idnits 2.17.1
draft-ietf-urnbis-rfc2141bis-urn-09.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
-- The draft header indicates that this document obsoletes RFC3406, but the
abstract doesn't seem to directly say this. It does mention RFC3406
though, so this could be OK.
-- The draft header indicates that this document obsoletes RFC2141, but the
abstract doesn't seem to directly say this. It does mention RFC2141
though, so this could be OK.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== The document seems to contain a disclaimer for pre-RFC5378 work, but was
first submitted on or after 10 November 2008. The disclaimer is usually
necessary only for documents that revise or obsolete older RFCs, and that
take significant amounts of text from those RFCs. If you can contact all
authors of the source material and they are willing to grant the BCP78
rights to the IETF Trust, you can and should remove the disclaimer.
Otherwise, the disclaimer is needed and you can ignore this comment.
(See the Legal Provisions document at
https://trustee.ietf.org/license-info for more information.)
-- The document date (February 6, 2015) is 3364 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126)
-- Possible downref: Non-RFC (?) normative reference: ref. 'URI-Registry'
== Outdated reference: A later version (-04) exists of
draft-ietf-urnbis-semantics-clarif-00
-- Obsolete informational reference (is this intentional?): RFC 2141
(Obsoleted by RFC 8141)
-- Obsolete informational reference (is this intentional?): RFC 3406
(Obsoleted by RFC 8141)
-- Obsolete informational reference (is this intentional?): RFC 7320
(Obsoleted by RFC 8820)
Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 7 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 URNBIS P. Saint-Andre
3 Internet-Draft &yet
4 Obsoletes: 2141, 3406 (if approved) J. Klensin
5 Intended status: Standards Track
6 Expires: August 10, 2015 February 6, 2015
8 Uniform Resource Names (URNs)
9 draft-ietf-urnbis-rfc2141bis-urn-09
11 Abstract
13 A Uniform Resource Name (URN) is a Uniform Resource Identifier (URI)
14 that is assigned under the "urn" scheme and a particular URN
15 namespace, typically with the intent that the URN will be a
16 persistent, location-independent resource identifier or abstract
17 designator. With regard to URN syntax, this document defines the
18 canonical syntax for URNs (in a way that is consistent with URI
19 syntax), specifies methods for determining URN equivalence, and
20 discusses URI conformance. With regard to URN namespaces, this
21 document specifies a method for defining a URN namespace and
22 associating it with a namespace identifier, and describes procedures
23 for registering namespace identifiers with the Internet Assigned
24 Numbers Authority (IANA). This document obsoletes both RFC 2141 and
25 RFC 3406.
27 Status of This Memo
29 This Internet-Draft is submitted in full conformance with the
30 provisions of BCP 78 and BCP 79.
32 Internet-Drafts are working documents of the Internet Engineering
33 Task Force (IETF). Note that other groups may also distribute
34 working documents as Internet-Drafts. The list of current Internet-
35 Drafts is at http://datatracker.ietf.org/drafts/current/.
37 Internet-Drafts are draft documents valid for a maximum of six months
38 and may be updated, replaced, or obsoleted by other documents at any
39 time. It is inappropriate to use Internet-Drafts as reference
40 material or to cite them other than as "work in progress."
42 This Internet-Draft will expire on August 10, 2015.
44 Copyright Notice
46 Copyright (c) 2015 IETF Trust and the persons identified as the
47 document authors. All rights reserved.
49 This document is subject to BCP 78 and the IETF Trust's Legal
50 Provisions Relating to IETF Documents
51 (http://trustee.ietf.org/license-info) in effect on the date of
52 publication of this document. Please review these documents
53 carefully, as they describe your rights and restrictions with respect
54 to this document. Code Components extracted from this document must
55 include Simplified BSD License text as described in Section 4.e of
56 the Trust Legal Provisions and are provided without warranty as
57 described in the Simplified BSD License.
59 This document may contain material from IETF Documents or IETF
60 Contributions published or made publicly available before November
61 10, 2008. The person(s) controlling the copyright in some of this
62 material may not have granted the IETF Trust the right to allow
63 modifications of such material outside the IETF Standards Process.
64 Without obtaining an adequate license from the person(s) controlling
65 the copyright in such materials, this document may not be modified
66 outside the IETF Standards Process, and derivative works of it may
67 not be created outside the IETF Standards Process, except to format
68 it for publication as an RFC or to translate it into languages other
69 than English.
