idnits 2.17.1 draft-hardy-pdf-mime-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 21, 2014) is 3567 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Looks like a reference, but probably isn't: '1' on line 309 -- Looks like a reference, but probably isn't: '2' on line 314 -- Looks like a reference, but probably isn't: '3' on line 319 ** Obsolete normative reference: RFC 2048 (Obsoleted by RFC 4288, RFC 4289) ** Obsolete normative reference: RFC 2396 (Obsoleted by RFC 3986) ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235) Summary: 4 errors (**), 0 flaws (~~), 1 warning (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group M. Hardy 3 Internet-Draft L. Masinter 4 Obsoletes: 3778 (if approved) Adobe 5 Intended status: Informational D. Johnson 6 Expires: January 22, 2015 PDF Association 7 July 21, 2014 9 The application/pdf Media Type 10 draft-hardy-pdf-mime-00 12 Abstract 14 PDF, the 'Portable Document Format', is an ISO standard (ISO 15 32000-1:2008) defining a final-form document representation language 16 in use for document exchange, including on the Internet, since 1993. 17 This document provides an overview of the PDF format and updates the 18 media type registration of 'application/pdf'. It replaces RFC 3778. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on January 22, 2015. 37 Copyright Notice 39 Copyright (c) 2014 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 2. History . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 56 3. Fragment Identifiers . . . . . . . . . . . . . . . . . . . . 3 57 4. Subset Standards . . . . . . . . . . . . . . . . . . . . . . 5 58 5. Accessibility for PDF . . . . . . . . . . . . . . . . . . . . 5 59 6. PDF Implementations . . . . . . . . . . . . . . . . . . . . . 5 60 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 61 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 62 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 63 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 65 1. Introduction 67 This document is intended to provide updated information on the 68 registration of the MIME Media Type "application/pdf" for documents 69 defined in the PDF [ISOPDF], 'Portable Document Format', syntax. 70 Additionally, this document provides a brief history of the PDF 71 format, describes several of the key capabilities of the format and 72 addresses some security concerns. 74 PDF is used widely in the Internet community. The first version of 75 PDF, 1.0, was published in 1993 by Adobe Systems [REF needed]. Since 76 then PDF has grown to be a widely-used format for capturing and 77 exchanging formatted documents electronically across the Web, via 78 e-mail and virtually every other document exchange mechanism. In 79 2008, PDF 1.7 was published as an ISO standard [ISOPDF], ISO 80 32000-1:2008. 82 PDF represents "final form" formatted documents with a fixed layout 83 and appearance. PDF pages may include text, images, graphics and 84 multimedia content such as video and audio. PDF is also capable of 85 containing higher level structures including annotations, bookmarks, 86 file attachments, hyperlinks, logical structure and metadata. A rich 87 JavaScript model has been defined for interacting with PDF documents. 89 PDF supports encryption and digital signatures. The encryption 90 capability is combined with access control information to facilitate 91 management of the functionality available to the recipient. PDF 92 supports the inclusion of metadata through XMP [XMP] metadata as well 93 as directly via PDF structures. 95 In addition to the ISO 32000-1:2008 PDF standard, several ISO PDF 96 subset standards have been defined to address specific use cases. 98 These standards include PDF for Archival (PDF/A), PDF for Engineering 99 (PDF/E), PDF for Universal Accessibility (PDF/UA), PDF for Variable 100 Data and Transactional Printing (PDF/VT) and PDF for Prepress Digital 101 Data Exchange (PDF/X). The subset standards are fully compliant PDF 102 files capable of being displayed in a general PDF viewer. 104 PDF usage is widespread enough for 'application/pdf' to be used in 105 other IETF specifications. RFC 2346 [RFC2346] describes how to 106 better structure PDF files for international exchange of documents 107 where different paper sizes are used; HTTP byte range retrieval is 108 illustrated using application/pdf (RFC 2616 [RFC2616], Section 19.2); 109 RFC 3297 [RFC3297] illustrates how PDF can be sent to a recipient in 110 a way that identifies the user's ability to accept the PDF using 111 content negotiation. 