| 1 |
wakaba |
1.1 |
|
| 2 |
|
|
INTERNET-DRAFT Larry Masinter |
| 3 |
|
|
<draft-ietf-urlreg-guide-01.txt> Harald T. Alvestrand |
| 4 |
|
|
December 9, 1997 Dan Zigmond |
| 5 |
|
|
|
| 6 |
|
|
Guidelines for new URL Schemes |
| 7 |
|
|
|
| 8 |
|
|
Status of this Memo |
| 9 |
|
|
|
| 10 |
|
|
This document is an Internet-Draft. Internet-Drafts are working |
| 11 |
|
|
documents of the Internet Engineering Task Force (IETF), its areas, |
| 12 |
|
|
and its working groups. Note that other groups may also distribute |
| 13 |
|
|
working documents as Internet-Drafts. |
| 14 |
|
|
|
| 15 |
|
|
Internet-Drafts are draft documents valid for a maximum of six |
| 16 |
|
|
months and may be updated, replaced, or obsoleted by other |
| 17 |
|
|
documents at any time. It is inappropriate to use Internet-Drafts |
| 18 |
|
|
as reference material or to cite them other than as ``work in |
| 19 |
|
|
progress.'' |
| 20 |
|
|
|
| 21 |
|
|
To learn the current status of any Internet-Draft, please check the |
| 22 |
|
|
``1id-abstracts.txt'' listing contained in the Internet-Drafts |
| 23 |
|
|
Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net |
| 24 |
|
|
(Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East |
| 25 |
|
|
Coast), or ftp.isi.edu (US West Coast). |
| 26 |
|
|
|
| 27 |
|
|
Abstract |
| 28 |
|
|
|
| 29 |
|
|
A Uniform Resource Locator (URL) is a compact string representation |
| 30 |
|
|
of the location for a resource that is available via the Internet. |
| 31 |
|
|
This document provides guidelines for the definition of new URL |
| 32 |
|
|
schemes. |
| 33 |
|
|
|
| 34 |
|
|
1. Introduction |
| 35 |
|
|
|
| 36 |
|
|
A Uniform Resource Locator (URL) is a compact string representation |
| 37 |
|
|
of the location for a resource that is available via the Internet. |
| 38 |
|
|
[URI-SYNTAX] defines the general syntax and semantics of URIs, and, |
| 39 |
|
|
by inclusion, URLs. URLs are designated by including a "scheme" |
| 40 |
|
|
and then a "scheme-specific part". Many URL schemes are already |
| 41 |
|
|
defined. |
| 42 |
|
|
|
| 43 |
|
|
This document provides guidelines for the definition of new URL |
| 44 |
|
|
schemes, for consideration by those who are defining and |
| 45 |
|
|
registering or evaluating those definitions. |
| 46 |
|
|
|
| 47 |
|
|
The process by which new URL schemes are registered or defined |
| 48 |
|
|
is not defined here. |
| 49 |
|
|
|
| 50 |
|
|
2. Guildelines for new URL schemes |
| 51 |
|
|
|
| 52 |
|
|
Because new URL schemes potentially complicate client software, new |
| 53 |
|
|
schemes must have demonstrable utility and operability, as well as |
| 54 |
|
|
compatibility with existing URL schemes. This section elaborates |
| 55 |
|
|
these criteria. |
| 56 |
|
|
|
| 57 |
|
|
2.1 Syntactic compatibility |
| 58 |
|
|
|
| 59 |
|
|
New URL schemes should follow the same syntactic conventions of |
| 60 |
|
|
existing schemes when appropriate. |
| 61 |
|
|
|
| 62 |
|
|
2.1.1 Use of initial "//" for top level |
| 63 |
|
|
|
| 64 |
|
|
Many proposed new URL schemes seem to use "://" as a kind of |
| 65 |
|
|
indicator that what follows is a URL. However, the use of "//" |
| 66 |
|
|
indicates a "top level" for schemes that support relative |
| 67 |
|
|
URLs, and is not necessary (and just confusing) for schemes |
| 68 |
|
|
that have no relative forms. URL schemes without relative |
| 69 |
|
|
forms (such as mailto, cid, mid) do not use an initial "//". |
| 70 |
|
|
|
| 71 |
|
|
2.1.2 Compatibility with relative URLs |
| 72 |
|
|
|
| 73 |
|
|
URL schemes should use the generic-URL syntax if they are intended |
| 74 |
|
|
to be used with relative URLs. A description of the allowed |
| 75 |
|
|
relative forms should be included in the scheme's definition. |
| 76 |
|
|
Many applications use relative URLs extensively. |
| 77 |
|
|
|
| 78 |
|
|
o Can it be parsed according to [URI-SYNTAX] - that is, if the |