71 Table of Contents
73 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
74 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
75 3. URN Syntax . . . . . . . . . . . . . . . . . . . . . . . . . 4
76 3.1. Namespace Identifier Syntax . . . . . . . . . . . . . . . 5
77 3.2. Namespace Specific String Syntax . . . . . . . . . . . . 5
78 3.3. p-component, q-component, and f-component . . . . . . . . 6
79 4. Equivalence of URNs . . . . . . . . . . . . . . . . . . . . . 7
80 4.1. Procedure . . . . . . . . . . . . . . . . . . . . . . . . 7
81 4.2. Examples . . . . . . . . . . . . . . . . . . . . . . . . 8
82 5. URI Conformance . . . . . . . . . . . . . . . . . . . . . . . 9
83 6. URN Namespaces . . . . . . . . . . . . . . . . . . . . . . . 10
84 6.1. Formal Namespaces . . . . . . . . . . . . . . . . . . . . 12
85 6.2. Informal Namespaces . . . . . . . . . . . . . . . . . . . 13
86 7. Defining a URN Namespace . . . . . . . . . . . . . . . . . . 13
87 7.1. Purpose . . . . . . . . . . . . . . . . . . . . . . . . . 14
88 7.2. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . 15
89 7.3. Assignment . . . . . . . . . . . . . . . . . . . . . . . 15
90 7.4. Security and Privacy . . . . . . . . . . . . . . . . . . 16
91 7.5. Resolution . . . . . . . . . . . . . . . . . . . . . . . 16
92 8. Registering a URN Namespace . . . . . . . . . . . . . . . . . 17
93 8.1. Formal Namespaces . . . . . . . . . . . . . . . . . . . . 17
94 8.2. Informal Namespaces . . . . . . . . . . . . . . . . . . . 17
95 9. Guidelines for Designated Experts . . . . . . . . . . . . . . 18
96 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18
97 10.1. URI Scheme . . . . . . . . . . . . . . . . . . . . . . . 18
98 10.2. Registration of URN Namespaces . . . . . . . . . . . . . 19
99 11. Security and Privacy Considerations . . . . . . . . . . . . . 19
100 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 19
101 12.1. Normative References . . . . . . . . . . . . . . . . . . 19
102 12.2. Informative References . . . . . . . . . . . . . . . . . 20
103 Appendix A. Registration Template . . . . . . . . . . . . . . . 22
104 A.1. Namespace ID . . . . . . . . . . . . . . . . . . . . . . 22
105 A.2. Version . . . . . . . . . . . . . . . . . . . . . . . . . 22
106 A.3. Date . . . . . . . . . . . . . . . . . . . . . . . . . . 22
107 A.4. Registrant . . . . . . . . . . . . . . . . . . . . . . . 22
108 A.5. Purpose . . . . . . . . . . . . . . . . . . . . . . . . . 22
109 A.6. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . 22
110 A.7. Assignment . . . . . . . . . . . . . . . . . . . . . . . 22
111 A.8. Resolution . . . . . . . . . . . . . . . . . . . . . . . 22
112 A.9. Documentation . . . . . . . . . . . . . . . . . . . . . . 23
113 A.10. Revision Information . . . . . . . . . . . . . . . . . . 23
114 Appendix B. Changes from RFC 2141 . . . . . . . . . . . . . . . 23
115 Appendix C. Changes from RFC 3406 . . . . . . . . . . . . . . . 23
116 Appendix D. Contributors . . . . . . . . . . . . . . . . . . . . 23
117 Appendix E. Acknowledgements . . . . . . . . . . . . . . . . . . 24
118 Appendix F. Change log for versions of draft-ietf-urnbis-
119 rfc2141bis-urn . . . . . . . . . . . . . . . . . . . 24
120 F.1. Changes from -08 to -09 . . . . . . . . . . . . . . . . . 24
121 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 25
123 1. Introduction
125 A Uniform Resource Name (URN) is a Uniform Resource Identifier (URI)
126 [RFC3986] that is assigned under the "urn" scheme and a particular
127 namespace, typically with the intent that the URN will be a
128 persistent, location-independent resource identifier or abstract
129 designator.
131 The assignment of URNs is done by an organization (or, in some cases,
132 according to an algorithm or other automated process) that has been
133 formally delegated a namespace within the "urn" scheme (e.g., a URN
134 in the 'example' namespace [RFC6963] might be of the form
135 "urn:example:foo").
137 This document rests on two key assumptions:
139 1. Assignment of a URN is a managed process.
141 A string that conforms to the URN syntax is not necessarily a
142 valid URN, because a URN needs to be assigned according to the
143 rules of a particular namespace (in terms of syntax, semantics,
144 and process).
146 2. The space of URN namespaces is itself managed.
148 A string in the namespace identifier slot of the URN syntax is
149 not necessarily a valid URN namespace identifier, because in
150 order to be valid a namespace needs to be defined and registered
151 in accordance with the rules specified in this document.
153 So that information about both URN syntax and URN namespaces is
154 available in one place, this document does the following:
156 1. Defines the canonical syntax for URNs in general (in a way that
157 is consistent with URI syntax), specifies methods for determining
158 URN equivalence, and discusses URI conformance.
160 2. Specifies a method for defining a URN namespace and associating
161 it with a namespace identifier, and describes procedures for
162 registering namespace identifiers with the Internet Assigned
163 Numbers Authority (IANA).
165 For URN syntax and URN namespaces, this document modernizes and
166 replaces the definitions from [RFC2141] and [RFC3406]. These
167 modifications build on the requirements provided in [RFC1737] and
168 many years of experience with URNs, in both cases attempting to make
169 the smallest reasonable set of changes from the previous definitions.
171 This document obsoletes both [RFC2141] and [RFC3406].
173 2. Terminology
175 Several important terms used in this document are defined in the URI
176 specification [RFC3986].
178 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
179 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
180 "OPTIONAL" in this document are to be interpreted as described in
181 [RFC2119].
183 3. URN Syntax
185 The syntax of URNs as provided in [RFC2141] was defined before the
186 updated specification of URIs in [RFC3986]. To ensure consistency
187 with the URI syntax as well as semantic flexibility in the use of
188 URNs within particular applications (see
189 [I-D.ietf-urnbis-semantics-clarif] for further discussion), this
190 specification extends the syntax of URNs to explicitly allow several
191 characters (and thus URI components) that were not allowed by
192 [RFC2141], and also makes several smaller syntax adjustments.
194 As a result, the syntax for a URN is defined as follows using the
195 Augmented Backus-Naur Form (ABNF) as specified in [RFC5234]. Rules
196 not defined below (i.e., alphanum, pchar, path-absolute, query, and
197 fragment) are defined in [RFC3986].
199 namestring = assigned-name
200 [ p-component ]
201 [ q-component ]
202 [ f-component ]
203 assigned-name = "urn" ":" NID ":" NSS
204 ; the URI scheme ("urn") is case insensitive
205 NID = (alphanum) 0*30(ldh) (alphanum)
206 ldh = alphanum / "-"
207 NSS = 1*(pchar)
208 p-component = "/" path-absolute
209 q-component = "?" query
210 f-component = "#" fragment
212 Note that "?" can be used without %-encoding inside q-components and
213 f-components.
215 The following sections provide additional information about these
216 rules.
218 3.1. Namespace Identifier Syntax
220 The syntax here is slightly more restrictive than what was defined in
221 [RFC2141], since it forbids the character "-" at the end of a NID.
