idnits 2.17.1 draft-ietf-appsawg-about-uri-scheme-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 141 has weird spacing: '... could affec...' -- The document date (June 7, 2012) is 4303 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126) -- Obsolete informational reference (is this intentional?): RFC 4395 (Obsoleted by RFC 7595) Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Applications Area WG (APPSAWG) S. Moonesamy, Ed. 3 Internet-Draft 4 Intended Status: Informational 5 Expires: December 9, 2012 June 7, 2012 7 The "about" URI Scheme 8 draft-ietf-appsawg-about-uri-scheme-07 10 Abstract 12 This document describes the "about" URI scheme, which is widely used 13 by web browsers and some other applications to designate access to 14 their internal resources, such as settings, application information, 15 hidden built-in functionality, and so on. 17 Status of this Memo 19 This Internet-Draft is submitted to IETF in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF), its areas, and its working groups. Note that 24 other groups may also distribute working documents as 25 Internet-Drafts. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 The list of current Internet-Drafts can be accessed at 33 http://www.ietf.org/1id-abstracts.html 35 The list of Internet-Draft Shadow Directories can be accessed at 36 http://www.ietf.org/shadow.html 38 Copyright and License Notice 40 Copyright (c) 2012 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 56 2. URI Scheme Specification . . . . . . . . . . . . . . . . . . . 2 57 2.1. URI Scheme Syntax . . . . . . . . . . . . . . . . . . . . . 2 58 2.2. URI Scheme Semantics . . . . . . . . . . . . . . . . . . . 2 59 2.2.1. Well-known "about" URIs . . . . . . . . . . . . . . . . 3 60 2.3. Encoding Considerations . . . . . . . . . . . . . . . . . . 3 61 3. "about:blank" . . . . . . . . . . . . . . . . . . . . . . . . . 3 62 4. Security Considerations . . . . . . . . . . . . . . . . . . . . 3 63 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 4 64 5.1. URI Scheme Registration . . . . . . . . . . . . . . . . . . 4 65 5.2. A Registry for Well-known Tokens . . . . . . . . . . . . . 4 66 5.2.1. Registration procedure . . . . . . . . . . . . . . . . 5 67 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5 68 6.1. Normative References . . . . . . . . . . . . . . . . . . . 5 69 6.2. Informative References . . . . . . . . . . . . . . . . . . 6 70 Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 6 71 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 6 73 1. Introduction 75 This document describes the "about" Uniform Resource Identifier (URI) 76 scheme. The "about" URI scheme is currently widely used by Web 77 browsers to designate access to their internal resources such as 78 settings, application information, so called "Easter eggs" (i.e. 79 hidden feature or joke in an application). 81 2. URI Scheme Specification 83 2.1. URI Scheme Syntax 85 The "about" URI syntactically conforms to the rule below, 86 expressed using Augmented Backus-Naur Form (ABNF) [RFC5234]: 88 about-uri = "about:" about-token [ about-query ] [ about-fragment ] 89 about-token = *pchar 90 about-query = "?" query 91 about-fragment = "#" fragment 92 pchar = 93 query = 94 fragment = 96 2.2. URI Scheme Semantics 97 The resource which a particular "about" URI references is denoted 98 by part of the URI. It is not a hierarchical element 99 for a naming authority. The specifies additional 100 information about its handling and/or the information that should 101 be returned by the resource which the URI references. 103 It is impossible to specify a binding between all the possible 104 tokens and the semantics of "about" URIs that would contain such 105 tokens. Therefore the resource referenced by the URI is generally 106 considered as specific to a Web browser implementation. 108 2.2.1. Well-known "about" URIs 110 Some s have been reserved as the behavior when the 111 resource is referenced is well-known (Well-known tokens). 113 A well-known "about" URI is a URI that has a well-known token as 114 its part. It is recommended that such URIs be 115 handled in accordance with the specification referenced in the 116 Well-known Tokens registry (see Section 5.2). 118 Well-known "about" URIs are intended to be registered when there is 119 a need to codify the behavior of particular . 121 2.3. Encoding Considerations 123 "about" URIs are subject to encoding rules defined in RFC 3986 124 [RFC3986]. 126 3. "about:blank" 128 This document defines one well-known token: "blank". The 129 "about:blank" URI refers to a resource represented in the browser 130 by a blank page. 132 4. Security Considerations 134 Security considerations for URIs are discussed in Section 7 of RFC 135 3986 [RFC3986]. However, most of those provisions do not apply to 136 the "about" URI scheme as they are mainly scoped to schemes used in 137 the Internet. 