Web Server Design Week 4 Old Dominion University Department of Computer Science CS 495/595 Spring 2006 Michael L. Nelson <mln@cs.odu.edu> 1/30/06
Entity Tags: “Etag” AIHT:~/Desktop/cs595-s06 mln$ telnet www.cs.odu.edu 80 | tee 1-1.out Trying 128.82.4.2... Connected to xenon.cs.odu.edu. Escape character is '^]'. GET /~mln/index.html HTTP/1.1 Connection: close Host: www.cs.odu.edu HTTP/1.1 200 OK Date: Mon, 09 Jan 2006 17:07:04 GMT Server: Apache/1.3.26 (Unix) ApacheJServ/1.1.2 PHP/4.3.4 Last-Modified: Sun, 29 May 2005 02:46:53 GMT ETag: "1c52-14ed-42992d1d" Accept-Ranges: bytes Content-Length: 5357 Content-Type: text/html <html> <head> <title>Home Page for Michael L. Nelson</title> <style type="text/css"> <!-- [lots of html deleted] Connection closed by foreign host.
Section 3.11 - Entity Tags Etags used in request headers entity (response) headers An entity tag consists of an opaque quoted string, possibly prefixed by a weakness indicator. […] A "strong entity tag" MAY be shared by two entities of a resource only if they are equivalent by octet equality. A "weak entity tag," indicated by the "W/" prefix, MAY be shared by two entities of a resource only if the entities are equivalent and could be substituted for each other with no significant change in semantics. A weak entity tag can only be used for weak comparison. An entity tag MUST be unique across all versions of all entities associated with a particular resource. A given entity tag value MAY be used for entities obtained by requests on different URIs. The use of the same entity tag value in conjunction with entities obtained by requests on different URIs does not imply the equivalence of those entities.
Opaqueness A string / tag / pointer / data structure whose semantics / implementation are hidden/local Q: What does “1c52-14ed-42992d1d” mean? A: it doesn’t matter… Examples: ATM & CC data strips Hotel & Flight reservation codes http cookies
Section 13.3.3 Weak and Strong Validators Entity tags are normally "strong validators," but the protocol provides a mechanism to tag an entity tag as "weak." One can think of a strong validator as one that changes whenever the bits of an entity changes, while a weak value changes whenever the meaning of an entity changes. Alternatively, one can think of a strong validator as part of an identifier for a specific entity, while a weak validator is part of an identifier for a set of semantically equivalent entities. Note: One example of a strong validator is an integer that is incremented in stable storage every time an entity is changed. An entity's modification time, if represented with one-second resolution, could be a weak validator, since it is possible that the resource might be modified twice during a single second. Support for weak validators is optional. However, weak validators allow for more efficient caching of equivalent objects; … strong = exact match; weak = “good enough” match
How to Create Etags? File contents URI (filename) URI + datestamp but size is prohibitive URI (filename) can’t tell the difference in updates URI + datestamp race conditions within time granularity? URI + revision counter files system support? But how to ensure opaqueness? apply a hash function to one of the above approaches…
The Magic of Hashes a 1-1 function to map from a domain to a range typically generate fixed-length output, regardless of the length of the input a simple example: A 01 B 02 C 03 … … X 24 Y 25 Z 26
A Secret Hash This example is only slightly harder to “reverse”: A 10 B 26 C 03 … … X 02 Y 19 Z 04
A “One-Way” Hash* A 02 B 03 C 05 … … g(x) = X 89 Y 97 Z 101 Cannot be reversed; given an output it is not computationally feasible to determine the input A 02 B 03 C 05 … … X 89 Y 97 Z 101 g(x) = f(x) = g(x-1) * g(x) * g(x+1) where x = a character in a string such “please be hard to read” * = well, this example is probably neither 1-way nor a true hash, but it is illustrative…
Common Hash Functions Variable length input, fixed length output Can’t be reversed small changes in input, large changes in output MD5 http://www.ietf.org/rfc/rfc1321.txt SHA-1 http://www.w3.org/PICS/DSig/SHA1_1_0.html AIHT.local:/Users/mln/Desktop/cs595-s06 % cat aaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa AIHT.local:/Users/mln/Desktop/cs595-s06 % cat aab aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa AIHT.local:/Users/mln/Desktop/cs595-s06 % md5 aaa MD5 (aaa) = ab5e3552116660a492c1c12fa08da9d2 AIHT.local:/Users/mln/Desktop/cs595-s06 % md5 aab MD5 (aab) = 015c1a591ba345438760b6aafc1f7b60
Possible Approaches Strong: Weak: md5(“URI+datestamp”) md5(“strings(content(URI))+datestamp”)