223 NIDs are case insensitive (e.g., "ISBN" and "isbn" are equivalent).
225 3.2. Namespace Specific String Syntax
227 Depending on the rules governing a namespace, names that are valid in
228 a namespace might contain characters that are not allowed in URNs
229 according to the "pchar" rule (e.g., characters outside the ASCII
230 range or characters that are reserved in URIs, such as "/", "?", and
231 "#"). Such a string MUST be translated into a conformant NSS before
232 using it as a protocol element or otherwise passing it on to other
233 applications. Translation is done by percent-encoding each
234 disallowed character using the method defined in Section 2.1 of
235 [RFC3986]. Note that the "%" character is allowed only for the
236 purpose of percent-encoding.
238 In order to make URNs as stable and persistent as possible when
239 protocols evolve and the environment around them changes, namespaces
240 SHOULD NOT allow characters outside the basic Latin repertoire
242 [RFC20] unless the nature of the particular namespace makes such
243 characters necessary.
245 If a namespace designates one or more characters conforming to the
246 "pchar" rule as having special meaning for that namespace (e.g., "@")
247 and the namespace also uses that character in a literal sense, when
248 used in a literal sense the character MUST be percent-encoded (e.g.,
249 "%40"). For related considerations with regard to NID registration,
250 see below.
252 3.3. p-component, q-component, and f-component
254 The p-component, q-component, and f-component are optional components
255 that follow the assigned-name. In terms of URI syntax these
256 components are essentially equivalent to the URI "path-absolute",
257 "query", and "fragment" constructions, respectively. However, the
258 URN p-component, q-component, and f-component need not be
259 semantically equivalent to the URI path component, query component,
260 and fragment component; therefore they are called by different names
261 in this specification.
263 Unless specifically defined for a particular namespace after
264 publication of this document, use of these components is disallowed,
265 thereby maintaining strict backward compatibility with namespaces
266 defined in accordance with [RFC2141] and registered in accordance
267 with [RFC3406].
269 This specification does not define the semantics of the p-component,
270 q-component, and f-component for URNs in general. Instead,
271 additional specifications might establish these matters for URN-
272 related services (such as URN resolution) or for individual URN
273 namespaces (e.g., to handle extended information about the resource
274 identified by a URN). For example, it is possible that the
275 q-component might be used in requests to URN resolution services, or
276 that the f-component might be used to distinguish the integral parts
277 of resources named by URNs in particular namespaces (say, the
278 chapters of a book). However, defining such usage is the
279 responsibility of specifications for URN resolution services,
280 namespace registration requests and specifications for individual
281 namespaces, and other appropriate documentation (such as policy
282 documents governing the management of a given URN namespace).
284 As general guidance that might not apply to all cases, it would be
285 inappropriate for namespaces that do not intend to support resolution
286 services to allow q-components. Namespaces which deal with digital
287 manifestations might be able to support f-components.
289 3.3.1. p-component
291 The only formal restriction placed upon a p-component by this
292 specification is that the syntax SHALL adhere to the "path-absolute"
293 rule from [RFC3986]. The inner syntax of a p-component is to be
294 defined by the specification for a particular namespace or URN-
295 related service. (For example, a namespace specification might
296 define a character such as "~" or "@" as a delimiter inside
297 p-components assigned within that namespace.)
299 As described under Section 4, the p-component SHALL be taken into
300 account when determining URN equivalence.
302 3.3.2. q-component
304 The only formal restriction placed upon a q-component by this
305 specification is that the syntax SHALL adhere to the "query" rule
306 from [RFC3986] (prepended by the "?" character). The inner syntax of
307 a q-component is to be defined by the specification for a particular
308 namespace. (For example, a namespace specification might define a
309 character such as ";" or "=" as a delimiter inside q-components
310 assigned within that namespace.)
312 As described under Section 4, the q-component SHALL NOT be taken into
313 account when determining URN equivalence.
315 3.3.3. f-component
317 The only formal restriction placed upon an f-component by this
318 specification is that the syntax SHALL adhere to the "fragment" rule
319 from [RFC3986] (prepended by the "#" character). The inner syntax of
320 an f-component is to be defined by the specification for a particular
321 namespace. (For example, a namespace specification might define a
322 character such as "&" or "+" as a delimiter inside f-components
323 assigned within that namespace.)
325 As described under Section 4, the f-component SHALL NOT be taken into
326 account when determining URN equivalence.
328 4. Equivalence of URNs
330 4.1. Procedure
332 For various purposes such as caching, often it is desirable to
333 determine if two URNs are "the same". This is done by testing for
334 equivalence (see Section 6.1 of [RFC3986]).
336 Note that [RFC3986] is very flexible about equality comparisons,
337 putting the focus on allowing false negatives and avoiding false
338 positives. If comparisons are made in a scheme-independent way,
339 i.e., as URI comparisons only, URNs that this specification considers
340 equal would be rejected. The discussion below applies when the URI
341 is known to be a URN.
343 Two URNs are equivalent if they are octet-by-octet equal after
344 applying case normalization (as specified in Section 6.2.2.1 of
345 [RFC3986]) to the following constructs:
347 1. the URI scheme "urn"
349 2. the NID
351 3. any percent-encoded characters (see Section 2.1 of the base URI
352 specification [RFC3986]) in the NSS
354 Percent-encoded characters MUST NOT be decoded, i.e., percent-
355 encoding normalization (as specified in Section 6.2.2.2 of [RFC3986])
356 MUST NOT be applied.
358 If a q-component or f-component (or both) are included in a URN, they
359 MUST be ignored for purposes of determining equivalence.
361 URN namespaces MAY define additional rules for equivalence, such as
362 case-insensitivity of the NSS (or parts thereof). Such rules MUST
363 always have the effect of eliminating some of the false negatives
364 obtained by the procedure above and MUST NOT result in treating two
365 URNs as not equivalent if the procedure here says they are
366 equivalent. For related considerations with regard to NID
367 registration, see below.
