Network Working Group Tim Howes INTERNET-DRAFT Mark Smith draft-ietf-asid-mime-direct-03.txt Netscape Communications Corp. A MIME Content-Type for Directory Information 1. Status of this Memo This document is an Internet-Draft. Internet-Drafts are working docu- ments of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). 2. Abstract This document defines a MIME Content-Type for holding directory informa- tion. The definition is independent of any particular directory service or protocol. The application/directory Content-Type is defined for holding a variety of directory information, for example, name, or email address. The application/directory Content-Type can also be used as the root body part in a multipart/related Content-Type for handling more complicated situations, especially those in which non-textual informa- tion that already has a natural MIME representation, for example, a pho- tograph or sound, must be represented. The application/directory Content-Type defines a general framework and format for holding directory information in a simple "type: value" for- mat. Mechanisms are defined to specify alternate character sets, languages, encodings and other meta-information. This document also defines the procedure by which particular formats, called profiles, for carrying application-specific information within an application/directory Content-Type may be defined and registered, and the conventions such formats must follow. It is expected that other Howes & Smith [Page 1] Expires in six months INTERNET DRAFT documents will be produced that define such formats for various applica- tions (e.g., white pages). 3. Need for a MIME Directory Type For purposes of this document, a directory is a special-purpose database that contains typed information. A directory usually supports both read and search of the information it contains, and may support modification of the information as well. Directory information is usually accessed far more often than it is updated. Directories may be local or global in scope. They may be distributed or centralized. The information they contain may be replicated, with weak or strong consistency requirements. There are several situations in which users of Internet mail may wish to exchange directory information: the email analogy of a "business card" exchange; the conveyance of directory information to a user having only email access to the Internet; the provision of machine-parseable address information when purchasing goods or services over the Internet; etc. As MIME [RFC-1521,RFC-1522] is used increasingly by other protocols, most notably HTTP [HTTP], it may also be useful for these protocols to be able to carry directory information in MIME format. Such a format, for example, could be used to represent URC (uniform resource characteris- tics) information about resources on the World Wide Web, or to provide a rudimentary directory service over HTTP. 4. Overview The scheme defined here for representing directory information in a MIME Content-Type has two parts. First, the application/directory Content- Type is defined for use in holding directory information within a single body part, for example name, title, or email address. In its simplest form, the format uses a "type: value" approach, which should be easily parsable by existing MIME implementations and understandable by users. More complicated situations can be represented also. This document defines the general form the information in the Content-Type should have, and the procedure by which specific types and values (properties) for particular applications may be defined. The framework is general enough to handle information from any number of end directory services, including LDAP [RFC-1777, RFC-1778], WHOIS++ [RFC-1835], and X.500 [x500]. Directory entries can include far more than just textual information. Some such information (e.g., an image or sound) overlaps with predefined MIME Content-Types. In these cases it may be desirable to include the information in its well-known MIME format. This situation is handled by using a multipart/related Content-Type as defined in [RFC-1872]. The root component of this type is an application/directory body part speci- fying any in-line information, and for information contained in other Howes & Smith [Page 2] Expires in six months INTERNET DRAFT Content-Types, the Content-IDs (in URL form) of those types. In some applications, it may be useful to include a pointer (e.g, a URL) to some directory information rather than the information itself. This document defines a general mechanism for accomplishing this. 5. The application/directory Content-Type The application/directory Content-Type is used to hold basic directory information, URLs referencing other information, including other MIME body parts holding supplementary or non-textual directory information, such as an image or sound. It is defined as follows, using the MIME media type registration template from [MIME-REG]. To: ietf-types@uninett.no Subject: Registration of MIME media type application/directory MIME media type name: application MIME subtype name: directory Required parameters: none Optional parameters: charset, language, profile The "charset" parameter is as defined in [RFC-1521] for other body parts. It is used to identify the default character set used within the body part. Note that alternate character sets can be specified on a per-value basis using the "charset" type parameter described below. The "language" parameter is used to identify the default language for information contained within the body part. Its value is a language tag as defined in Section 2 of [RFC-1766]. Note that alternate languages can be specified on a per-value basis using the "language" type parameter, defined below. The "profile" parameter is used to convey the type(s) of entity(ies) to which the directory information pertains and the likely set of information associated with the entity(ies). It is intended only as a guide to applications interpreting the information contained within the body part. It should not be used to exclude or require particular pieces of information unless a profile definition specifically calls for this behavior. The value of the "profile" parameter is defined as follows. Profile names are case insensitive (i.e., the profile name "Person" is the same as "PERSON" and "person" and "peRsOn"). profile := x-token / iana-token Howes & Smith [Page 3] Expires in six months INTERNET DRAFT x-token := iana-token := Encoding considerations: As specified by the Content-Transfer-Encoding header field. Note that each value may also have an inline encoding associated with it. This encoding is independent of the encoding for the body part as a whole (i.e., inline encodings are performed first, then Content-Transfer- Encoding is applied to the entire body part). Security considerations: Directory information may be public or it may be protected from unau- thorized access by the directory service in which it resides. Once the information leaves its native service, there can be no guarantee that the same care will be taken by all services handling the infor- mation. Furthermore, this specification defines no access control mechanism by which information may be protected, or by which access control information may be conveyed. Note that the integrity and privacy of an application/directory body part may be protected by enclosing it within a MOSS [RFC-1848] body part, or equivalent method. Interoperability considerations: In order to make sense of directory information, applications must share a common understanding of the types of information contained within the Content-Type (the directory schema). This schema informa- tion is not defined in this document, but rather in companion docu- ments that follow the requirements specified in this document, or in bilateral agreements between communicating parties. Published specification: The application/directory Content-Type contains directory informa- tion, typically pertaining to a single directory entity or group of entities. The content consists of one or more CRLF-separated lines in the following format. Using the notation of RFC 822, the syntax for this content is: contentline := [group.]type [";" parameterlist] ":" valuespec Howes & Smith [Page 4] Expires in six months INTERNET DRAFT group := atom ; as defined in Section 3.3 of RFC 822 type := x-name / iana-type x-name := iana-type := parameterlist := parameter / parameterlist ";" parameter parameter := encodingparm / valuetypeparm ; not present => inline value / charsetparm / languageparm / protoparm / [parmtype "="] parmvalues encodingparm := "encoding" "=" encodingtype encodingtype := "base64" ; from Section 5.2 of RFC 1521 / "quoted-printable" ; from Section 5.1 of RFC 1521 valuetypeparm := "value" "=" valuetype valuetype := "url" ; genericurl from RFC 1735 / "text" / "date" / "time" / "d-t" ; date time / "int" / "bool" / "float" / x-name / iana-valuetype iana-valuetype : = charsetparm := "charset" "=" charset ; from Section 7.1 of RFC 1521 languageparm := "language" "=" language ; as defined in RFC 1766 protoparm := "proto" "=" protocol ; as defined in assigned numbers Howes & Smith [Page 5] Expires in six months INTERNET DRAFT parmtype := x-name / iana-parmtype iana-parmtype := parmvalues := parmvalue / parmvalues "," parmvalue parmvalue := x-name / iana-parmvalue iana-parmvalue := valuespec := *text ; Characters whose syntax depends on type and the ; the encoding parameter. If the value contains ; a or character (ASCII 10 or 13), it must ; be encoded using either base64 or quoted-printable. / date-spec / time-spec / d-t-spec / bool / int / float / iana-valuespec date-spec := date *[ "," date ] ; date as defined in RFC 1123 time-spec := time *[ "," time ] ; time as defined in RFC 822 d-t-spec := date time ; as above bool := "TRUE" / "FALSE" int := [ sign ] *DIGIT *[ "," int ] ; DIGIT as defined in RFC 822 float := [ sign ] *DIGIT [ "." *DIGIT ] *[ "," float ] sign := "+" / "-" iana-valuespec := To the left of the beginning of "value", white space characters Howes & Smith [Page 6] Expires in six months INTERNET DRAFT (namely HTABs and SPACEs, ASCII 9 and 32) may freely surround any symbol. Note that this means that if a "value" begins with white space, it must be encoded using either the base64 or quoted-printable methods. The meanings of the various type names and the format of the corresponding values must be defined as specified in Section 11. Specifications may impose ordering on the type constructs within a body part, though none is required by default. The various x-name constructs are used for bilaterally-agreed upon type names, parameter names and parameter values. Type names, parameter names, and parameter values (i.e., everything to the left of the ":") are case insensitive (e.g., the type name "cn" is the same as "CN" and "Cn"). The group construct is used to group related attributes together. The group name is a syntactic convention used to indicate that all type names prefaced with the same group name should be grouped together when displayed by an application. It has no other signifi- cance. Implementations that do not understand or support grouping may simply strip off any text before a "." and present the types and values as normal. Each attribute defined in the application/directory body may have multiple values, if allowed in the definition of the profile in which the attribute is used. The general rule for encoding multi-valued items is to simply create a new content line for each value (includ- ing the type name). However, it should be noted that some value types may support encoding multiple values in a single content line, for example by separating the values with a comma "," or other delim- iter. This approach has been taken for several of the content types defined above (date, time, int, float), for space-saving reasons. The "charset" type parameter should be used to identify character sets other than US ASCII. The "charset" header parameter can be used to set the default character set for the entire body part. The "char- set" type parameter can be used to change the default character set on a per-value basis. The "language" type parameter should be used to identify data in alternate languages. There is no concept of "default" language, except as specified by the "language" header parameter. The value of the "language" type parameter is a language tag as defined in Section 2 of [RFC-1766]. The "proto" type parameter should be used to identify a protocol used in interpreting the value. This is used, for example, in the "name" Howes & Smith [Page 7] Expires in six months INTERNET DRAFT type, defined below. The "encoding" type parameter should be used to specify an alternate encoding for a value. If the value contains a or character (ASCII 10 or 13), it must be encoded using either "base64" or "quoted-printable", since is used to separate lines in the content-type itself. These encodings can also be useful for binary values that are mixed with other text information in the body part (e.g., a certificate). Using a per-value "base64" or "quoted- printable" encoding in this case leaves the other information in a more readable form. The Content-Transfer-Encoding header field is used to specify the encoding used for the body part as a whole. The "encoding" type parameter is used to specify an encoding for a particular value (e.g., a certificate). In this case, the Content-Transfer-Encoding header might specify "7-bit", while the one certificate value might specify an encoding of base64 via an "encoding=base64" type parame- ter. The "valuetype" parameter is an optional parameter, and may be used to identify the value type (data type) and format of the value. The use of these formats should be encouraged even if the valuetype parameter is not explicity used. By defining a standard set of value types and their formats, we will leverage parsing and processing code. Also, including the value type as part of each property pro- vides an extra hint to keep parsing simple and support more general- ized applications. For example a search engine would not have to know the particular value types for all of the items that it is searching. Because the value type is explicit in the definition it could look for dates in any item type and provide good results. Some specific notes on the value types and formats: "text": The "text" value type should be used to identify values that contain human-readable text. The character set and language in which the text is represented is controlled by the charset and language type parameters or content-headers. "url": The "url" value type should be used to identify values that are referenced by a URL (including a Content-ID URL) instead of encoded in-line. These value references might be used if the value is too large, unavailable, or otherwise undesirable to include directly. The format for the URL is as defined in RFC 1735. "date", "time", and "d-t" (date time): Each of these value types is based on the defnitions in RFC 822. Multiple "date" and "time" values may be specified using the comma-separated notation. Howes & Smith [Page 8] Expires in six months INTERNET DRAFT Note that the "date" type uses the RFC 1123 definition, which updates RFC 822. RFC 1123 suggests that all mail software SHOULD use 4-digit years in dates, to ease the transition to the next century. For example: 11 Nov 1996. Examples for "date": 22 Oct 1996 11 Aug 1996, 11 Nov 1996 Examples for "time": 10:22 10:22:33, 11:22 Examples for "d-t": 22 Oct 1996 14:00:00 MST 11 Aug 1996 12:34:56 Z 22 Jul 1996 4:30 EST +0030 22 Jul 1996 4:30 EST +0030, 11 Aug 1996 12:34:56 Z "bool": The "bool" value type is used to express boolen values. These values should be case insensitive. Examples: TRUE false true "int": The "int" value type is used to express 32-bit signed integers. The valid range for "int" is -2147483648 to 2147483647. If sign is not specified, the value is assumed positive "+". Multiple "int" values may be specified using the comma-separated notation. Examples: 1234567890 -1234556790 +1234556790, 432109876 "float": The "float" value type is used to express real numbers. If sign is not specified, the value is assumed positive "+". Multiple "float" values may be specified using the comma-separated notation. Examples: 20.30 1000000.0000001 1.333, 3.14 Person & email address to contact for further information: Tim Howes Netscape Communications Corp. 501 East Middlefield Rd. Howes & Smith [Page 9] Expires in six months INTERNET DRAFT Mountain View, CA 94041 USA howes@netscape.com +1 415 937 3419 Intended usage: COMMON Author/Change controller: Tim Howes Netscape Communications Corp. 501 East Middlefield Rd. Mountain View, CA 94041 USA howes@netscape.com +1 415 937 3419 Mark Smith Netscape Communications Corp. 501 East Middlefield Rd. Mountain View, CA 94041 USA mcs@netscape.com +1 415 937 3477 6. Predefined Types The following types are generally useful regardless of the profile being carried, and are defined below using the application/directory MIME type registration template defined in Section 11.1 of this document. These types may be included in any profile, unless explicitly forbidden in the profile definition. 