113 2. History 115 PDF was originally envisioned as a way to communicate and view 116 printed information electronically across a wide variety of machine 117 configurations, operating systems, and communication networks in a 118 reliable manner. 120 PDF relies on the same fundamental imaging model as the PostScript 121 [PS] page description language to render complex text, images, and 122 graphics in a device and resolution-independent manner, bringing this 123 feature to the screen as well as the printer. However, unlike 124 PostScript, PDF enforces page independence, ensuring that any page in 125 a document can render without having to render previous pages. 126 Additionally, PDF reduces the complexity of processing content to 127 improve performance for interactive viewing. In addition to the 128 rendering capabilities, PDF also includes objects, such as hypertext 129 links and annotations, that are not part of the page itself, but are 130 useful for navigation, building collections of related documents and 131 for reviewing and commenting on documents. 133 The application/pdf media type was first registered in 1993 by Paul 134 Lindner for use by the gopher protocol and was subsequently updated 135 in 1994 by Steve Zilles. 137 3. Fragment Identifiers 139 A set of fragment identifiers [RFC2396] and their handling are 140 defined in Adobe Technical Note 5428 [PDFOpen]. This section 141 summarizes that material. 143 A fragment identifier consists of one or more PDF-open parameters in 144 a single URL, separated by the ampersand (&) or pound (#) character. 145 Each parameter implies an action to be performed and the value to be 146 used for that action. Actions are processed and executed from left 147 to right as they appear in the character string that makes up the 148 fragment identifier. 150 The PDF-open parameters allow the specification of a particular page 151 or named destination to open. Named destinations are similar to the 152 "anchors" used in HTML or the IDs used in XML. Once the target is 153 specified, the view of the page in which it occurs can be specified, 154 either by specifying the position of a viewing rectangle and its 155 scale or size coordinates or by specifying a view relative to the 156 viewing window in which the chosen page is to be presented. 158 The list of PDF-open parameters and the action they imply is: 160 namedest= 161 Open to a specified named destination (which includes a view). 163 page= 164 Open the specified (physical) page. 166 zoom=,, 167 Set the and scrolling factors. , and are measured 168 from the top left corner of the page, independent of the size of the 169 page. The pair and are optional but both must appear if 170 present. 172 view=, 173 Set the view to show some specified portion of the page or its 174 bounding box; keywords are defined by Table 8.2 of the PDF Reference, 175 version 1.5 (NEEDS UPDATING TO ISO REF). The value is 176 required for some of the keywords and not allowed for others. 178 viewrect=,,, 179 As with the zoom parameter, set the scale and scrolling factors, but 180 using an explicit width and height instead of a scale percentage. 182 highlight=,,, 183 Highlight a rectangle on the chosen page where , , , and 184 are the coordinates of the sides of the rectangle measured from 185 the top left corner of the page. 187 All specified actions are executed in order; later actions will 188 override the effects of previous actions; for this reason, page 189 actions should appear before zoom actions. Commands are not case 190 sensitive (except for the value of a named destination). 192 4. Subset Standards 194 TODO: Describe the subset standards, their history and include 195 references to the ISO documents. 197 5. Accessibility for PDF 199 TODO: Describe the Accessibility capabilities of PDF. 201 6. PDF Implementations 203 There are a number of widely available, independently implemented, 204 interoperable implementations of PDF for a wide variety of platforms 205 and systems. Since the PDF specification was published and freely 206 available since the format was introduced in 1993, hundreds of 207 companies and organizations, including web-browser developers, make 208 PDF creation, viewing, and manipulation tools for many years prior to 209 ISO standardization of PDF. 211 TODO: Update the above list to ensure relevance to update market 212 conditions... 214 7. Security Considerations 216 TODO: Clean up of this section is still required... 218 An "application/pdf" resource contains information to be parsed and 219 processed by the recipient's PDF system. Because PDF is both a 220 representation of formatted documents and a container system for the 221 resources need to reproduce or view said documents, it is possible 222 that a PDF file has embedded resources not described in the PDF 223 Reference. 