369 4.2. Examples
371 The following six URN comparisons (which use the "example" NID
372 defined in [RFC6963]) highlight the equivalence rules:
374 1. URN:example:a123,456
376 2. urn:example:a123,456
378 3. urn:EXAMPLE:a123,456
380 4. urn:example:a123%2C456
382 5. URN:EXAMPLE:a123%2c456
383 6. urn:example:A123,456
385 7. urn:example:a123,456/789
387 8. urn:example:a123,456/abc
389 9. urn:example:a123,456?789
391 10. urn:example:a123,456?abc
393 11. urn:example:a123,456#789
395 12. urn:example:a123,456#abc
397 URNs 1, 2, 3, 9, 10, 11, and 12 are equivalent. URNs 4 and 5 are
398 equivalent only to each other. URNs 6, 7, and 8 are not equivalent
399 to any of the others.
401 5. URI Conformance
403 Because a URN is, syntactically, a URI under the "urn" scheme, in
404 theory a URN can be placed in any protocol slot that allows for a URI
405 (e.g., an XML namespace name [XML-NAMES]). However, this does not
406 imply that, semantically, it always makes sense in practice to place
407 a URN in a given URI protocol slot; in particular, because a URN
408 might not specify the location of a resource or even point indirectly
409 to one, it might not be appropriate to place a URN in a URI protocol
410 slot that points to a resource (examples include the 'href' and 'src'
411 attributes and the element in HTML, as well as the 'xml:base'
412 attribute in XML [XML-BASE]). Ultimately, specifications of where it
413 is appropriate to use URNs, or URNs created within particular URN
414 namespaces, are the responsibility of descriptions of individual URI
415 schemes and contexts; this specification cannot possibly anticipate
416 all of the relevant cases.
418 Despite the fact that URNs are not hierarchical and are not
419 appropriate for use as a base URI (see Section 5.1 of [RFC3986]), the
420 relative resolution algorithm specified in Section 5.2 of [RFC3986]
421 still applies to the "urn" URI scheme; implementers need to be aware,
422 however, that running the algorithm against URNs will lead to results
423 that might be unexpected or not useful.
425 A resolver that conforms to the URI specification [RFC3986] will
426 extract a scheme of "urn" rather than a scheme value of "urn:".
427 A URN MUST be considered an opaque URI by URI resolvers and passed
428 (with the "urn" scheme) to a URN resolver for resolution. The URN
429 resolver can either be an external resolver that the URI resolver
430 knows of, or it can be functionality built into the URI resolver.
432 Note that this requirement MAY impose constraints on the contexts in
433 which URNs are appropriately used; see the previous section.
435 To minimize user confusion, a URI browser SHOULD display the complete
436 URN (including the "urn" scheme and any components) to ensure that
437 there is no confusion between URN namespace identifiers and URI
438 scheme identifiers. For example, a URI beginning with "urn:xmpp:"
439 [RFC4854] is very different from a URI beginning with "xmpp:"
440 [RFC5122]. Similarly, a potential DOI scheme [DOI-URI] is different
441 from, and possibly completely unrelated to, a possible DOI URN
442 namespace.
444 When URNs are transported and exchanged, they MUST be represented in
445 this format. Further, all URN-aware applications MUST offer the
446 option of displaying URNs in this canonical form to allow for direct
447 transcription (for example by cut and paste techniques). Such
448 applications might support display of URNs in a more human-friendly
449 form and might use a character set that includes characters that are
450 not permitted in URN syntax as defined in this specification (e.g.,
451 when displaying URNs to humans, such applications might replace
452 percent-encoded strings with characters from an extended character
453 repertoire such as that of [UNICODE]).
455 As mentioned, the assignment of URNs is a managed process, as is the
456 assignment of namespaces themselves. Although design of the URNs to
457 be assigned within a given namespace is ceded by this specification
458 to the namespace owner, doing so in a managed way avoids the problems
459 inherent in unmanaged generation of URIs as described in the
460 recommendations regarding URI design and ownership [RFC7320].
462 6. URN Namespaces
464 A URN namespace is a collection of identifiers that obey three
465 constraints. Such a namespace is (1) unique, (2) assigned in a
466 consistent way, and (3) assigned according to a common definition.
468 1. The "uniqueness" constraint means that an identifier within the
469 namespace is never assigned to more than one resource and never
470 reassigned to a different resource, even if the identifier itself
471 is deprecated or becomes obsolete.
473 2. The "consistent assignment" constraint means that an identifier
474 within the namespace is assigned by an organization or created in
475 accordance with a process or algorithm that is always followed.
477 3. The "common definition" constraint means that there are clear
478 definitions for the syntax of identifiers within the namespace
479 and for the process of assigning or creating them.
481 A URN namespace is identified by a particular NID in order to ensure
482 the global uniqueness of URNs and, optionally, to provide a cue
483 regarding the structure of URNs assigned within a namespace.
485 With regard to global uniqueness, using different NIDs for different
486 collections of identifiers ensures that no two URNs will be the same
487 for different resources, since each collection is required to
488 uniquely assign each identifier. However, a single resource can have
489 more than one URN assigned to it for different purposes (e.g., some
490 numbers might be valid identifiers in two different identifier
491 systems, where the namespace identifier differentiates between the
492 resulting URNs). Subject to other constraints, such as those imposed
493 by the URI syntax [RFC3986], the rules of the URN scheme are intended
494 to allow preserving the normal and natural form of identifiers
495 specified elsewhere and treated as URN namespaces.
497 With regard to the structure of URNs assigned within a namespace, the
498 development of an identifier structure (and thereby a collection of
499 identifiers) depends on the requirements of the community defining
500 the identifiers, how the identifiers will be assigned and used, etc.