| 79 |
|
|
tokens "//", "/", ";", "?" and "#" are used, do they have the |
| 80 |
|
|
meaning given in RFC URI-SYNTAX? |
| 81 |
|
|
|
| 82 |
|
|
o Does it make sense to use it in relative URLs like those |
| 83 |
|
|
[URI-SYNTAX] specifies? |
| 84 |
|
|
|
| 85 |
|
|
o If something is designed to be broken into pieces, does it |
| 86 |
|
|
document what those pieces are, why it should be broken in this |
| 87 |
|
|
way, and why the breaks aren't where URI-SYNTAX says that they |
| 88 |
|
|
usually should be? |
| 89 |
|
|
|
| 90 |
|
|
o If it has a hierarchy, does it go left-to-right and with slash |
| 91 |
|
|
separators like [URN-SYNTAX]? If not, why not? |
| 92 |
|
|
|
| 93 |
|
|
2.2 Is the scheme well defined? |
| 94 |
|
|
|
| 95 |
|
|
It is important that the semantics of the "resource" that a URL |
| 96 |
|
|
"locates" be well defined. This might mean different things |
| 97 |
|
|
depending on the nature of the URL scheme. |
| 98 |
|
|
|
| 99 |
|
|
2.2.1 Clear mapping from other name spaces |
| 100 |
|
|
|
| 101 |
|
|
In many cases, new URL schemes are defined as ways to translate |
| 102 |
|
|
other protocols and name spaces into the general framework of |
| 103 |
|
|
URLs. The "ftp" URL scheme translates from the FTP protocol, while |
| 104 |
|
|
the "mid" URL scheme translates from the Message-ID field of |
| 105 |
|
|
messages. |
| 106 |
|
|
|
| 107 |
|
|
In either case, the description of the mapping must be complete, |
| 108 |
|
|
must describe how character sets get encoded or not in URLs, must |
| 109 |
|
|
describe exactly how all legal values of the base standard can be |
| 110 |
|
|
represented using the URL scheme, and exactly which modifiers, |
| 111 |
|
|
alternate forms and other artifacts from the base standards are |
| 112 |
|
|
included or not included. These requirements are elaborated |
| 113 |
|
|
below. |
| 114 |
|
|
|
| 115 |
|
|
2.2.2 URL schemes associated with network protocols |
| 116 |
|
|
|
| 117 |
|
|
Most new URL schemes are associated with network resources that |
| 118 |
|
|
have one or several network protocols that can access them. The |
| 119 |
|
|
'ftp', 'news', and 'http' schemes are of this nature. For such |
| 120 |
|
|
schemes, the specification should completely describe how URLs are |
| 121 |
|
|
translated into protocol actions in sufficient detail to make the |
| 122 |
|
|
access of the network resource unambiguous. If an implementation |
| 123 |
|
|
of of the URL scheme requires some configuration, the configuration |
| 124 |
|
|
elements must be clearly identified. (For example, the 'news' |
| 125 |
|
|
scheme, if implemented using NTTP, requires configuration of the |
| 126 |
|
|
NTTP server.) |
| 127 |
|
|
|
| 128 |
|
|
2.2.3 Character encoding |
| 129 |
|
|
|
| 130 |
|
|
When describing URL schemes in which (some of) the elements of |
| 131 |
|
|
the URL are actually representations of sequences of characters, |
| 132 |
|
|
care should be taken not to introduce unnecessary variety in the |
| 133 |
|
|
ways in which characters are encoded into octets and then into |
| 134 |
|
|
URL characters. Unless there is some compelling reason for a |
| 135 |
|
|
particular scheme to do otherwise, translating character sequences |
| 136 |
|
|
into UTF-8 [RFC2044] and then subsequently using the %HH encoding |
| 137 |
|
|
for unsafe octets is recommended. |
| 138 |
|
|
|
| 139 |
|
|
2.2.4 Definition of non-protocol URL schemes |
| 140 |
|
|
|
| 141 |
|
|
In some cases, URL schemes do not have particular network protocols |
| 142 |
|
|
associated with them, because their use is limited to contexts |
| 143 |
|
|
where the access method is understood. This is the case, for |
| 144 |
|
|
example, with the "cid" and "mid" URL schemes. For these URL |
| 145 |
|
|
schemes, the specification should describe the notation of the |
| 146 |
|
|