225 Although it is not a defined feature of PDF, a PDF processor could 226 extract these resources and store them on the recipients system. 227 Furthermore, a PDF processor may accept and execute "plug-in" modules 228 accessible to the recipient. These may also access material in the 229 PDF file or on the recipients system. Therefore, care in 230 establishing the source, security, and reliability of such plug-ins 231 is recommended. Message-sending software should not make use of 232 arbitrary plug-ins without prior agreement on their presence at the 233 intended recipients. Message-receiving and -displaying software 234 should make sure that any non-standard plug-ins are secure and do not 235 present a security threat. 237 PDF may contain "scripts" to customize the displaying and processing 238 of PDF files. These scripts are expressed in a version of 239 JavaScript. They are intended for execution by the PDF processor. 241 User agents executing such scripts or programs must be extremely 242 careful to insure that untrusted software is executed in a protected 243 environment. 245 In general, any information stored outside of the direct control of 246 the user -- including referenced application software or plug-ins and 247 embedded files, scripts or other material not covered in the PDF 248 Reference -- can be a source of insecurity, by either obvious or 249 subtle means. For example, a script can modify the content of a 250 document prior to its being displayed. Thus, the security of any PDF 251 document may be dependent on the resources referenced by that 252 document. 254 8. IANA Considerations 256 This document updates the registration of 'application/pdf', a media 257 type registration as defined in Multipurpose Internet Mail Extensions 258 MIME) Part Four: Registration Procedures [RFC2048]: 260 MIME media type name: application 262 MIME subtype name: pdf 264 Required parameters: none 266 Optional parameter: none 268 Encoding considerations: PDF files frequently contain binary data, 269 and thus must be encoded in non-binary contexts. 271 Security considerations: See Section 7 of this document. 273 Interoperability considerations: See Section 6 of this document. 275 Published specification: ISO 32000-1:2008 (PDF 1.7) [ISOPDF]. 277 Applications which use this media type: See Section 6 of this 278 document. 280 Additional information: 282 Magic number(s): All PDF files start with the characters '%PDF-' 283 using the PDF version number, e.g., '%PDF-1.7'. These characters are 284 in US-ASCII encoding. 286 File extension(s): .pdf 288 Macintosh File Type Code(s): "PDF " 289 For further information: Duff Johnson , Cherie 290 Ekholm , ISO 32000 Project Leaders 292 Intended usage: COMMON 294 Author/Change controller: Duff Johnson , 295 Cherie Ekholm , ISO 32000 Project Leaders 297 9. References 299 [ISOPDF] ISO, "Document management -- Portable document format -- 300 Part 1: PDF 1.7", ISO 32000-1:2008, 2008. 302 Also available free from Adobe Systems. 304 [XMP] ISO, "Extensible metadata platform (XMP) specification -- 305 Part 1: Data model, serialization and core properties", 306 ISO 16684-1, 2012. 308 Not available for free, but there are a number of 309 descriptive resources, e.g., [1] 311 [PS] Adobe Systems Incorporated, "PostScript Language 312 Reference, third edition", 1999. 314 Available at: [2] 316 [PDFOpen] Adobe Systems Incorporated, "PDF Open Parameters", 317 Technical Note 5428, May 2003. 319 Available at: [3] 321 [RFC2048] Freed, N., Klensin, J., and J. Postel, "Multipurpose 322 Internet Mail Extensions (MIME) Part Four: Registration 323 Procedures", BCP 13, RFC 2048, November 1996. 325 [RFC2346] Palme, J., "Making Postscript and PDF International", RFC 326 2346, May 1998. 328 [RFC2396] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 329 Resource Identifiers (URI): Generic Syntax", RFC 2396, 330 August 1998. 332 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., 333 Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext 334 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. 336 [RFC3297] Klyne, G., Iwazaki, R., and D. Crocker, "Content 337 Negotiation for Messaging Services based on Email", RFC 338 3297, July 2002. 340 Authors' Addresses 342 Matthew Hardy 343 Adobe 344 345 Park Ave 345 San Jose, CA 95110 346 USA 348 Email: mahardy@adobe.com 350 Larry Masinter 351 Adobe 352 345 Park Ave 353 San Jose, CA 95110 354 USA 356 Email: masinter@adobe.com 357 URI: http://larry.masinter.net 359 Duff Johnson 360 PDF Association 361 Neue Kantstrasse 14 362 Berlin 14057 363 Germany 365 Email: duff.johnson@pdfa.org 366 URI: http://www.pdfa.org