501 These issues are beyond the scope of URN syntax and the general rules
502 for URN namespaces, because they are specific to the community
503 defining a namespace (e.g., the bibliographic and publishing
504 communities in the case of the 'ISBN' and 'ISSN' namespaces, or the
505 developers of extensions to the Extensible Messaging and Presence
506 Protocol in the case of the 'XMPP' namespace).
508 URN namespaces inherit certain rights and responsibilities by the
509 nature of URNs, e.g.:
511 1. They uphold the general principles of a well-managed URN
512 namespace by providing persistent identification of resources and
513 unique assignment of identifier strings.
515 2. They can be registered in global registration services.
517 There are two types of URN namespace: formal and informal. These are
518 distinguished by the expected level of service, the information
519 needed to define the namespace, and the procedures for registration.
520 Because the majority of the namespaces registered so far have been
521 formal, this document concentrates on formal namespaces.
523 Note: [RFC3406] defined a third type of "experimental namespaces",
524 denoted by prefixing the namespace identifier with the string "X-".
525 Consistent with [RFC6648], this specification removes the
526 experimental category. Because experimental namespaces were never
527 registered, removing the experimental category has no impact on the
528 existing registries or future registration procedures. Because they
529 are not registered, strings that refer to existing experimental
530 namespaces are not valid URNs. Truly experimental usages can, of
531 course, employ the 'example' namespace [RFC6963].
533 6.1. Formal Namespaces
535 A formal namespace provides benefit to some subset of users on the
536 Internet. In particular, it would not make sense for a formal
537 namespace to be used only by a community or network that is not
538 connected to the Internet. For example, it would be inappropriate
539 for a NID to effectively force someone to use a proprietary network
540 or service not open to the general Internet user. The intent is
541 that, while the community of those who might actively use the names
542 assigned within that NID might be small, the potential use of
543 identifiers within that NID is open to any user on the Internet.
544 Formal NIDs might be appropriate even when some aspects are not fully
545 open. For example, a namespace might make use of a fee-based,
546 privately managed, or proprietary registry for assignment of URNs in
547 the namespace. However, it might still benefit some Internet users
548 if the associated services have openly-published access protocols.
550 An organization that will assign URNs within a formal namespace ought
551 to meet the following criteria:
553 1. Organizational stability and the ability to maintain the URN
554 namespace for a long time; absent such evidence, it ought to be
555 clear how the namespace can remain viable if the organization can
556 no longer maintain the namespace.
558 2. Competency in name assignment. This will improve the likelihood
559 of persistence (e.g. to minimize the likelihood of conflicts).
561 3. Commitment to not reassigning existing names and to allowing old
562 names to continue to be valid, even if the owners or assignees of
563 those names are no longer members or customers of that
564 organization. With regard to URN resolution [RFC2276], this does
565 not mean that there needs to be resolution of such names, only
566 that the names will not resolve to false or stale information.
568 A formal namespace establishes a particular NID, subject to the
569 following constraints (above and beyond the syntax rules already
570 specified):
572 1. It MUST NOT be an already-registered NID.
574 2. It MUST NOT start with "urn-" (which is reserved for informal
575 namespaces).
577 3. It MUST be more than two characters long.
579 4. It MUST NOT start with "aa-", where "aa" is any combination of
580 two ASCII letters and the hyphen is followed by something other
581 than another hyphen.
583 5. It MUST NOT start with the string "xn--" or any other string
584 consisting of two letters followed by two hyphens. Those strings
585 are reserved for potential representation of DNS A-labels and
586 similar strings in the future [RFC5890].
588 All two-letter strings, and all two-letter strings followed by "-"
589 and any sequence of valid NID characters, are reserved for potential
590 use as country-code-based NIDs for eventual national registrations of
591 URN namespaces. The definition and scoping of rules for allocation
592 of responsibility for such country-code-based namespaces is beyond
593 the scope of this document.
595 6.2. Informal Namespaces
597 Informal namespaces are full-fledged URN namespaces, with all the
598 associated rights and responsibilities. Informal namespaces differ
599 from formal namespaces in the process for assigning a NID: for an
600 informal namespace, the registrant does not designate the NID;
601 instead, IANA assigns a NID consisting of the string 'urn-' followed
602 by one or more digits (e.g., "urn-7") where the digits consist of the
603 next available number in the sequence of positive integers assigned
604 to informal namespaces. Thus the syntax of an informal namespace is:
606 InformalNamespaceName = "urn-" Number
607 Number = DigitNonZero 0*Digit
608 DigitNonZero = "1"/ "2" / "3" / "4"/ "5"
609 / "6" / "7" / "8" / "9"
610 Digit = "0" / DigitNonZero
612 The only restrictions on are that it (1) consist strictly of
613 ASCII digits, that it (2) not have leading zeros, and that it (3) not
614 cause the NID to exceed the length limitations defined for the URN
615 syntax.
617 7. Defining a URN Namespace
619 The definition of a formal namespace ought to pay particular
620 attention to:
622 1. The purpose of the namespace.
624 2. The syntax of URNs assigned within the namespace, including
625 whether p-, q-, and/or f-components are allowed.
627 3. The process for assigning URNs within the namespace.
629 4. The security implications of assigning URNs within the namespace
630 and using the assigned URNs.
632 5. Optionally, the process for resolving URNs issued within the
633 namepace.
635 The following sections explain these matters in greater detail. For
636 convenience, a template for defining and registering a URN namespace
637 is provided under Appendix A. This information can be especially
638 helpful to entities that wish to request assignment of a URN in a
639 namespace and to entities that wish to provide URN resolution for a
640 namespace.
642 7.1. Purpose
644 The "Purpose" section of the template describes matters such as:
646 1. The kinds of resources identified by URNs assigned within the
647 namespace.
649 2. Why it is preferable to use URNs rather than some other
650 technology (e.g., separate URI schemes or URIs in existing
651 schemes) and why no existing URN namespace is a good fit.
653 3. The kinds of software applications that can use or resolve the
654 assigned URNs (e.g., by differentiating among disparate
655 namespaces, identifying resources in a persistent fashion, or
656 meaningfully resolving and accessing services associated with the
657 namespace).
