idnits 2.17.1 draft-ietf-6man-uri-zoneid-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC3986, updated by this document, for RFC5378 checks: 2002-11-01) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 11, 2012) is 4297 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-09) exists of draft-iab-identifier-comparison-02 -- Obsolete informational reference (is this intentional?): RFC 2629 (Obsoleted by RFC 7749) Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6MAN B. Carpenter 3 Internet-Draft Univ. of Auckland 4 Updates: 3986, 4007 (if approved) R. Hinden 5 Intended status: Standards Track Check Point 6 Expires: January 12, 2013 July 11, 2012 8 Representing IPv6 Zone Identifiers in Address Literals and Uniform 9 Resource Identifiers 10 draft-ietf-6man-uri-zoneid-02 12 Abstract 14 This document describes how the Zone Identifier of an IPv6 scoped 15 address can be represented in a a literal IPv6 address and in a 16 Uniform Resource Identifier that includes such a literal address. It 17 updates RFC 3986 and RFC 4007 accordingly. 19 Status of this Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on January 12, 2013. 36 Copyright Notice 38 Copyright (c) 2012 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 54 2. Specification . . . . . . . . . . . . . . . . . . . . . . . . . 4 55 3. Web Browsers . . . . . . . . . . . . . . . . . . . . . . . . . 5 56 4. Security Considerations . . . . . . . . . . . . . . . . . . . . 6 57 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 58 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6 59 7. Change log [RFC Editor: Please remove] . . . . . . . . . . . . 7 60 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 61 8.1. Normative References . . . . . . . . . . . . . . . . . . . 7 62 8.2. Informative References . . . . . . . . . . . . . . . . . . 8 63 Appendix A. Alternatives Considered . . . . . . . . . . . . . . . 8 64 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 9 66 1. Introduction 68 [RFC3986] defined how a literal IPv6 address can be represented in 69 the "host" part of a Uniform Resource Identifier (URI). 70 Subsequently, [RFC4007] extended the text representation of limited- 71 scope IPv6 addresses such that a zone identifier may be concatenated 72 to a literal address, for purposes described in that RFC. Zone 73 identifiers are especially useful in contexts where literal addresses 74 are typically used, for example during fault diagnosis, when it may 75 be essential to specify which interface is used for sending to a link 76 local address. It should be noted that zone identifiers have purely 77 local meaning within the host where they are defined, and they are 78 completely meaningless for any other host. Today, they are only 79 meaningful when attached to addresses with less than global scope, 80 but it is possible that other uses might be defined in the future. 82 RFC 4007 does not specify how zone identifiers are to be represented 83 in URIs. Practical experience has shown that this feature is useful, 84 in particular when using a web browser for debugging with link local 85 addresses, but as it is undefined, it is not implemented consistently 86 in URI parsers or in browsers. 88 Some versions of some browsers accept the RFC 4007 syntax for scoped 89 IPv6 addresses embedded in URIs, i.e., they have been coded to 90 interpret the "%" sign according to RFC 4007 instead of RFC 3986. 91 Clearly this approach is very convenient for users, although it 92 formally breaches the syntax rules of RFC 3986. The present document 93 defines an alternative approach that respects and extends the rules 94 of URI syntax, and IPv6 literals in general, to be consistent. 96 Thus, this document updates [RFC3986] by adding syntax to allow a 97 zone identifier to be included in a literal IPv6 address within a 98 URI. It also updates [RFC4007], in particular by adding a second 99 allowed delimiter for zone identifiers. 101 It should be noted that in other contexts than a user interface, a 102 zone identifier is mapped into a numeric zone index or interface 103 number. The MIB textual convention [RFC4001] and the socket 104 interface [RFC3493] define this as a 32 bit unsigned integer. The 105 mapping between the human-readable zone identifier string and the 106 numeric value is a host-specific function that varies between 107 operating systems. The present document is concerned only with the 108 human-readable string. 110 Several alternative solutions were considered while this document was 111 developed. The Appendix briefly describes the alternatives and their 112 advantages and disadvantages. 114 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 115 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 116 document are to be interpreted as described in [RFC2119]. 