URIs, domains and authority

To: Apps Discuss <discuss at apps.ietf.org>
Subject: URIs, domains and authority
From: Mark Nottingham <mnot at mnot.net>
Date: Fri, 16 Jan 2009 17:11:15 +1100
Delivered-to: ietfarch-apps-discuss-web-archive at core3.amsl.com
Delivered-to: apps-discuss at core3.amsl.com
List-archive: <http://www.ietf.org/pipermail/apps-discuss>
List-help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-post: <mailto:apps-discuss@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
Sender: apps-discuss-bounces at ietf.org

The site-meta draft <http://tools.ietf.org/id/draft-nottingham-site-meta-00.txt> defines an "Über well-known location" for Web sites, in an attemptto allow discovery of metadata about a site without defining anapplication-specific URL (which is generally held to be bad practice).

In discussions about it, there's been some misunderstanding anddisagreement about its scope of applicability. My original conceptionwas that, for example,


  http://www.example.org/site-meta

would contain metadata specific and limited to the (HTTP, www.example.com, 80) triple; that is, it is scoped by the combination of protocol,host and port.

However, some potential users of this mechanism would like its scopeto be broader. In particular, they'd like it to be cross-protocol;e.g., the metadata sourced from the URI above would also bepotentially applicable to the following URIs:


  mailto:user at example.org
  xmpp:user at example.org

Note that here, both the protocol used, the port used, and even thehostname used (because www is dropped) are different. I.e., themetadata is not confined to the authority, but potentially applicableacross an entire domain, for all protocols and ports.

AIUI, these use cases involve things like discovering security policy,configuration negotiation, etc. E.g., some want to discover XMPP-related policy by making a HTTP request to a pre-determined URI in thesame domain.

My concern here is that there's a large difference between saying thata special file on a Web server defines metadata for that server (andonly that server) and saying that it does so for -- potentially --everything to do with that domain. As such, I'd very much like to hearwhat the rest of the IETF community thinks of this issue (positive ornegative).

There is some background discussion on the XRI TC mailing list <http://lists.oasis-open.org/archives/xri/>, which is one of the groups with this kind of use case.

I'll also mention that DNS is an obvious answer for this type ofinformation, but AIUI the folks who are interested in this are wary ofrelying upon it, because of deployment concerns; i.e., some domainowners may not have the technical ability, knowledge or tools tomodify their DNS to add records.


Regards,

--
Mark Nottingham     http://www.mnot.net/

_______________________________________________
Apps-Discuss mailing list
Apps-Discuss at ietf.org
https://www.ietf.org/mailman/listinfo/apps-discuss

Follow-Ups:
- Re: URIs, domains and authority
  - From: Tim Bray
- Re: URIs, domains and authority
  - From: Paul Hoffman
- Re: URIs, domains and authority
  - From: Barry Leiba
- Re: URIs, domains and authority
  - From: Dave Cridland
- RE: URIs, domains and authority
  - From: Eran Hammer-Lahav

Prev by Date: Request for feedback: HTTP-based Resource Descriptor Discovery
Next by Date: RE: URIs, domains and authority
Previous by thread: Request for feedback: HTTP-based Resource Descriptor Discovery
Next by thread: RE: URIs, domains and authority
Index(es):
- Date
- Thread

URIs, domains and authority

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.