659 4. The scope of the namespace (public vs. private, global vs. local
660 to a particular organization, nation, or industry). For example,
661 a namespace claiming to deal in "national identification numbers"
662 ought to have a global scope and address all identity number
663 structures, whereas a URN scheme for a particular national
664 identification number system would need to handle only the
665 structure for that nation's identity numbers.
667 5. How the intended community (and the Internet community at large)
668 will benefit from using or resolving the assigned URNs.
670 7.2. Syntax
672 The "Syntax" section of the template contains:
674 1. A description of the structure of URNs within the namespace, in
675 conformance with the fundamental URN syntax. The structure might
676 be described in terms of a formal definition (e.g., using
677 Augmented BNF for Syntax Specifications (ABNF) as specified in
678 [RFC5234]), an algorithm for generating conformant URNs, or a
679 regular expression for parsing the identifier into components;
680 alternatively, the structure might be opaque.
682 2. Any special character encoding rules for assigned URNs (e.g.,
683 which character ought to always be used for single-quotes).
685 3. If p-components, q-components, and/or f-components are allowed
686 for the namespace, a discussion of how they are used.
688 4. Rules for determining equivalence between two identifiers in the
689 namespace. Such rules ought to always have the effect of
690 eliminating false negatives that might otherwise result from
691 comparison. If it is appropriate and helpful, reference can be
692 made to the equivalence rules defined in the URI specification
693 [RFC3986]. Examples of equivalence rules include equivalence
694 between uppercase and lowercase characters in the Namespace
695 Specific String, between hyphenated and non-hyphenated groupings
696 in the identifier string, or between single-quotes and double-
697 quotes. (Note that these are not normative statements for any
698 kind of best practice related to handling of equivalences between
699 characters in general; they are statements limited to one
700 particular namespace only.)
702 5. Any special considerations necessary for conforming with the URN
703 syntax. This is particularly applicable in the case of existing
704 naming systems that are used in the context of URNs. For
705 example, if a namespace is used in contexts other than URNs, it
706 might make use of characters that are reserved in the URN syntax.
707 This section ought to note any such characters, and outline
708 necessary mappings to conform to URN syntax. Normally, this will
709 be handled by percent-encoding the character as specified in the
710 URI specification [RFC3986].
712 7.3. Assignment
714 The "Assignment" section of the template describes matters such as:
716 1. Mechanisms or authorities for assigning URNs to resources. It
717 ought to make clear whether assignment is completely open (e.g.,
718 following a particular procedure such as first-come, first-served
719 (FCFS)), completely closed (e.g., for a private organization), or
720 limited in various ways (e.g., delegated to authorities
721 recognized by a particular organization); if limited, it ought to
722 explain how to become an assigner of identifiers or how to
723 request assignment of identifiers from existing assignment
724 authorities.
726 2. Methods for ensuring that URNs within the namespace are unique.
727 For example, identifiers might be assigned sequentially or in
728 accordance with some well-defined process by a single authority,
729 assignment might be partitioned among delegated authorities that
730 are individually responsible for respecting uniqueness rules, or
731 URNs might be created independently following an algorithm that
732 itself guarantees uniqueness.
734 7.4. Security and Privacy
736 The "Security" section of the template describes any potential issues
737 related to security and privacy with regard to assignment, use, and
738 resolution of identifiers within the namespace. Examples of such
739 issues include:
741 o The consequences of producing false negatives and false positives
742 during comparison for equivalence (see "Issues in Identifier
743 Comparison for Security Purposes" [RFC6943])
745 o Leakage of private information when identifiers are communicated
746 on the public Internet
748 o The potential for directory harvesting
750 o Various issues discussed in the guidelines for security
751 considerations in RFCs [RFC3552] and the privacy considerations
752 for Internet protocols [RFC6973].
754 7.5. Resolution
756 The "Resolution" section specifies the rules for resolution of URNs
757 assigned within the namespace. If such URNs are intended to be
758 resolvable, the namespace needs to be registered in a Resolution
759 Discovery System (RDS, see [RFC2276]) such as DDDS. Resolution then
760 proceeds according to standard URI resolution processes, as well as
761 the mechanisms of the RDS. This section ought to list the
762 requirements for becoming a recognized resolver of URNs in the
763 relevant namespace (and being so listed in the RDS registry).
764 Answers might include, but are not limited to:
766 1. The namespace is not listed with an RDS; therefore this section
767 is not applicable.
769 2. Resolution mirroring is completely open, with a mechanism for
770 updating an appropriate RDS.
772 3. Resolution is controlled by entities to which assignment has been
773 delegated.
775 8. Registering a URN Namespace
777 8.1. Formal Namespaces
779 The registration policy for formal namespaces is Expert Review as
780 defined in the "IANA Considerations" document [RFC5226] and in
781 Section 9 below. The key steps for registration of a formal
782 namespace are:
784 1. Fill out the namespace registration template (see Appendix A).
785 This can be done as part of an Internet-Draft or a specification
786 in another series, although that is not necessary.
788 2. Send the completed template to the urn-nid@ietf.org discussion
789 list for review.
791 3. If necessary to address comments received, repeat steps 1 and 2.
793 4. If the designated experts approve the request, the IANA will
794 register the requested NID.
796 A formal namespace registration can be revised by updating the
797 registration template, following the same steps outlined above for
798 new registrations. A revised registration MUST describe differences
799 from prior versions and SHOULD make special note of any relevant
800 changes in the underlying technologies or namespace management
801 processes.
803 8.2. Informal Namespaces
805 The registration policy for informal namespaces is First Come First
806 Served [RFC5226]. The key steps for registration of an informal
807 namespace are:
809 1. Write a completed namespace definition template (see Appendix A).
811 2. Send it to the urn-nid@ietf.org discussion list for feedback.
813 3. Once the review period has expired, send the final template to
814 IANA (via the iana@iana.org email address).
816 An informal namespace registration can be revised by updating the
817 registration template, following the same steps outlined above for
818 new registrations.