6.1. SOURCE Type Definition To: ietf-mime-direct@umich.edu Subject: Registration of application/directory MIME type SOURCE Type name: SOURCE Type purpose: To identify the source of directory information con- tained in the content type. Type encoding: A URL as defined in [RFC-1738]. Type special notes: The SOURCE type is used to provide the means by which applications knowledgable in the given directory service proto- col may obtain additional or more up-to-date information from the Howes & Smith [Page 10] Expires in six months INTERNET DRAFT directory service. It contains a URL as defined in [RFC-1738] referencing the directory entity or entities to which the information pertains. When directory information is available from more than one source, the sending entity may pick what it considers to be the best source, or multiple SOURCE types may be included. Type example: SOURCE: ldap://ldap.host/cn=Babs%20Jensen,%20o=Babsco,%20c=US 6.2. NAME Type Definition To: ietf-mime-direct@umich.edu Subject: Registration of application/directory MIME type NAME Type name: NAME Type purpose: To identify the name of the directory entity to which information in the content type pertains. Type encoding: A protocol-specific directory name. Type special notes: The NAME type is used to convey the directory name of the entity to which the directory information pertains. Its value depends on the setting of the "PROTO" type parameter, which indicates the directory service protocol context in which the value of the NAME parameter should be interpreted. Note that this value is protocol-specific and is intended for applications knowledgable in a particular directory service protocol. Type example: NAME;PROTO=LDAP: cn=Babs Jensen, o=Babsco, c=US 6.3. PROFILE Type Definition To: ietf-mime-direct@umich.edu Subject: Registration of application/directory MIME type PROFILE Type name: PROFILE Type purpose: To identify the type of directory entity to which information in the content type pertains. Type encoding: A profile name, registered as described in Section 9 of this document or bilaterally-agreed upon as described in Section 5. Type special notes: The PROFILE type is used to convey the type of the entity to which the directory information in the rest of the body Howes & Smith [Page 11] Expires in six months INTERNET DRAFT part pertains. It should be the same as the "profile" header parame- ter, if present. Type example: PROFILE: person 6.4. BEGIN Type Definition To: ietf-mime-direct@umich.edu Subject: Registration of application/directory MIME type BEGIN Type name: BEGIN Type purpose: To delimit the beginning of a syntactic entity within an application/directory content-type. Type encoding: A profile name, registered as described in Section 9 of this document or bilaterally-agreed upon as described in Section 5. Type special notes: The BEGIN type is used in conjunction with the END type to delimit a profile containing a related set of directory content within an application/directory content-type. This construct may be used instead of or in addition to wrapping separate sets of information inside additional MIME headers. It is provided for appli- cations that wish to define content that may contain multiple enti- ties within the same application/directory content-type or to define content that may be identifiable outside of a MIME environment. Type example: BEGIN: vcard 6.5. END Type Definition To: ietf-mime-direct@umich.edu Subject: Registration of application/directory MIME type END Type name: END Type purpose: To identify the type of directory entity to which information in the content type pertains. Type encoding: A profile name, registered as described in Section 9 of this document or bilaterally-agreed upon as described in Section 5. Type special notes: The END type is used in conjunction with the BEGIN type to delimit a profile containing a related set of directory Howes & Smith [Page 12] Expires in six months INTERNET DRAFT content within an application/directory content-type. This construct may be used instead of or in addition to wrapping separate sets of information inside additional MIME headers. It is provided for appli- cations that wish to define content that may contain multiple enti- ties within the same application/directory content-type or to define content that may be identifiable outside of a MIME environment. Type example: END: vcard 7. Use of the multipart/related Content-Type The multipart/related Content-Type can be used to hold directory infor- mation comprised of both text and non-text information or directory information that already has a natural MIME representation. The root body part within the multipart/related body part is specified as defined in [RFC-1872] by a "start" parameter, or it is the first body part in the absence of such a parameter. The root body part must have a Content-Type of "application/directory". This part holds inline infor- mation, optionally defines the name and source of the information, and makes reference to subsequent body parts holding additional text or non-text directory information via their Content-ID URLs as explained in Section 5. The body parts referred to do not have to be in any particular order, except as noted above for the root body part. 8. Examples The following examples are for illustrative purposes only and are not part of the definition. 