1. Web Server Design Week 4 Old Dominion University
Department of Computer Science
CS 495/595 Spring 2009
Michael L. Nelson
2/2/09

2. Entity Tags: “Etag”
AIHT:~/Desktop/cs595-s06 mln$ telnet 80 | tee 1-1.out
Trying
Connected to xenon.cs.odu.edu.
Escape character is '^]'.
GET /~mln/index.html HTTP/1.1
Connection: close
Host:
HTTP/ OK
Date: Mon, 09 Jan :07:04 GMT
Server: Apache/ (Unix) ApacheJServ/1.1.2 PHP/4.3.4
Last-Modified: Sun, 29 May :46:53 GMT
ETag: "1c52-14ed-42992d1d"
Accept-Ranges: bytes
Content-Length: 5357
Content-Type: text/html
<html>
<head>
<title>Home Page for Michael L. Nelson</title>
<style type="text/css">
<!--
[lots of html deleted]
Connection closed by foreign host.

3. What is an “Entity”? section 1.3: entity
The information transferred as the payload of a request or
response. An entity consists of metainformation in the form of
entity-header fields and content in the form of an entity-body, as
described in section 7.
section 7:
An entity
consists of entity-header fields and an entity-body, although some
responses will only include the entity-headers.

4. Looking Again at a Response
section 6:
Response = Status-Line ; Section 6.1
*(( general-header ; Section 4.5
| response-header ; Section 6.2
| entity-header ) CRLF) ; Section 7.1
CRLF
[ message-body ] ; Section 7.2

5. Entity Headers Are a Subset of Response Headers
7.1 Entity Header Fields
Entity-header fields define metainformation about the entity-body or,
if no body is present, about the resource identified by the request.
Some of this metainformation is OPTIONAL; some might be REQUIRED by
portions of this specification.
entity-header = Allow ; Section 14.7
| Content-Encoding ; Section 14.11
| Content-Language ; Section 14.12
| Content-Length ; Section 14.13
| Content-Location ; Section 14.14
| Content-MD ; Section 14.15
| Content-Range ; Section 14.16
| Content-Type ; Section 14.17
| Expires ; Section 14.21
| Last-Modified ; Section 14.29
| extension-header
extension-header = message-header

6. Section 3.11 - Entity Tags Etags used in request headers
response headers
An entity tag consists of an opaque quoted string, possibly prefixed by
a weakness indicator.
[…]
A "strong entity tag" MAY be shared by two entities of a resource
only if they are equivalent by octet equality.
A "weak entity tag," indicated by the "W/" prefix, MAY be shared by
two entities of a resource only if the entities are equivalent and
could be substituted for each other with no significant change in
semantics. A weak entity tag can only be used for weak comparison.
An entity tag MUST be unique across all versions of all entities
associated with a particular resource. A given entity tag value MAY
be used for entities obtained by requests on different URIs. The use
of the same entity tag value in conjunction with entities obtained by
requests on different URIs does not imply the equivalence of those
entities.

7. Opaqueness
A string / tag / pointer / data structure whose semantics / implementation are hidden/local
Q: What does “1c52-14ed-42992d1d” mean?
A: it doesn’t matter…
Examples:
ATM & CC data strips
Hotel & Flight reservation codes
http cookies

8. Section 13.3.3 Weak and Strong Validators
Entity tags are normally "strong validators," but the protocol
provides a mechanism to tag an entity tag as "weak." One can think of
a strong validator as one that changes whenever the bits of an entity
changes, while a weak value changes whenever the meaning of an entity
changes. Alternatively, one can think of a strong validator as part
of an identifier for a specific entity, while a weak validator is
part of an identifier for a set of semantically equivalent entities.
Note: One example of a strong validator is an integer that is
incremented in stable storage every time an entity is changed.
An entity's modification time, if represented with one-second
resolution, could be a weak validator, since it is possible that
the resource might be modified twice during a single second.
Support for weak validators is optional. However, weak validators
allow for more efficient caching of equivalent objects; …
strong = exact match; weak = “good enough” match

9. Common Hash Functions Variable length input, fixed length output
Can’t be reversed
small changes in input, large changes in output
MD5
SHA-1
AIHT.local:/Users/mln/Desktop/cs595-s06 % cat aaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
AIHT.local:/Users/mln/Desktop/cs595-s06 % cat aab
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
AIHT.local:/Users/mln/Desktop/cs595-s06 % md5 aaa
MD5 (aaa) = ab5e a492c1c12fa08da9d2
AIHT.local:/Users/mln/Desktop/cs595-s06 % md5 aab
MD5 (aab) = 015c1a591ba b6aafc1f7b60

10. Possible Approaches Strong: Weak: md5(entitybody+entityheaders)

11. How Does Apache Do It?
A configurable function with default inputs of (inode, size, modification time):
Direct relationship to three parts of:
ETag: "1c52-14ed-42992d1d"
?? Probably, but look in the Apache source code to be sure
let’s run a test…

12. Black Box Test request: bash-3.2$ telnet www.cs.odu.edu 80
Trying
Connected to xenon.cs.odu.edu.
Escape character is '^]'.
HEAD /~mln/teaching/cs595-s09/etag-test/foo.txt HTTP/1.1
Host:
Connection: close
request:
HTTP/ OK
Date: Fri, 30 Jan :38:01 GMT
Server: Apache/2.2.0
Last-Modified: Fri, 30 Jan :36:03 GMT
ETag: "445d3f-c-274c52c0"
Accept-Ranges: bytes
Content-Length: 12
Connection: close
Content-Type: text/plain
HTTP/ OK
Date: Fri, 30 Jan :38:31 GMT
Server: Apache/2.2.0
Last-Modified: Fri, 30 Jan :36:03 GMT
ETag: "445d3f-274c52c0"
Accept-Ranges: bytes
Content-Length: 12
Connection: close
Content-Type: text/plain
% cat .htaccess
FileETag INode MTime Size
% cat .htaccess
FileETag INode MTime
HTTP/ OK
Date: Fri, 30 Jan :38:49 GMT
Server: Apache/2.2.0
Last-Modified: Fri, 30 Jan :36:03 GMT
ETag: "445d3f"
Accept-Ranges: bytes
Content-Length: 12
Connection: close
Content-Type: text/plain
HTTP/ OK
Date: Fri, 30 Jan :39:27 GMT
Server: Apache/2.2.0
Last-Modified: Fri, 30 Jan :36:03 GMT
Accept-Ranges: bytes
Content-Length: 12
Connection: close
Content-Type: text/plain
% cat .htaccess
FileETag INode
% cat .htaccess
FileETag None

13. (contd) HTTP/1.1 200 OK Date: Fri, 30 Jan 2009 20:54:18 GMT
(original) ETag: "445d3f-c-274c52c0"
HTTP/ OK
Date: Fri, 30 Jan :54:18 GMT
Server: Apache/2.2.0
Last-Modified: Fri, 30 Jan :51:27 GMT
ETag: "445d3f-c-5e5f71c0"
Accept-Ranges: bytes
Content-Length: 12
Connection: close
Content-Type: text/plain
HTTP/ OK
Date: Fri, 30 Jan :54:57 GMT
Server: Apache/2.2.0
Last-Modified: Fri, 30 Jan :54:47 GMT
ETag: "445d3f-10-6a4b33c0"
Accept-Ranges: bytes
Content-Length: 16
Connection: close
Content-Type: text/plain
% touch foo.txt
% echo "bar" >> foo.txt