820 9. Guidelines for Designated Experts
822 Experience to date with NID registration requests has shown that
823 registrants sometimes do not initially understand some of the
824 subtleties of URN namespaces, and that defining the namespace in the
825 form of a specification enables the registrants to clearly formulate
826 their "contract" with the intended user community. Therefore,
827 although the registration policy for formal namespaces is Expert
828 Review and a stable specification is not strictly required, the
829 designated experts for NID registration requests ought to encourage
830 applicants to provide a stable specification documenting the
831 namespace definition.
833 Naming can be difficult and contentious; the designated experts and
834 applicants are strongly encouraged to work together in a spirit of
835 good faith and mutual understanding to achieve rough consensus on
836 progressing registrations through the process. They are also
837 encouraged to bring additional expertise into the discussion if that
838 would be helpful in adding perspective or otherwise resolving issues.
840 10. IANA Considerations
842 10.1. URI Scheme
844 This section updates the registration of the 'urn' URI scheme in the
845 Permanent URI Registry [URI-Registry] .
847 [Note to RFC Editor: please replace "XXXX" with the number assigned
848 to this document upon publication.]
850 URI Scheme Name: urn
852 Status: permanent
854 URI Scheme Syntax: See Section 3 of [ this document ].
856 URI Scheme Semantics: The 'urn' scheme identifies Uniform Resource
857 Names, which are persistent, location-independent resource
858 identifiers.
860 Encoding Considerations: See Section 3.2 of [ this document ].
862 Applications/Protocols That Use This URI Scheme Name: Uniform
863 Resource Names are used in a wide variety of applications,
864 including bibliographic reference systems and as names for
865 Extensible Markup Language (XML) namespaces.
867 Interoperability Considerations: See Section 5 of [ this document ].
869 Security Considerations: See Section 7.4 and Section 11 of [ this
870 document ].
872 Contact: URNBIS WG [mailto:urn@ietf.org]
874 Author/Change Controller: This scheme is registered under the IETF
875 tree. As such, the IETF maintains change control.
877 References None.
879 10.2. Registration of URN Namespaces
881 This document outlines the processes for registering URN namespaces,
882 and has implications for the IANA in terms of registries to be
883 maintained. In all cases, the IANA ought to assign the appropriate
884 NID (formal or informal) once the procedures outlined in this
885 document have been completed.
887 11. Security and Privacy Considerations
889 The definition of a URN namespace needs to account for potential
890 security and privacy issues related to assignment, use, and
891 resolution of identifiers within the namespace (e.g., some namespace
892 resolvers might assign special meaning to certain characters in the
893 Namespace Specific String); see Section 7.4 for further discussion.
895 In most cases, URN namespaces provide a way to declare public
896 information. Nominally, these declarations will have a relatively
897 low security profile, however there is always the danger of
898 "spoofing" and providing misinformation. Information in these
899 declarations ought to be taken as advisory.
901 12. References
903 12.1. Normative References
905 [RFC20] Cerf, V., "ASCII format for network interchange", RFC 20,
906 October 1969.
908 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
909 Requirement Levels", BCP 14, RFC 2119, March 1997.
911 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
912 Resource Identifier (URI): Generic Syntax", STD 66, RFC
913 3986, January 2005.
915 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
916 IANA Considerations Section in RFCs", BCP 26, RFC 5226,
917 May 2008.
919 [RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax
920 Specifications: ABNF", STD 68, RFC 5234, January 2008.
922 [URI-Registry]
923 IANA, "Permanent URI Schemes",
924 .
927 12.2. Informative References
929 [I-D.ietf-urnbis-semantics-clarif]
930 Klensin, J., "URN Semantics Clarification", draft-ietf-
931 urnbis-semantics-clarif-00 (work in progress), August
932 2014.
934 [DOI-URI] Paskin, N., Neylon, E., Hammond, T., and S. Sun, "The
935 "doi" URI Scheme for the Digital Object Identifier (DOI)",
936 June 2003,
937 .
939 [RFC1737] Sollins, K. and L. Masinter, "Functional Requirements for
940 Uniform Resource Names", RFC 1737, December 1994.
942 [RFC2141] Moats, R., "URN Syntax", RFC 2141, May 1997.
944 [RFC2276] Sollins, K., "Architectural Principles of Uniform Resource
945 Name Resolution", RFC 2276, January 1998.
947 [RFC3406] Daigle, L., van Gulik, D., Iannella, R., and P. Faltstrom,
948 "Uniform Resource Names (URN) Namespace Definition
949 Mechanisms", BCP 66, RFC 3406, October 2002.
951 [RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC
952 Text on Security Considerations", BCP 72, RFC 3552, July
953 2003.
955 [RFC4854] Saint-Andre, P., "A Uniform Resource Name (URN) Namespace
956 for Extensions to the Extensible Messaging and Presence
957 Protocol (XMPP)", RFC 4854, April 2007.
959 [RFC5122] Saint-Andre, P., "Internationalized Resource Identifiers
960 (IRIs) and Uniform Resource Identifiers (URIs) for the
961 Extensible Messaging and Presence Protocol (XMPP)", RFC
962 5122, February 2008.
964 [RFC5890] Klensin, J., "Internationalized Domain Names for
965 Applications (IDNA): Definitions and Document Framework",
966 RFC 5890, August 2010.
968 [RFC6648] Saint-Andre, P., Crocker, D., and M. Nottingham,
969 "Deprecating the "X-" Prefix and Similar Constructs in
970 Application Protocols", BCP 178, RFC 6648, June 2012.
972 [RFC6943] Thaler, D., "Issues in Identifier Comparison for Security
973 Purposes", RFC 6943, May 2013.
975 [RFC6963] Saint-Andre, P., "A Uniform Resource Name (URN) Namespace
976 for Examples", BCP 183, RFC 6963, May 2013.
