| < draft-ietf-appsawg-mime-default-charset-00.txt | draft-ietf-appsawg-mime-default-charset-01.txt > | |||
|---|---|---|---|---|
| Applications Area Working Group A. Melnikov | Applications Area Working Group A. Melnikov | |||
| Internet-Draft Isode Limited | Internet-Draft Isode Limited | |||
| Updates: 2046 (if approved) J. Reschke | Updates: 2046 (if approved) J. Reschke | |||
| Intended status: Standards Track greenbytes | Intended status: Standards Track greenbytes | |||
| Expires: August 4, 2012 February 1, 2012 | Expires: October 1, 2012 March 30, 2012 | |||
| Update to MIME regarding Charset Parameter Handling in | Update to MIME regarding Charset Parameter Handling in | |||
| Textual Media Types | Textual Media Types | |||
| draft-ietf-appsawg-mime-default-charset-00 | draft-ietf-appsawg-mime-default-charset-01 | |||
| Abstract | Abstract | |||
| This document changes RFC 2046 rules regarding default charset | This document changes RFC 2046 rules regarding default charset | |||
| parameter values for text/* media types to better align with common | parameter values for text/* media types to better align with common | |||
| usage by existing clients and servers. | usage by existing clients and servers. | |||
| Editorial Note (To be removed by RFC Editor) | ||||
| Discussion of this draft should take place on the Apps Area Working | ||||
| Group mailing list (apps-discuss@ietf.org), which is archived at | ||||
| <http://www.ietf.org/mail-archive/web/apps-discuss>. | ||||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on August 4, 2012. | This Internet-Draft will expire on October 1, 2012. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2012 IETF Trust and the persons identified as the | Copyright (c) 2012 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 14 ¶ | skipping to change at page 2, line 20 ¶ | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction and Overview . . . . . . . . . . . . . . . 3 | 1. Introduction and Overview . . . . . . . . . . . . . . . 3 | |||
| 2. Conventions Used in This Document . . . . . . . . . . . 3 | 2. Conventions Used in This Document . . . . . . . . . . . 3 | |||
| 3. New rules for default charset parameter values for | 3. New rules for default charset parameter values for | |||
| text/* media types . . . . . . . . . . . . . . . . . . 3 | text/* media types . . . . . . . . . . . . . . . . . . 3 | |||
| 4. Default charset parameter value for text/plain | 4. Default charset parameter value for text/plain | |||
| media type . . . . . . . . . . . . . . . . . . . . . . 4 | media type . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 5. Security Considerations . . . . . . . . . . . . . . . . 4 | 5. Security Considerations . . . . . . . . . . . . . . . . 4 | |||
| 6. IANA Considerations . . . . . . . . . . . . . . . . . . 4 | 6. IANA Considerations . . . . . . . . . . . . . . . . . . 5 | |||
| 7. References . . . . . . . . . . . . . . . . . . . . . . 4 | 7. References . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 7.1. Normative References . . . . . . . . . . . . . . . . . 4 | 7.1. Normative References . . . . . . . . . . . . . . . . . 5 | |||
| 7.2. Informative References . . . . . . . . . . . . . . . . 5 | 7.2. Informative References . . . . . . . . . . . . . . . . 5 | |||
| Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . . 5 | Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . . 5 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . 5 | Authors' Addresses . . . . . . . . . . . . . . . . . . 5 | |||
| 1. Introduction and Overview | 1. Introduction and Overview | |||
| [RFC2046] specified that the default charset parameter (i.e. the | [RFC2046] specified that the default charset parameter (i.e. the | |||
| value used when it is not specified) is "US-ASCII". [RFC2616] | value used when it is not specified) is "US-ASCII". [RFC2616] | |||
| changed the default for use by HTTP to be "ISO-8859-1". This | changed the default for use by HTTP to be "ISO-8859-1". This | |||
| encoding is not very common for new text/* media types and a special | encoding is not very common for new text/* media types and a special | |||
| skipping to change at page 3, line 27 ¶ | skipping to change at page 3, line 27 ¶ | |||
| reference this document in order to use the updated rules of default | reference this document in order to use the updated rules of default | |||
| charset in "text/*" media types.]] | charset in "text/*" media types.]] | |||
| Many complex text subtypes such as text/html [RFC2854] and text/xml | Many complex text subtypes such as text/html [RFC2854] and text/xml | |||
| [RFC3023] have internal (to their format) means of describing the | [RFC3023] have internal (to their format) means of describing the | |||
| charset. Many existing User Agents ignore the default of "US-ASCII" | charset. Many existing User Agents ignore the default of "US-ASCII" | |||
| rule for at least text/html and text/xml. | rule for at least text/html and text/xml. | |||
| This document changes RFC 2046 rules regarding default charset | This document changes RFC 2046 rules regarding default charset | |||
| parameter values for text/* media types to better align with common | parameter values for text/* media types to better align with common | |||
| usage by existing clients and servers. | usage by existing clients and servers. It does not change the | |||
| defaults for any currently registered media type. | ||||
| 2. Conventions Used in This Document | 2. Conventions Used in This Document | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in [RFC2119]. | document are to be interpreted as described in [RFC2119]. | |||