8.1. Example 1 The first example illustrates simple use of the application/directory Content-Type. Note that no "profile" parameter is given, so an applica- tion may not know what kind of directory entity the information applies to. Note also the use of both hypothetical official and bilaterally agreed upon types. From: Whomever@wherever.com To: Someone@somewhere.com Subject: whatever MIME-Version: 1.0 Message-ID: Content-Type: application/directory Content-ID: Howes & Smith [Page 13] Expires in six months INTERNET DRAFT cn: Babs Jensen cn: Barbara J Jensen sn: Jensen email: babs@umich.edu phone: +1 313 747-4454 x-id: 1234567890 8.2. Example 2 The next example illustrates the use of the Quoted-Printable encoding defined in [RFC-1521] to include non-ASCII characters in some of the information returned, and the use of the optional "name" and "source" types. It also illustrates the use of an "encoding" type parameter to encode a certificate value in base 64. Note the use of the hypothetical "person" profile. Content-Type: application/directory; charset="iso-8859-1"; profile="person" Content-ID: Content-Transfer-Encoding: Quoted-Printable source: ldap://cn=3DBjorn%20Jensen,o=3DUniversity%20of%20Michigan,c=3DUS name;proto=3Dldap: cn=3DBjorn Jensen, o=3DUniversity of Michigan, c=3DUS cn: Bj=F8rn Jensen sn: Jensen email: bjorn@umich.edu phone: +1 313 747-4454 certificate;encoding=3Dbase64: dGhpcyBjb3VsZCBiZSAKbXkgY2VydGlmaWNhdGUK 8.3. Example 3 The next example illustrates the use of multi-valued type parameters, the "charset" type parameter, the "language" type parameter, the "value- type" type parameter, inline quoted-printable encoding to represent iso-8859-1 characters and fold long lines, and attribute grouping. Content-Type: application/directory; profile="person" Content-ID: source: ldap://cn=Meister%20Berger,o=Universitaet%20Goerlitz,c=DE name: cn=Meister Berger, o=Universitaet Goerlitz, c=DE cn: Meister Berger cn: Berger Meister sn: Berger age;value=int: 33 o;charset=iso-8859-1;encoding=quoted-printable: Universit=E6t G=F6rlitz title: Mayor Howes & Smith [Page 14] Expires in six months INTERNET DRAFT title;language=de;value=text: Burgermeister description;encoding=quoted-printable: The Mayor of the great city of= Goerlitz in the great country of Germany. email: mb@goerlitz.de home.phone;fax,voice,msg: +49 3581 123456 home.addr;encoding=quoted-printable: Hufenshlagel 1234=0A= 02828 Goerlitz=0A= Deutschland certificate;encoding=base64: dGhpcyBjb3VsZCBiZSAKbXkgY2VydGlma... 8.4. Example 4 The final example illustrates the use of the multipart/related Content- Type to include non-textual directory data via the "url" encoding to refer to other body parts within the same message, or to external values. Content-Type: multipart/related; boundary=woof; type="application/directory"; start="" Content-ID: --woof Content-Type: application/directory; charset="iso-8859-1" Content-ID: Content-Transfer-Encoding: Quoted-Printable source: ldap://cn=3DBjorn%20Jensen,o=3DUniversity%20of%20Michigan,c=3DUS cn: Bj=F8rn Jensen sn: Jensen email: bjorn@umich.edu image;encoding=3Durl: cid:id6@host.com image;encoding=3Durl;format=3Djpeg: ftp://some.host/some/path.jpg sound;encoding=3Durl: cid:id7@host.com phone: +1 313 747-4454 --woof Content-Type: image/jpeg Content-ID: <...image data...> --woof Content-Type: message/external-body; name="myvoice.au"; site="myhost.com"; access-type=ANON-FTP; Howes & Smith [Page 15] Expires in six months INTERNET DRAFT directory="pub/myname"; mode="image" Content-Type: audio/basic Content-ID: --woof-- 9. Registration of new profiles This section defines procedures by which new profiles are registered with the IANA and made available to the Internet community. Note that non-IANA profiles may be used by bilateral agreement, provided the asso- ciated profile names follow the "X-" convention defined above. The procedures defined here are designed to allow public comment and review of new profiles, while posing only a small impediment to the definition of new profiles. Registration of a new profile is accomplished by the following steps. 9.1. Define the profile A profile is defined by completing the following template. To: ietf-mime-direct@umich.edu Subject: Registration of application/directory MIME profile XXX Profile name: Profile purpose: Profile types: Profile special notes (optional): Intended usage: (one of COMMON, LIMITED USE or OBSOLETE) The explanation of what goes in each field in the template follows. Profile name: The name of the profile as it will appear in the application/directory MIME Content-Type "profile" header parameter, or the predefined "profile" type name. Profile purpose: The purpose of the profile (e.g., to represent informa- tion about people, printers, documents, etc.). Give a short but clear description. Howes & Smith [Page 16] Expires in six months INTERNET DRAFT Profile types: The list of types associated with the profile. This list of types is to be expected but not required in the profile, unless oth- erwise noted in the profile definition. Other types not mentioned in the profile definition may also be present. Note that any new types referenced by the profile must be defined separately as described in Section 10. Profile special notes: Any special notes about the profile, how it is to be used, etc. This section of the template may also be used to define an ordering on the types that appear in the Content-Type, if such an order- ing is required. 9.2. Post the profile definition The profile description must be posted to the new profile discussion list, ietf-mime-direct@umich.edu. 9.3. Allow a comment period Discussion on the new profile must be allowed to take place on the list for a minimum of two weeks. Consensus must be reached on the profile before proceeding to step 4. 9.4. Submit the profile for approval Once the two-week comment period has elapsed, and the proposer is con- vinced consensus has been reached on the profile, the registration application should be submitted to the Profile Reviewer for approval. The Profile Reviewer is appointed to the Application Area Directors and may either accept or reject the profile registration. An accepted regis- tration should be passed on by the Profile Reviewer to the IANA for inclusion in the official IANA profile registry. The registration may be rejected for any of the following reasons. 