118 2. Specification 120 According to RFC 4007, a zone identifier is attached to the textual 121 representation of an IPv6 address by concatenating "%" followed by 122 , where is a string identifying the zone of the 123 address. However, RFC 4007 gives no precise definition of the 124 character set allowed in . There are no rules or de facto 125 standards for this. For example, the first Ethernet interface in a 126 host might be called %0, %1, %en1, %eth0, or whatever the implementer 127 happened to choose. 129 In a URI, a literal IPv6 address is always embedded between "[" and 130 "]". This document specifies how a can be appended to the 131 address. A SHOULD contain only ASCII characters classified 132 in RFC 3986 as "unreserved", which conveniently excludes "]" in order 133 to simplify parsing. 135 Unfortunately "%" is always treated as an escape character in a URI, 136 and according to RFC 3986 it MUST therefore itself be escaped in a 137 URI, in the form "%25". For this reason, "-" (hyphen) is used 138 instead as the separator when a is included in a URI. 139 Thus, the scoped address fe80::a%en1 would appear in a URI as 140 http://[fe80::a-en1]. 142 If an operating system uses any other characters in zone or interface 143 identifiers that are not in the "unreserved" character set, they MUST 144 be escaped with a "%" sign according to RFC 3986. 146 We now present the necessary formal syntax. 148 In RFC 3986, the IPv6 literal format is formally defined in ABNF 149 [RFC5234] by the following rule: 151 IP-literal = "[" ( IPv6address / IPvFuture ) "]" 153 To provide support for a zone identifier, the existing syntax of 154 IPv6address is retained, and a zone identifier may be added 155 optionally to any literal address. This allows flexibility for 156 unknown future uses. The rule quoted above from RFC 3986 is replaced 157 by three rules: 159 IP-literal = "[" ( IPv6addrz / IPvFuture ) "]" 161 ZoneID = 1*( unreserved / pct-encoded ) 163 IPv6addrz = IPv6address [ "-" ZoneID ] 165 Section 11 of RFC 4007 is updated to allow "-" as well as "%" as the 166 preceding delimiter of a ZoneID. 168 The rules in [RFC5952] SHOULD be applied in producing URIs. 170 RFC 3986 states that URIs have a global scope, but that in some cases 171 their interpretation depends on the end-user's context. URIs 172 including a ZoneID are to be interpreted only in the context of the 173 host where they originate, since the ZoneID is of local signifance 174 only. 176 The 6man WG discussed and rejected an alternative in which the 177 existing syntax of IPv6address would be extended by an option to add 178 the ZoneID only for the case of link-local addresses. It was felt 179 that the present solution offers more flexibility for future uses and 180 is more straightforward to implement. 182 RFC 4007 offers guidance on how the ZoneID affects interface/address 183 selection inside the IPv6 stack. Note that the behaviour of an IPv6 184 stack if passed a non-zero zone index for an address other than link- 185 local is undefined. 187 3. Web Browsers 189 Due to the lack of a standard in this area, web browsers have been 190 inconsistent in providing for ZoneIDs. Many have no support, but 191 there are examples of ad hoc support. For example, older versions of 192 Firefox allowed the use of a ZoneID preceded by an unescaped "%" 193 character, but this was removed for consistency with RFC 3986. As 194 another example, recent versions of Internet Explorer allow use of a 195 ZoneID preceded by a "%" character escaped as "%25", still beyond the 196 syntax allowed by RFC 3986. This syntax extension is in fact used 197 internally in the Windows operating system and some of its APIs. 199 In recent years, web browsers have evolved considerably and now 200 accept and parse many forms of input that are not a formal URI. 201 Examples of this include host names, search items, bookmarks, search 202 history, etc. For example the Google Chrome browser now calls the 203 "address bar" the "omnibox" [chrome]. The authors believe it is 204 feasible, and very convenient for users, if browsers also allow (in 205 addition to the formal URI syntax defined in this document) a syntax 206 that will enable cut and paste. For example: 208 http://[fe80::a%en1] 210 It seems that modern browsers can be adapted to parse this because it 211 is inside of the "[" "]"'s. This would permit the output of commands 212 like ping6 -w ff02::1%en1 to be "cut and pasted" into a browser 213 address bar. Consequently this document recommends that browsers 214 support this syntax in addition to the formal URI syntax defined 215 above. 217 4. Security Considerations 219 The security considerations of [RFC3986] and [RFC4007] apply. In 220 particular, this URI format creates a specific pathway by which a 221 deceitful zone index might be communicated, as mentioned in the final 222 security consideration of RFC 4007. It is emphasised that the format 223 is intended only for debugging purposes, but of course this intention 224 does not prevent misuse. 226 To limit this risk, implementations SHOULD NOT allow use of this 227 format except for well-defined usages such as sending to link local 228 addresses under prefix fe80::/10. 