Discussion page for the VOSpace 2.1 specification

This is a discussion page for the VOSpace-2.1 service specification.

Please edit this page directly to add comments or specification changes and additions.

Since this is a minor revision, all changes must be backwards compatible with the VOSpace-2.0 specification.

Changes and Enhancements for VOSpace 2.1

Parameter based sync transfer negotiation

This is a proposal to support the ability to perform a simplified transfer negotiation by executing an HTTP GET with transfer parameters to the /sync endpoint. For example:

Parameter based GET:

curl -d "TARGET=vos://nvo.caltech!vospace/mydata1&DIRECTION=pullFromVoSpace&PROTOCOL=ivo://ivoa.net/vospace/core#httpget" "http://localhost:8000/sync"

Would be somewhat equivalent to:

curl -X POST -d @job.xml "http://localhost:8000/sync"

Where job.xml is a file containing:

<vos:transfer xmlns:vos="http://www.ivoa.net/xml/VOSpace/v2.1">
<vos:target>vos://nvo.caltech!vospace/mydata1</vos:target>
<vos:direction>pullFromVoSpace</vos:direction>
<vos:protocol>ivo://ivoa.net/vospace/core#httpget</vos:protocol>
</vos:transfer>

Instead of returning a redirect to the transferDetails (which will contain the endpoint URL(s)), it would return a single, preferred endpoint URL directly. This is an optimization that reduces the number of redirects.

Since there is no job associated with the optimized GET, there less ability to do correct error handling. Upon error, clients should revert to the POST to /sync for full transfer negotiation and error handling capability. This is an optimistic approach and assumes that there is a low error rate in the service and this fallback would not happen frequently.

Add desired authentication method to transfer document

In certain cases, there isn't enough information in the transfer negotiation document to produce URLs to the data store correctly. The missing piece of information is authentication method they wish to use on the URLs. For example, if they wish to use userid/password to authenticate, the URLs must be pointed at a resource that will block and collect that information. If a cookie is to be used, the resource must not block. Authentication method options should include, but are not limited to:

• anonymous
• userid/password basic authentication
• cookies
• x509 client certificate

Update: The IVOA Single Sign-On Profile should be consulted on this, though it is now a bit out-of-date (2008).

Notes / Questions / Discussion Items

• Add authentication types to the capabilities?
• JPEG2000 Interactive Protocol (JPIP) and VOSpace?
• How would authType be best placed in the XML schema?

The 2.1 Working Draft

• VOSpace2-1.html: VOSpace 2.1 WD

Change Notes

From version 2.0-20130329 (in progress):

• Addition of optimized HTTP GET method of data transfer for pushToVoSpace, pullFromVoSpace
• Addition of authType to Protocol in XML schema for transfer negotiation.
• Added preliminary list of standard authType URIs
• Removed view=data convenience method of data transfer
• Corrections to minor XML format errors in the examples throughout the document.

• (3.4.3) Added "view parameters" to view description
• (3.5, Appendix B) Corrections to required, optional protocol parameters
• (Appendix A) Addition of authType element to protocol element
• (3.6.2) Added sentence about the protocol authType
• (3.8) Added paragraph about HTTP GET to /sync endpoint for optimized transfer negotiation
• (4) Added paragraph about the (preliminary) set of supported authentication types
• (5.4.1, 5.4.2, 5.4.3, 5.4.4) XML formatting corrections in examples
• (5.4.3.1) Removed view=data as a suggested convenience for "pullFromVoSpace". Replaced with optimized HTTP GET from /sync example.
• (5.4.1, 5.4.3) Added authType to protocol in the examples
• (3.5.3) Added (preliminary) set of standard authType URIs
• (6) Preliminary change notes

For future VOSpace versions:

• In the transfer object, the 'direction' can conflict with the protocol URI. For example, the direction can be 'pullFromVoSpace' and the protocol can be 'HTTP-PUT'. This could be cleaned up to remove error cases.
• Should VOSpace should have it's own registry extension, VoSpaceRegEx?
• Section 4, Access Control: Version 3.0 should state access control policies at the Node level?