1) Insufficient comment period; 2) Consensus not reached; 3) Technical deficiencies raised on the list or elsewhere have not been addressed. The Profile Reviewer's decision to reject a profile may be appealed by the proposer to the IESG, or the objections raised can be addressed by the proposer and the profile resubmitted. 10. Profile Change Control Existing profiles may be changed using the same process by which they were registered. Define the change Post the change Howes & Smith [Page 17] Expires in six months INTERNET DRAFT Allow a comment period Submit the changed profile for approval Note that the original author or any other interested party may propose a change to an existing profile, but that such changes should only be proposed when there are serious omissions or errors in the published specification. The Profile Reviewer may object to a change if it is not backwards compatible, but is not required to do so. Profile definitions can never be deleted from the IANA registry, but profiles which are no longer believed to be useful can be declared OBSOLETE by a change to their "intended use" field. 11. Registration of new types This section defines procedures by which new types are registered with the IANA. Note that non-IANA types may be used by bilateral agreement, provided the associated types names follow the "X-" convention defined above. The procedures defined here are designed to allow public comment and review of new types, while posing only a small impediment to the defini- tion of new types. Registration of a new type is accomplished by the following steps. 11.1. Define the type A type is defined by completing the following template. To: ietf-mime-direct@umich.edu Subject: Registration of application/directory MIME type XXX Type name: Type purpose: Type encoding: Type special notes (optional): Intended usage: (one of COMMON, LIMITED USE or OBSOLETE) The meaning of each field in the template is as follows. Type name: The name of the type, as it will appear in the body of an application/directory MIME Content-Type "type: value" line to the left Howes & Smith [Page 18] Expires in six months INTERNET DRAFT of the colon ":". Type purpose: The purpose of the type (e.g., to represent a name, postal address, IP address, etc.). Give a short but clear description. Type encoding: The encoding a value of the type must have in the body of an application/directory MIME Content-Type. This description must be precise and must not violate the general encoding rules defined in sec- tion 5 of this document. Type special notes: Any special notes about the type, how it is to be used, etc. 11.2. Post the type definition The type description must be posted to the new type discussion list, ietf-mime-direct@umich.edu. 11.3. Allow a comment period Discussion on the new type must be allowed to take place on the list for a minimum of two weeks. Consensus must be reached on the type before proceeding to step 4. 11.4. Submit the type for approval Once the two-week comment period has elapsed, and the proposer is con- vinced consensus has been reached on the type, the registration applica- tion should be submitted to the Profile Reviewer for approval. The Pro- file Reviewer is appointed to the Application Area Directors and may either accept or reject the type registration. An accepted registration should be passed on by the Profile Reviewer to the IANA for inclusion in the official IANA profile registry. The registration may be rejected for any of the following reasons. 1) Insufficient comment period; 2) Con- sensus not reached; 3) Technical deficiencies raised on the list or elsewhere have not been addressed. The Profile Reviewer's decision to reject a type may be appealed by the proposer to the IESG, or the objec- tions raised can be addressed by the proposer and the type resubmitted. 12. Type Change Control Existing types may be changed using the same process by which they were registered. Define the change Post the change Howes & Smith [Page 19] Expires in six months INTERNET DRAFT Allow a comment period Submit the type for approval Note that the original author or any other interested party may propose a change to an existing type, but that such changes should only be pro- posed when there are serious omissions or errors in the published specification. The Profile Reviewer may object to a change if it is not backwards compatible, but is not required to do so. Type definitions can never be deleted from the IANA registry, but types which are nolonger believed to be useful can be declared OBSOLETE by a change to their "intended use" field. 13. Registration of new parameters This section defines procedures by which new parameters are registered with the IANA and made available to the Internet community. Note that non-IANA parameters may be used by bilateral agreement, provided the associated parameters names follow the "X-" convention defined above. The procedures defined here are designed to allow public comment and review of new parameters, while posing only a small impediment to the definition of new parameters. Registration of a new parameter is accomplished by the following steps. 