scheme and a complete mapping of the locator from its source. |
| 147 |
|
|
|
| 148 |
|
|
2.2.5 Definition of URL schemes not associated with data resources |
| 149 |
|
|
|
| 150 |
|
|
Most URL schemes locate Internet resources that correspond |
| 151 |
|
|
to data objects that can be retrieved or modified. This is the |
| 152 |
|
|
case with "ftp" and "http", for example. However, some URL schemes |
| 153 |
|
|
do not; for example, the "mailto" URL scheme corresponds to an |
| 154 |
|
|
Internet mail address. |
| 155 |
|
|
|
| 156 |
|
|
If a new URL scheme does not locate resources that are data |
| 157 |
|
|
objects, the properties of names in the new space must be clearly |
| 158 |
|
|
defined. |
| 159 |
|
|
|
| 160 |
|
|
2.2.6 Definition of operations |
| 161 |
|
|
|
| 162 |
|
|
In some contexts (for example, HTML forms) it is possible to |
| 163 |
|
|
specify any one of a list of operations to be performed on a |
| 164 |
|
|
specifc URL. (Outside forms, it is generally assumed to be |
| 165 |
|
|
something you GET.) |
| 166 |
|
|
|
| 167 |
|
|
The URL scheme definition should describe all well-defined |
| 168 |
|
|
operations on the URL identifier, and what they are supposed to |
| 169 |
|
|
do. |
| 170 |
|
|
|
| 171 |
|
|
Some URL schemes (for example, "telnet") provide location |
| 172 |
|
|
information for hooking onto bidirectional data streams, and don't |
| 173 |
|
|
fit the "infoaccess" paradigm of most URLs very well; this should |
| 174 |
|
|
be documented. |
| 175 |
|
|
|
| 176 |
|
|
NOTE: It is perfectly valid to say that "no operation apart from |
| 177 |
|
|
GET is defined for this URL". It is also valid to say that "there's |
| 178 |
|
|
only one operation defined for this URL, and it's not very |
| 179 |
|
|
GET-like". The important point is that what is defined on this type |
| 180 |
|
|
is described. |
| 181 |
|
|
|
| 182 |
|
|
2.3 Demonstrated utility |
| 183 |
|
|
|
| 184 |
|
|
URL schemes should have demonstrated utility. New URL schemes are |
| 185 |
|
|
expensive things to support. Often they require special code in |
| 186 |
|
|
browsers, proxies, and/or servers. Having a lot of ways to say the |
| 187 |
|
|
same thing needless complicates these programs without adding value |
| 188 |
|
|
to the Internet. |
| 189 |
|
|
|
| 190 |
|
|
The kinds of things that are useful include: |
| 191 |
|
|
|
| 192 |
|
|
o Things that cannot be referred to in any other way. |
| 193 |
|
|
|
| 194 |
|
|
o Things where it is much easier to get at them using this |
| 195 |
|
|
scheme than (for instance) a proxy gateway. |
| 196 |
|
|
|
| 197 |
|
|
|
| 198 |
|
|
2.3.1 Proxy into HTTP/HTML |
| 199 |
|
|
|
| 200 |
|
|
One way to provide a demonstration of utility is via a gateway |
| 201 |
|
|
which provides objects in the new scheme for clients using an |
| 202 |
|
|
existing protocol. It is much easier to deploy gateways to a new |
| 203 |
|
|
service than it is to deploy browsers that understand the new URL |
| 204 |
|
|
object. |
| 205 |
|
|
|
| 206 |
|
|
Things to look for when thinking about a proxy are: |
| 207 |
|
|
|
| 208 |
|
|
o Is there a single global resolution mechanism whereby any proxy can |
| 209 |
|
|
find the referenced object? |
| 210 |
|
|
o If not, is there a way in which the user can find any object of |
| 211 |
|
|
this type, and "run his own proxy"? |
| 212 |
|
|
o Are the operations mappable one-to-one (or possibly using |
| 213 |
|
|
modifiers) to HTTP operations? |
| 214 |
|
|
o Is the type of returned objects well defined? |
| 215 |
|
|
* as MIME content-types? |
| 216 |
|
|
* as something that can be translated to HTML? |
| 217 |
|
|
o Is there running code for a proxy? |
| 218 |
|
|
|
| 219 |
|
|
2.4 Are there security considerations? |
| 220 |
|
|
|
| 221 |
|
|
Above and beyond the security considerations of the base mechanism |
| 222 |
|
|
a scheme builds upon, one must think of things that can happen in |
