii".
Client SHOULD add "xml:lang" attributes to any XML elements in WebDAV
properties that are used to store human readable text.
10. Security Considerations
With the ACL extension present, WebDAV allows control over who can
access (read or write) any resource on the WebDAV server. In
addition, WebDAV ACL provides for an "inheritance" mechanism, whereby
resources may inherit access privileges from other resources. Often
the "other" resource is a parent collection of the resource itself.
Clients MUST take care to ensure users are aware of which address
books may be "private" (i.e. only accessible to them) and which are
"shared" (i.e. accessible to others).
Since webservers are often the target of automated indexing
applications that gather data from the server, analyse it and extract
'interesting' parts, great care must be taken when allowing
unauthenticated access to any address book or vCard object data.
Clients MAY choose to warn users when they create vCard data in a
public address book, copy or move vCard data into public address
Daboo Expires April 19, 2006 [Page 36]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
books, or change access privileges in such a way as to expose vCard
data to unauthenticated users.
This specification currently relies on standard HTTP authentication
mechanisms for identifying users. These comprise Basic and Digest
authentication as well as SSL using client-side certificates.
11. IANA Consideration
In addition to the namespaces defined by RFC2518 [RFC2518] for XML
elements, this document uses a URN to describe a new XML namespace
conforming to a registry mechanism described in RFC3688 [RFC3688].
All other IANA considerations mentioned in RFC2518 [RFC2518] also
apply to this document.
11.1. Namespace Registration
Registration request for the carddav namespace:
URI: urn:ietf:params:xml:ns:carddav
Registrant Contact: See the "Author's Address" section of this
document.
XML: None. Namespace URIs do not represent an XML specification.
12. References
12.1. Normative References
[REC-XML] Bray, T., Paoli, J., Sperberg-McQueen, C., Maler, E., and
F. Yergeau, "Extensible Markup Language (XML) 1.0 (Third
Edition)", W3C REC-xml-20040204, February 2004,
.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2426] Dawson, F. and T. Howes, "vCard MIME Directory Profile",
RFC 2426, September 1998.
[RFC2518] Goland, Y., Whitehead, E., Faizi, A., Carter, S., and D.
Jensen, "HTTP Extensions for Distributed Authoring --
WEBDAV", RFC 2518, February 1999.
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Daboo Expires April 19, 2006 [Page 37]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
[RFC3253] Clemm, G., Amsden, J., Ellison, T., Kaler, C., and J.
Whitehead, "Versioning Extensions to WebDAV (Web
Distributed Authoring and Versioning)", RFC 3253,
March 2002.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
January 2004.
[RFC3744] Clemm, G., Reschke, J., Sedlar, E., and J. Whitehead, "Web
Distributed Authoring and Versioning (WebDAV) Access
Control Protocol", RFC 3744, May 2004.
[UNICODE4]
The Unicode Consortium, "The Unicode Standard - Version
4.0", Addison-Wesley , August 2003,
.
ISBN 0321185781
12.2. Informative References
[RFC2244] Newman, C. and J. Myers, "ACAP -- Application
Configuration Access Protocol", RFC 2244, November 1997.
[RFC2251] Wahl, M., Howes, T., and S. Kille, "Lightweight Directory
Access Protocol (v3)", RFC 2251, December 1997.
Appendix A. Acknowledgments
Thanks go to Lisa Dusseault and Bernard Desruisseaux for their work
on CalDAV, on which CardDAV is heavily based.
Daboo Expires April 19, 2006 [Page 38]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
Author's Address
Cyrus Daboo
Email: cyrus@daboo.name
Daboo Expires April 19, 2006 [Page 39]
Internet-Draft vCard Extensions to WebDAV (CardDAV) October 2005
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Daboo Expires April 19, 2006 [Page 40]