| URNBIS | P. Saint-Andre |
| Internet-Draft | &yet |
| Obsoletes: 2141, 3406 (if approved) | J. Klensin |
| Intended status: Standards Track | |
| Expires: April 24, 2015 | October 21, 2014 |
Uniform Resource Names (URNs)
draft-ietf-urnbis-rfc2141bis-urn-08
A Uniform Resource Name (URN) is a Uniform Resource Identifier (URI) that is assigned under the "urn" scheme and a particular URN namespace, typically with the intent that the URN will be a persistent, location-independent resource identifier or abstract designator. With regard to URN syntax, this document defines the canonical syntax for URNs (in a way that is consistent with URI syntax), specifies methods for determining URN equivalence, and discusses URI conformance. With regard to URN namespaces, this specifies a method for defining a URN namespace and associating it with a namespace identifier, and describes procedures for registering namespace identifiers with the Internet Assigned Numbers Authority (IANA). This document obsoletes both RFC 2141 and RFC 3406.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 24, 2015.
Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.
A Uniform Resource Name (URN) is a Uniform Resource Identifier (URI) [RFC3986] that is assigned under the "urn" scheme and a particular namespace, typically with the intent that the URN will be a persistent, location-independent resource identifier or abstract designator. The assignment of URNs is done by an organization (or, in some cases, according to an algorithm or other process) that has been formally delegated a namespace within the "urn" scheme (e.g., a URN in the 'example' namespace [RFC6963] might be of the form "urn:example:foo").
This document rests on two key assumptions:
So that information about both URN syntax and URN namespaces is available in one place, this document does the following:
For URN syntax and URN namespaces, this document updates and replaces the definitions from [RFC2141] and [RFC3406], respectively. These modifications build on the requirements provided in [RFC1737] and many years of experience with URNs, in both cases attempting to make the smallest reasonable set of changes from the previous definitions.
This document obsoletes both [RFC2141] and [RFC3406].
Several important terms used in this document are defined in the URI specification [RFC3986].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
The syntax of URNs as provided in [RFC2141] was defined before the updated specification of URIs in [RFC3986]. To ensure consistency with the URI syntax as well as semantic flexibility in the use of URNs within particular applications [I-D.ietf-urnbis-semantics-clarif], this specification extends the syntax of URNs to explicitly allow several characters (and thus URI components) that were not allowed by [RFC2141], and also makes several smaller syntax adjustments.
As a result, the syntax for a URN is defined as follows using the Augmented Backus-Naur Form (ABNF) as specified in [RFC5234]. Rules not defined below (i.e., alphanum, pchar, path-absolute, query, and fragment) are defined in [RFC3986].
namestring = assigned-name
[ p-component ]
[ q-component ]
[ f-component ]
assigned-name = "urn" ":" NID ":" NSS
; the URI scheme ("urn") is case insensitive
NID = (alphanum) 0*30(ldh) (alphanum)
ldh = alphanum / "-"
NSS = 1*(pchar)
p-component = "/" path-absolute
q-component = "?" query
f-component = "#" fragment
The following sections describe provide additional information about these rules.
The syntax here is slightly more restrictive than what was defined in [RFC2141], since it forbids the character "-" at the end of a NID.
NIDs are case insensitive (e.g., "ISBN" and "isbn" are equivalent).
Depending on the rules governing a namespace, names that are valid in a namespace might contain characters that are not allowed in URNs according to the "pchar" rule (e.g., characters outside the ASCII range or characters that are reserved in URIs, such as "/", "?", and "#"). Such a string MUST be translated into a conformant NSS before using it as a protocol element or otherwise passing it on to other applications. Translation is done by percent-encoding each disallowed character using the method defined in Section 2.1 of [RFC3986]. Note that the "%" character is allowed only for the purpose of percent-encoding.
In order to make URNs as stable and persistent as possible when protocols evolve and the environment around them changes, namespaces SHOULD NOT allow characters outside the basic Latin repertoire unless the nature of the particular namespace makes such characters necessary.
If a namespace designates one or more characters conforming to the "pchar" rule as having special meaning for that namespace (e.g., "@") and the namespace also uses that character in a literal sense, when used in a literal sense the character MUST be percent-encoded (e.g., "%40"). For related considerations with regard to NID registration, see below.
The p-component, q-component, and f-component are optional components that follow the assigned-name. In terms of URI syntax these components are essentially equivalent to the URI "path-absolute", "query", and "fragment" constructions, respectively. However, the URN p-component, q-component, and f-component need not be semantically equivalent to the URI path component, query component, and fragment component; therefore they are called by different names in this specification.
Unless specifically defined for a particular namespace, use of these components is disallowed, thereby maintaining strict backward compatibility with namespaces defined in accordance with [RFC2141] and registered in accordance with [RFC3406].
This specification does not define the semantics of the p-component, q-component, and f-component in URNs. Additional specifications might establish these matters for URN-related services (such as URN resolution) or for individual URN namespaces (e.g., to handle extended information about the resource identified by a URN). For example, it is possible that the q-component might be used in requests to URN resolution services, or that the f-component might be used to distinguish the integral parts of resources named by URNs in particular namespaces (say, the chapters of a book). However, defining such usage is the responsibility of specifications for URN resolution services, namespace registration requests and specifications for individual namespaces, and other appropriate documentation (such as policy documents governing the management of a given URN namespace).
The only formal restriction placed upon a p-component by this specification is that the syntax SHALL adhere to the "path-absolute" rule from [RFC3986]. The inner syntax of a p-component is to be defined by the specification for a particular namespace or URN-related service. (For example, a namespace specification might define a character such as "~" or "@" as a delimiter inside p-components assigned within that namespace.)