13.1. Define the parameter A parameter is defined by completing the following template. To: ietf-mime-direct@umich.edu Subject: Registration of application/directory MIME type parameter XXX Parameter name: Parameter purpose: Parameter values: Parameter special notes (optional): Intended usage: (one of COMMON, LIMITED USE or OBSOLETE) The explanation of what goes in each field in the template follows. Parameter name: The name of the parameter as it will appear in the application/directory MIME Content-Type. Howes & Smith [Page 20] Expires in six months INTERNET DRAFT Parameter purpose: The purpose of the parameter (e.g., to represent the format of an image, type of a phone number, etc.). Give a short but clear description. If defining a general paramemter like "format" or "type" keep in mind that other applications may wish to extend its use. Parameter values: The list or description of values associated with the parameter. Parameter special notes: Any special notes about the parameter, how it is to be used, etc. 13.2. Post the parameter definition The parameter description must be posted to the new parameter discussion list, ietf-mime-direct@umich.edu. 13.3. Allow a comment period Discussion on the new parameter must be allowed to take place on the list for a minimum of two weeks. Consensus must be reached on the param- eter before proceeding to step 4. 13.4. Submit the parameter for approval Once the two-week comment period has elapsed, and the proposer is con- vinced consensus has been reached on the parameter, the registration application should be submitted to the Profile Reviewer for approval. The Profile Reviewer is appointed to the Application Area Directors and may either accept or reject the parameter registration. An accepted registration should be passed on by the Profile Reviewer to the IANA for inclusion in the official IANA parameter registry. The registration may be rejected for any of the following reasons. 1) Insufficient comment period; 2) Consensus not reached; 3) Technical deficiencies raised on the list or elsewhere have not been addressed. The Profile Reviewer's decision to reject a profile may be appealed by the proposer to the IESG, or the objections raised can be addressed by the proposer and the parameter registration resubmitted. 14. Parameter Change Control Existing parameters may be changed using the same process by which they were registered. Define the change Post the change Allow a comment period Howes & Smith [Page 21] Expires in six months INTERNET DRAFT Submit the parameter for approval Note that the original author or any other interested party may propose a change to an existing parameter, but that such changes should only be proposed when there are serious omissions or errors in the published specification. The Profile Reviewer may object to a change if it is not backwards compatible, but is not required to do so. Parameter definitions can never be deleted from the IANA registry, but parameters which are nolonger believed to be useful can be declared OBSOLETE by a change to their "intended use" field. 15. Registration of new value types This section defines procedures by which new value types are registered with the IANA and made available to the Internet community. Note that non-IANA value types may be used by bilateral agreement, provided the associated value types names follow the "X-" convention defined above. The procedures defined here are designed to allow public comment and review of new value types, while posing only a small impediment to the definition of new value types. Registration of a new value types is accomplished by the following steps. 15.1. Define the value type A value type is defined by completing the following template. To: ietf-mime-direct@umich.edu Subject: Registration of application/directory MIME value type XXX value type name: value type purpose: value type format: value type special notes (optional): Intended usage: (one of COMMON, LIMITED USE or OBSOLETE) The explanation of what goes in each field in the template follows. value type name: The name of the value type as it will appear in the application/directory MIME Content-Type. Howes & Smith [Page 22] Expires in six months INTERNET DRAFT value type purpose: The purpose of the value type. Give a short but clear description. value type format: The definition of the format for the value, usually using BNF grammar. value type special notes: Any special notes about the value type, how it is to be used, etc. 15.2. Post the value type definition The value type description must be posted to the new value type discus- sion list, ietf-mime-direct@umich.edu. 15.3. Allow a comment period Discussion on the new value type must be allowed to take place on the list for a minimum of two weeks. Consensus must be reached before proceeding to step 4. 15.4. Submit the value type for approval Once the two-week comment period has elapsed, and the proposer is con- vinced consensus has been reached on the value type, the registra- tion application should be submitted to the Profile Reviewer for approval. The Profile Reviewer is appointed to the Application Area Directors and may either accept or reject the value type registration. An accepted registration should be passed on by the Profile Reviewer to the IANA for inclusion in the official IANA value type registry. The registration may be rejected for any of the following reasons. 1) Insufficient comment period; 2) Consensus not reached; 3) Technical deficiencies raised on the list or elsewhere have not been addressed. The Profile Reviewer's decision to reject a profile may be appealed by the proposer to the IESG, or the objections raised can be addressed by the proposer and the value type registration resubmit- ted. 16. Security Considerations Internet mail is subject to many well known security attacks, including monitoring, replay, and forgery. Care should be taken by any directory service in allowing information to leave the scope of the service itself, where any access controls can no longer be guaranteed. Applica- tions should also take care to display directory data in a "safe" environment (e.g., PostScript-valued types). Howes & Smith [Page 23] Expires in six months INTERNET DRAFT 17. Acknowledgements This material is based upon work supported by the National Science Foun- dation under Grant No. NCR-9416667. The registration procedures defined here were shamelessly lifted from the MIME registration draft. 