978 [RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J.,
979 Morris, J., Hansen, M., and R. Smith, "Privacy
980 Considerations for Internet Protocols", RFC 6973, July
981 2013.
983 [RFC7320] Nottingham, M., "URI Design and Ownership", BCP 190, RFC
984 7320, July 2014.
986 [UNICODE] The Unicode Consortium, "The Unicode Standard, Version
987 6.3", 2013,
988 .
990 [XML-BASE]
991 Marsh, J. and R. Tobin, "XML Base (Second Edition)", World
992 Wide Web Consortium Recommendation REC-xmlbase-20090128,
993 January 2009,
994 .
996 [XML-NAMES]
997 Thompson, H., Hollander, D., Layman, A., Bray, T., and R.
998 Tobin, "Namespaces in XML 1.0 (Third Edition)", World Wide
999 Web Consortium Recommendation REC-xml-names-20091208,
1000 December 2009,
1001 .
1003 Appendix A. Registration Template
1005 A.1. Namespace ID
1007 Requested of IANA (formal) or assigned by IANA (informal).
1009 A.2. Version
1011 The version of the registration, starting with 1 and incrementing by
1012 1 with each new version.
1014 A.3. Date
1016 The date when the registration is requested of IANA, using the format
1017 YYYY-MM-DD.
1019 A.4. Registrant
1021 The person or organization that has registered the NID, including the
1022 following information:
1024 o The name and address of the registering organization.
1026 o The name and contact information (email, phone number, and/or
1027 postal address) of the designated contact person.
1029 A.5. Purpose
1031 Described under Section 7.1 of this document.
1033 A.6. Syntax
1035 Described under Section 7.2 of this document. Unless the
1036 registration explicitly says otherwise, use of p-, q-, and/or
1037 f-components is not allowed for this namespace.
1039 A.7. Assignment
1041 Described under Section 7.3 of this document.
1043 A.8. Resolution
1045 Described under Section 7.5 of this document.
1047 A.9. Documentation
1049 A pointer to an RFC, a specification published by another standards
1050 development organization, or another stable document that provides
1051 further information about the namespace.
1053 A.10. Revision Information
1055 (Applicable only when earlier registrations have been revised.)
1057 Description of changes from prior version(s).
1059 Appendix B. Changes from RFC 2141
1061 This document makes the following substantive changes from [RFC2141]:
1063 o Allows p-components, q-components, and f-components.
1065 o Disallows "-" at the end of a NID.
1067 o Allows the "~" and "&" characters in an NSS.
1069 o Formally registers 'urn' as a URI scheme.
1071 Appendix C. Changes from RFC 3406
1073 This document makes the following substantive changes from [RFC3406]:
1075 1. Relaxes the registration policy for formal namespaces from "IETF
1076 Review" to "Expert Review" as discussed in Section 8.1 and
1077 Section 9.
1079 2. Removes the category of experimental namespaces, consistent with
1080 [RFC6648].
1082 3. Simplifies the registration template.
1084 In addition, some of the text has been updated to be consistent with
1085 the definition of Uniform Resource Identifiers (URIs) [RFC3986] and
1086 the processes for registering information with the IANA [RFC5226], as
1087 well as more modern guidance with regard to security issues [RFC3552]
1088 and identifier comparison [RFC6943].
1090 Appendix D. Contributors
1092 RFC 2141, which provided the basis for the syntax portion of this
1093 document, was authored by Ryan Moats.
1095 RFC 3406, which provided the basis for the namespace portion of this
1096 document, was authored by Leslie Daigle, Dirk-Willem van Gulik,
1097 Renato Iannella, and Patrik Faltstrom.
1099 Their work is gratefully acknowledged.
1101 Appendix E. Acknowledgements
1103 Many thanks to Marc Blanchet, Leslie Daigle, Martin Duerst, Juha
1104 Hakala, Ted Hardie, Alfred Hoenes, Paul Jones, Barry Leiba, Sean
1105 Leonard, Larry Masinter, Keith Moore, Mark Nottingham, Julian
1106 Reschke, Lars Svensson, Dale Worley, and other participants in the
1107 URNBIS WG for their input. Alfred Hoenes in particular edited an
1108 earlier version of this document and served as co-chair of the URNBIS
1109 WG.
1111 Juha Hakala deserves special recognition for his dedication to
1112 successfully completing this work, as do Andrew Newton in his role as
1113 working group chair and Barry Leiba in his role as area director.
1115 Appendix F. Change log for versions of draft-ietf-urnbis-rfc2141bis-urn
1117 [[RFC Editor: please remove this appendix before publication.]]
1119 F.1. Changes from -08 to -09
1121 o Altered the text in Section 5 to reflect list discussions about
1122 the earlier phrasing. Also added DOI example and citation to that
1123 section.
1125 o Clarified the naming rules for formal namespaces and their
1126 relationship to ISO 3166, IDNA, etc., reserved strings.
1128 o Added an explicit statement about use of URNs in various protocols
1129 and contexts to Section 5.
1131 o Clarified that experimental namespace NIDs, which were explicitly
1132 not registered, are not valid URNs (in Section 6.
1134 o Transformed the partial production in Section 6.2 into valid ABNF.
1136 o Added more text about p-/q-/f-components and recommendations about
1137 use.
1139 o Added clarifying note about "?" within q-components and
1140 f-components.
1142 o Added explicit requirement that revisions of existing
1143 registrations document the changes and added a slot for that
1144 description to the template.
1146 o Many small editorial changes and adjustments including adding
1147 additional references and cross-references for clarification.
1149 o Inserted a placeholder for additional examples.
1151 Authors' Addresses
1153 Peter Saint-Andre
1154 &yet
1156 Email: peter@andyet.com
1157 URI: https://andyet.com/
1159 John C Klensin
1160 1770 Massachusetts Ave, Ste 322
1161 Cambridge, MA 02140
1162 USA
1164 Phone: +1 617 245 1457
1165 Email: john-ietf@jck.com