| 223 |
|
|
the normal course of URL usage. |
| 224 |
|
|
|
| 225 |
|
|
In particular: |
| 226 |
|
|
|
| 227 |
|
|
o Does the user need to be warned that such a thing is happening |
| 228 |
|
|
without an explicit request (GET for the source of an IMG tag, |
| 229 |
|
|
for instance)? This has implications for the design of a proxy |
| 230 |
|
|
gateway, of course. |
| 231 |
|
|
|
| 232 |
|
|
o Is it possible to fake URLs of this type that point to different |
| 233 |
|
|
things in a dangerous way? |
| 234 |
|
|
|
| 235 |
|
|
o Are there mechanisms for identifying the requester that can be |
| 236 |
|
|
used or need to be used with this mechanism (the From: field in a |
| 237 |
|
|
mailto: URL, or the Kerberos login required for AFS access in the |
| 238 |
|
|
AFS: url, for instance)? |
| 239 |
|
|
|
| 240 |
|
|
o Does the mechanism contain passwords or other security |
| 241 |
|
|
information that are passed inside the referring document in the |
| 242 |
|
|
clear (as in the "ftp" URL, for instance)? |
| 243 |
|
|
|
| 244 |
|
|
2.5 Does it start with UR? |
| 245 |
|
|
|
| 246 |
|
|
Any scheme starting with the letters "U" and "R", in particular if |
| 247 |
|
|
it attaches any of the meanings "uniform", "universal" or |
| 248 |
|
|
"unifying" to the first letter, is going to cause intense debate, |
| 249 |
|
|
and generate much heat (but maybe little light). |
| 250 |
|
|
|
| 251 |
|
|
Any such proposal should either make sure that there is a large |
| 252 |
|
|
consensus behind it that it will be the only scheme of its type, or |
| 253 |
|
|
pick another name. |
| 254 |
|
|
|
| 255 |
|
|
2.6 Non-considerations |
| 256 |
|
|
|
| 257 |
|
|
Some issues that are often raised but are not relevent to new URL |
| 258 |
|
|
schemes include the following. |
| 259 |
|
|
|
| 260 |
|
|
2.6.1 Are all objects acessible? |
| 261 |
|
|
|
| 262 |
|
|
Can all objects in the world that are validly identified by a |
| 263 |
|
|
scheme be accessed by any UA implementing it? |
| 264 |
|
|
|
| 265 |
|
|
Sometimes the answer will be yes and sometimes no; often it will |
| 266 |
|
|
depend on factors (like firewalls or client configuration) not |
| 267 |
|
|
directly related to the scheme itself. |
| 268 |
|
|
|
| 269 |
|
|
3. Security considerations |
| 270 |
|
|
|
| 271 |
|
|
New URL schemes are required to address all security considerations |
| 272 |
|
|
in their definitions. |
| 273 |
|
|
|
| 274 |
|
|
4. IANA considerations |
| 275 |
|
|
|
| 276 |
|
|
The process by which URL schemes are defined and registered |
| 277 |
|
|
is not defined in this document. |
| 278 |
|
|
|
| 279 |
|
|
5. References |
| 280 |
|
|
|
| 281 |
|
|
[RFC2044] F. Yergeau, "UTF-8, A Transformation Format of Unicode |
| 282 |
|
|
and ISO 10646", Alis Technologies, October 1996. |
| 283 |
|
|
|
| 284 |
|
|
[URI-SYNTAX] T. Berners-Lee, R. Fielding, L. Masinter, "Uniform |
| 285 |
|
|
Resource Identifiers (URI): Generic Syntax and Semantics", |
| 286 |
|
|
<draft-fielding-uri-syntax-*>. |
| 287 |
|
|
|
| 288 |
|
|
6. Author's Addresses |
| 289 |
|
|
|
| 290 |
|
|
Larry Masinter |
| 291 |
|
|
Xerox Corporation |
| 292 |
|
|
Palo Alto Research Center |
| 293 |
|
|
3333 Coyote Hill Road |
| 294 |
|
|
Palo Alto, CA 94304 |
| 295 |
|
|
Fax: +1-415-812-4333 |
| 296 |
|
|
EMail: masinter@parc.xerox.com |
| 297 |
|
|
|
| 298 |
|
|
Harald T. Alvestrand |
| 299 |
|
|
UNINETT A/S |
| 300 |
|
|
Postboks 6683 Elgeseter 7002 |
| 301 |
|
|
Trondheim, Norway |
| 302 |
|
|
Tel: +47 73 59 70 94 |
| 303 |
|
|
EMail: Harald.T.Alvestrand@uninett.no |
| 304 |
|
|
|
| 305 |
|
|
Dan Zigmond |
| 306 |
|
|
Wink Communications |
| 307 |
|
|
1001 Marina Village Parkway |
| 308 |
|
|
Alameda CA 94610 |
| 309 |
|
|
Fax: +1-510-337-2960 |
| 310 |
|
|
Phone: +1-510-337-6359 |
| 311 |
|
|
Email: dan.zigmond@wink.com |
| 312 |
|
|
|
Parent Directory
| 
Revision Log