139 "about" URIs can sometimes refer to sensitive information, such as 140 user passwords stored in a cache, or parameters that, if changed, 141 could affect user's data. The application therefore needs to 142 ensure that the user's data is secured and no threats are imposed 143 by "about" URIs. 145 5. IANA Considerations 147 5.1. URI Scheme Registration 149 The registration of the "about" URI scheme in the "URI Schemes" 150 registry is requested. The information below is provided according 151 to the guidelines from RFC 4395 [RFC4395]: 153 URI scheme name: about 155 Status: Permanent 157 URI scheme syntax: see Section 2.1 of RFC xxxx 159 URI scheme semantics: see Section 2.2 of RFC xxxx 161 URI scheme encoding considerations: see Section 2.3 of RFC xxxx 163 Applications that use the scheme: "about" URIs are predominantly 164 used by Web browsers. 166 Security considerations: see Section 4 of RFC xxxx 168 Contact: IETF Applications Area Directors 170 Author/Change controller: IESG (on behalf of the 171 IETF) 173 References: see Section 5 of RFC xxxx 175 [RFC Editor: Please replace xxxx with assigned RFC number] 177 5.2. A Registry for Well-known Tokens 179 This document creates the '"about" URI Well-known Tokens' registry. 181 The registry entries consist of three fields: Well-known Token, 182 Description and Reference. The Well-known Token field has to conform 183 to production defined in Section 2.1. The initial set 184 of assignments is as follows: 186 +--------------+------------------------------------+-------------+ 187 | Well-known | Description | Reference | 188 | Token | | | 189 +------------------+--------------------------------+-------------+ 190 | blank | The about:blank URI references a | RFC xxxx | 191 | | blank page. | | 192 +--------------+------------------------------------+-------------+ 194 5.2.1. Registration procedure 196 The registration policy for this registry is "First Come First 197 Served" as described in RFC 5226 [RFC5226]. The registrant of the 198 token should provide the information mentioned in the following 199 registration template: 201 o Registered Token: The desired Well-known token to be used in 202 "about" URIs. 204 o Intended usage: A short description of how "about" URIs with the 205 registered token is handled including information about the 206 referenced resource. 208 o Contact/Change controller: Person (including contact information) 209 authorized to change this registration. 211 o Specification: A stable reference to a document which specifies 212 the registered "about" URI. The question of interoperability does 213 not arise. The key motivation is to have a reference to a 214 specification documenting well-known behavior of the "about" URI in 215 Web browsers. As a rule of thumb if the behavior is common to two 216 or more Web browser implementations it can be considered as well- 217 known. An existing assignment may be duplicated if the registered 218 token is used in more than one Web browser implementation. 220 The following is a template for the "blank" token: 222 o Registered Token: blank 223 o Intended usage: The about:blank URI references a blank page. 224 o Contact/Change controller: IESG (on behalf of 225 IETF). 226 o Specification: RFC xxxx. [RFC Editor: Please replace xxxx with 227 assigned RFC number] 229 6. References 231 6.1. Normative References 233 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 234 Resource Identifier (URI): Generic Syntax", STD 66, 235 RFC 3986, January 2005. 237 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an 238 IANA Considerations Section in RFCs", BCP 26, RFC 5226, 239 May 2008. 241 [RFC5234] Crocker, D., Ed., and P. Overell, "Augmented BNF for 242 Syntax Specifications: ABNF", STD 68, RFC 5234, January 243 2008. 245 6.2. Informative References 247 [RFC4395] Hansen, T., Hardie, T., and L. Masinter, "Guidelines and 248 Registration Procedures for New URI Schemes", BCP 35, 249 RFC 4395, February 2006. 251 Appendix A. Acknowledgments 253 This document has been formed from the draft initially authored by 254 Lachlan Hunt and Joseph Holsten. Additionally, the contributions of 255 Frank Ellermann and Alexey Melnikov are gratefully acknowledged. 256 Barry Leiba and Murray Kucherawy deserve a special credit for 257 providing a great amount of text which has been used in this 258 document. 260 Lachlan Hunt and Mykyta Yevstifeyev edited previous versions of this 261 document. Tim Bray and John Klensin provided suggestions about how 262 to improve the document. 264 Authors' Addresses 266 S. Moonesamy (editor) 267 76, Ylang Ylang Avenue 268 Quatre Bornes 269 Mauritius 271 EMail: sm+ietf@elandsys.com