| 3. New rules for default charset parameter values for text/* media | 3. New rules for default charset parameter values for text/* media | |||
| types | types | |||
| skipping to change at page 4, line 6 ¶ | skipping to change at page 4, line 6 ¶ | |||
| As explained in the Introduction section this rule is considered to | As explained in the Introduction section this rule is considered to | |||
| be outdated, so this document replaces it with the following set of | be outdated, so this document replaces it with the following set of | |||
| rules: | rules: | |||
| Each subtype of the "text" media type which uses the "charset" | Each subtype of the "text" media type which uses the "charset" | |||
| parameter can define its own default value for the "charset" | parameter can define its own default value for the "charset" | |||
| parameter, including absence of any default. | parameter, including absence of any default. | |||
| In order to improve interoperability with deployed agents, "text/*" | In order to improve interoperability with deployed agents, "text/*" | |||
| media type definitions SHOULD either a) specify that the "charset" | media type registrations SHOULD either | |||
| parameter is not used for the defined subtype, because the charset | ||||
| information is transported inside the payload (as in "text/xml") or | a. specify that the "charset" parameter is not used for the defined | |||
| b) require explicit unconditional inclusion of the "charset" | subtype, because the charset information is transported inside | |||
| parameter eliminating the need for a default value. In accordance | the payload (such as in "text/xml"), or | |||
| with option (a), above, "text/*" media types that can transport | b. require explicit unconditional inclusion of the "charset" | |||
| charset information inside the corresponding payloads, specifically | parameter eliminating the need for a default value. | |||
| including "text/html" and "text/xml", SHOULD NOT specify the use of a | ||||
| "charset" parameter, nor any default value, in order to avoid | In accordance with option (a), above, registrations for "text/*" | |||
| conflicting interpretations should the charset parameter value and | media types that can transport charset information inside the | |||
| the value specified in the payload disagree. | corresponding payloads (such as "text/html" and "text/xml") SHOULD | |||
| NOT specify the use of a "charset" parameter, nor any default value, | ||||
| in order to avoid conflicting interpretations should the charset | ||||
| parameter value and the value specified in the payload disagree. | ||||
| New subtypes of the "text" media type, thus, SHOULD NOT define a | New subtypes of the "text" media type, thus, SHOULD NOT define a | |||
| default "charset" value. If there is a strong reason to do so | default "charset" value. If there is a strong reason to do so | |||
| despite this advice, they SHOULD use the "UTF-8" [RFC3629] charset as | despite this advice, they SHOULD use the "UTF-8" [RFC3629] charset as | |||
| the default. | the default. | |||
| Specifications of how to specify the "charset" parameter, and what | Specifications of how to specify the "charset" parameter, and what | |||
| default value, if any, is used, are subtype-specific, NOT protocol- | default value, if any, is used, are subtype-specific, NOT protocol- | |||
| specific. Protocols that use MIME, therefore, MUST NOT override | specific. Protocols that use MIME, therefore, MUST NOT override | |||
| default charset values for "text/*" media types to be different for | default charset values for "text/*" media types to be different for | |||
| their specific protocol. The protocol definitions MUST leave that to | their specific protocol. The protocol definitions MUST leave that to | |||
| the subtype definitions. | the subtype definitions. | |||
| 4. Default charset parameter value for text/plain media type | 4. Default charset parameter value for text/plain media type | |||
| The default charset parameter value for text/plain is unchanged from | The default charset parameter value for text/plain is unchanged from | |||
| [RFC2046] and remains as "US-ASCII". | [RFC2046] and remains as "US-ASCII". | |||
| 5. Security Considerations | 5. Security Considerations | |||
| TBD. Guessing of default charset is a security problem. Conflicting | Guessing of the charset parameter can lead to security issues such as | |||
| information in-band vs out-of-band is also a security problem. | content buffer overflows, denial of services or bypass of filtering | |||
| mechanisms. However, this document does not promote guessing, but | ||||
| encourages use of charset information that is specified by the | ||||
| sender. | ||||
| Conflicting information in-band vs out-of-band can also lead to | ||||
| similar security problems, and this document recommends the use of | ||||
| charset information which is more likely to be correct (for example, | ||||
| in-band over out-of-band). | ||||
| 6. IANA Considerations | 6. IANA Considerations | |||
| This document asks IANA to update the "text" subregistry of the Media | This document asks IANA to update the "text" subregistry of the Media | |||
| Types registry to additionally point to this document. | Types registry to additionally point to this document. | |||
| 7. References | 7. References | |||
| 7.1. Normative References | 7.1. Normative References | |||
| End of changes. 8 change blocks. | ||||
| 20 lines changed or deleted | 38 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||