18. Bibliography [RFC-1777] Yeong, W., Howes, T., Kille, S., "Lightweight Directory Access Protocol", Request for Comment (RFC) 1777, March 1995. [RFC-1778] Howes, T., Kille, S., Yeong, W., Robbins, C.J., "The String Representation of Standard Attribute Syntaxes", Request for Comment (RFC) 1778, March 1995. [RFC-822] Crocker, D., "Standard for the Format of ARPA Internet Text Messages", STD 11, RFC 822, August 1982. [RFC-1521] Borenstein, N., Freed, N., "MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describ- ing the Format of Internet Message Bodies", RFC 1521, Sep- tember 1993. [RFC-1522] Moore, K., "MIME (Multipurpose Internet Mail Extensions) Part Two: Message Header Extensions for Non-ASCII Text", RFC 1522, September 1993. [RFC-1848] Crocker, S., Freed, N., Galvin, J., Murphy, S., "MIME Object Security Services", RFC 1848, October 1995. [RFC-1766] Alvestrand, H., "Tags for the Identification of Languages", RFC 1766, March 1995. [RFC-1872] Levinson, E., "The MIME Multipart/Related Content-type," RFC 1872, December 1995. [MIME-REG] Freed, N., Postel, J., "Multipurpose Internet Mail Extensions (MIME) Part Four: Registration Procedures," Internet-Draft draft-ietf-822ext-mime-reg-02.txt, December 1995. [x500] "Information Processing Systems - Open Systems Interconnec- tion - The Directory: Overview of Concepts, Models and Ser- vices", ISO/IEC JTC 1/SC21, International Standard 9594-1, 1988. [RFC-1835] Deutsch, P., Schoultz, R., Faltstrom, P., Weider, C., "Archi- tecture of the WHOIS++ service", August 1995. Howes & Smith [Page 24] Expires in six months INTERNET DRAFT [RFC-1738] Berners-Lee, T., Masinter, L., McCahill, M., "Uniform Resource Locators (URL)", RFC 1738, December 1994. [MIME-WPP] Howes, T., Smith, M., "A White Pages Person Profile for the application/directory MIME Content-Type", Internet-Draft draft-ietf-asid-mime-person-00.txt, January, 1996. [HTTP] Berners-Lee, T., Fielding, R. Frystyk, H., "Hypertext Transfer Protocol -- HTTP/1.0", Internet-Draft draft-ietf- http-v10-spec-05.txt, February, 1996. [VERSIT] VERSIT Consortium, "Electronic Business Card (vCard) Specifi- cation", Draft Final Text - Version 2.0, February 16, 1996, http://www.versit.com 19. Author's Address Tim Howes Netscape Communications Corp. 501 East Middlefield Rd. Mountain View, CA 94041 USA howes@netscape.com +1.415.937.3419 Mark Smith Netscape Communications Corp. 501 East Middlefield Rd. Mountain View, CA 94041 USA mcs@netscape.com +1.415.937.3477 Howes & Smith [Page 25] Expires in six months INTERNET DRAFT 20. Table of Contents 1 Status of this Memo .......................................... 1 2 Abstract ..................................................... 1 3 Need for a MIME Directory Type ............................... 2 4 Overview ..................................................... 2 5 The application/directory Content-Type ....................... 3 6 Predefined Types ............................................. 10 6.1 SOURCE Type Definition ...................................... 10 6.2 NAME Type Definition ........................................ 11 6.3 PROFILE Type Definition ..................................... 11 6.4 BEGIN Type Definition ....................................... 12 6.5 END Type Definition ......................................... 12 7 Use of the multipart/related Content-Type .................... 13 8 Examples ..................................................... 13 8.1 Example 1 ................................................... 13 8.2 Example 2 ................................................... 14 8.3 Example 3 ................................................... 14 8.4 Example 4 ................................................... 15 9 Registration of new profiles ................................. 16 9.1 Define the profile .......................................... 16 9.2 Post the profile definition ................................. 17 9.3 Allow a comment period ...................................... 17 9.4 Submit the profile for approval ............................. 17 10 Profile Change Control ....................................... 17 11 Registration of new types .................................... 18 11.1 Define the type ............................................. 18 11.2 Post the type definition .................................... 19 11.3 Allow a comment period ...................................... 19 11.4 Submit the type for approval ................................ 19 12 Type Change Control .......................................... 19 13 Registration of new parameters ............................... 20 13.1 Define the parameter ........................................ 20 13.2 Post the parameter definition ............................... 21 13.3 Allow a comment period ...................................... 21 13.4 Submit the parameter for approval ........................... 21 14 Parameter Change Control ..................................... 21 15 Registration of new value types .............................. 22 15.1 Define the value type ....................................... 22 15.2 Post the value type definition .............................. 23 15.3 Allow a comment period ...................................... 23 15.4 Submit the value type for approval .......................... 23 16 Security Considerations ...................................... 23 17 Acknowledgements ............................................. 24 18 Bibliography ................................................. 24 19 Author's Address ............................................. 25 20 Table of Contents ............................................ 26 Howes & Smith [Page 26]