230 An HTTP server or proxy MUST ignore any ZoneID attached to an 231 incoming URI, as it only has local significance at the sending host. 233 The addition of a choice between "%" and "-" as the delimiter 234 preceding a ZoneID slightly complicates the string comparison issue 235 discussed in [I-D.iab-identifier-comparison]. 237 5. IANA Considerations 239 This document requests no action by IANA. 241 6. Acknowledgements 243 The lack of this format was first pointed out by Margaret Wasserman 244 some years ago, and more recently by Kerry Lynn. A previous draft 245 document by Martin Duerst and Bill Fenner [I-D.fenner-literal-zone] 246 discussed this topic but was not finalised. 248 Valuable comments and contributions were made by Karl Auer, Carsten 249 Bormann, Brian Haberman, Tatuya Jinmei, Tom Petch, Tomoyuki Sahara, 250 Juergen Schoenwaelder, Dave Thaler, and Ole Troan. 252 Brian Carpenter was a visitor at the Computer Laboratory, Cambridge 253 University during part of this work. 255 This document was produced using the xml2rfc tool [RFC2629]. 257 7. Change log [RFC Editor: Please remove] 259 draft-ietf-6man-uri-zoneid-02: additional WG comments, 2012-07-11. 261 draft-ietf-6man-uri-zoneid-01: use "-" instead of %25, listed 262 alternatives in Appendix, according to WG debate, added suggestion 263 for browser developers, 2012-05-29. 265 draft-ietf-6man-uri-zoneid-00: adopted by WG, fixed syntax to allow 266 for % encoded characters, 2012-02-17. 268 draft-carpenter-6man-uri-zoneid-01: chose Option 2, removed 15 269 character limit, added explanation of ID/number mapping and other 270 clarifications, 2012-02-08. 272 draft-carpenter-6man-uri-zoneid-00: original version, 2011-12-07. 274 8. References 276 8.1. Normative References 278 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 279 Requirement Levels", BCP 14, RFC 2119, March 1997. 281 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 282 Resource Identifier (URI): Generic Syntax", STD 66, 283 RFC 3986, January 2005. 285 [RFC4007] Deering, S., Haberman, B., Jinmei, T., Nordmark, E., and 286 B. Zill, "IPv6 Scoped Address Architecture", RFC 4007, 287 March 2005. 289 [RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax 290 Specifications: ABNF", STD 68, RFC 5234, January 2008. 292 [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 293 Address Text Representation", RFC 5952, August 2010. 295 8.2. Informative References 297 [I-D.fenner-literal-zone] 298 Fenner, B. and M. Duerst, "Formats for IPv6 Scope Zone 299 Identifiers in Literal Address Formats", 300 draft-fenner-literal-zone-02 (work in progress), 301 October 2005. 303 [I-D.iab-identifier-comparison] 304 Thaler, D., "Issues in Identifier Comparison for Security 305 Purposes", draft-iab-identifier-comparison-02 (work in 306 progress), May 2012. 308 [RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629, 309 June 1999. 311 [RFC3493] Gilligan, R., Thomson, S., Bound, J., McCann, J., and W. 312 Stevens, "Basic Socket Interface Extensions for IPv6", 313 RFC 3493, February 2003. 315 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 316 Schoenwaelder, "Textual Conventions for Internet Network 317 Addresses", RFC 4001, February 2005. 319 [chrome] Google, "Use the address bar (omnibox)", 2012, . 322 Appendix A. Alternatives Considered 324 1. Leave the problem unsolved. 326 This would mean that per-interface diagnostics would still have 327 to be performed using ping or ping6: 329 ping fe80::a%en1 331 Advantage: works today. 333 Disadvantage: less convenient than using a browser. 335 2. Simply using the percent character. 337 http://[fe80::a%en1] 339 Advantage: allows use of browser, allows cut and paste. 341 Disadvantage: invalid syntax under RFC 3986; not acceptable to 342 URI community. 344 3. Escaping the escape character as allowed by RFC 3986: 346 http://[fe80::a%25en1] 348 Advantage: allows use of browser. 350 Disadvantage: ugly and confusing, doesn't allow simple cut and 351 paste. 353 4. Alternative separator 355 http://[fe80::a-en1] 357 Advantage: allows use of browser, simple syntax 359 Disadvantage: Requires all IPv6 address literal parsers and 360 generators to be updated in order to allow simple cut and paste. 362 Note: the initial proposal for this choice was to use an 363 underscore as the separator, but it was noted that this becomes 364 effectively invisible when a user interface automatically 365 underlines URLs. 367 5. With the "IPvFuture" syntax left open in RFC 3986: 369 http://[v6.fe80::a_en1] 371 Advantage: allows use of browser. 373 Disadvantage: ugly and redundant, doesn't allow simple cut and 374 paste. 376 Authors' Addresses 378 Brian Carpenter 379 Department of Computer Science 380 University of Auckland 381 PB 92019 382 Auckland, 1142 383 New Zealand 385 Email: brian.e.carpenter@gmail.com 386 Robert M. Hinden 387 Check Point Software Technologies, Inc. 388 800 Bridge Parkway 389 Redwood City, CA 94065 390 US 392 Email: bob.hinden@gmail.com