As described under Section 4, the p-component SHALL be taken into account when determining URN equivalence.
The only formal restriction placed upon a q-component by this specification is that the syntax SHALL adhere to the "query" rule from [RFC3986] (prepended by the "?" character). The inner syntax of a q-component is to be defined by the specification for a particular namespace. (For example, a namespace specification might define a character such as ";" or "=" as a delimiter inside q-components assigned within that namespace.)
As described under Section 4, the q-component SHALL NOT be taken into account when determining URN equivalence.
The only formal restriction placed upon an f-component by this specification is that the syntax SHALL adhere to the "fragment" rule from [RFC3986] (prepended by the "#" character). The inner syntax of an f-component is to be defined by the specification for a particular namespace. (For example, a namespace specification might define a character such as "&" or "+" as a delimiter inside f-components assigned within that namespace.)
As described under Section 4, the f-component SHALL NOT be taken into account when determining URN equivalence.
For various purposes such as caching, often it is desirable to determine if two URNs are "the same". This is done by testing for equivalence (see Section 6.1 of [RFC3986]).
Note that [RFC3986] is very flexible about equality comparisons, putting the focus on allowing false negatives and avoiding false positives. If comparisons are made in a scheme-independent way, i.e., as URI comparisons only, URNs that this specification considers equal would be rejected. The discussion below applies when the URI is known to be a URN.
Two URNs are equivalent if they are octet-by-octet equal after applying case normalization (as specified in Section 6.2.2.1 of [RFC3986]) to the following constructs:
Percent-encoded characters MUST NOT be decoded, i.e., percent-encoding normalization (as specified in Section 6.2.2.2 of [RFC3986]) MUST NOT be applied.
If a q-component or f-component (or both) are included in a URN, they MUST be ignored for purposes of determining equivalence.
URN namespaces MAY define additional rules for equivalence, such as case-insensitivity of the NSS (or parts thereof). Such rules MUST always have the effect of eliminating some of the false negatives obtained by the procedure above and MUST NOT result in treating two URNs as not equivalent if the procedure here says they are equivalent. For related considerations with regard to NID registration, see below.
The following URN comparisons (which use the "example" NID defined in [RFC6963]) highlight the equivalence rules:
URNs 1, 2, and 3 are equivalent. URN 4 is not equivalent to any of the other URNs in the above set. URNs 5 and 6 are equivalent only to each other.
Because a URN is, syntactically, a URI under the "urn" scheme, in theory a URN can be placed in any protocol slot that allows for a URI (e.g., an XML namespace name [XML-NAMES]). However, this does not imply that, semantically, it makes sense in practice to place a URN in a given URI protocol slot; in particular, because a URN does not specify the location of a resource, it is not appropriate to place a URN in a URI protocol slot that points to a resource (examples include the 'href' and 'src' attributes and the <base/> element in HTML, as well as the 'xml:base' attribute in XML [XML-BASE]).
Despite the fact that URNs are not hierarchical and are not appropriate for use as a base URI (see Section 5.1 of [RFC3986]), the relative resolution algorithm specified in Section 5.2 of [RFC3986] still applies to the "urn" URI scheme; implementers need to be aware, however, that running the algorithm against URNs can lead to results that are unexpected or not useful.
A resolver that conforms to the URI specification [RFC3986] will extract a scheme of "urn" rather than a scheme value of "urn:<nid>". A URN MUST be considered an opaque URI by URI resolvers and passed (with the "urn" scheme) to a URN resolver for resolution. The URN resolver can either be an external resolver that the URI resolver knows of, or it can be functionality built in to the URI resolver.
To minimize user confusion, a URI browser SHOULD display the complete URN (including the "urn" scheme and any components) to ensure that there is no confusion between URN namespace identifiers and URI scheme identifiers (e.g., a URI beginning with "urn:xmpp:" [RFC4854] is very different from a URI beginning with "xmpp:" [RFC5122]).
When URNs are transported and exchanged, they MUST be represented in this format. Further, all URN-aware applications MUST offer the option of displaying URNs in this canonical form to allow for direct transcription (for example by cut and paste techniques). Such applications might support display of URNs in a more human-friendly form and might use a character set that includes characters that are not permitted in URN syntax as defined in this specification (e.g., when displaying URNs to humans, such applications might replace percent-encoded strings with characters in an extended character set such as [UNICODE]).
As mentioned, the assignment of URNs is a managed process, as is the assignment of namespaces themselves. Although design of the URNs to be assigned within a given namespace is ceded by this specification to the namespace owner, doing so in a managed way avoids the problems inherent in unmanaged generation of URI as described in [RFC7320].
A URN namespace is a collection of identifiers that are (1) unique, (2) assigned in a consistent way, and (3) assigned according to a common definition.
A URN namespace is identified by a particular NID in order to ensure the global uniqueness of URNs and, optionally, to provide a cue regarding the structure of URNs assigned within a namespace.
With regard to global uniqueness, using different NIDs for different collections of identifiers ensures that no two URNs will be the same for different resources, since each collection is required to uniquely assign each identifier. However, a single resource can have more than one URN assigned to it for different purposes (e.g., some numbers might be valid identifiers in two different identifier systems, where the namespace identifier differentiates between the resulting URNs).
With regard to the structure of URNs assigned within a namespace, the development of an identifier structure (and thereby a collection of identifiers) depends on the requirements of the community defining the identifiers, how the identifiers will be assigned and used, etc. These issues are beyond the scope of URN syntax and the general rules for URN namespaces, because they are specific to the community defining a namespace (e.g., the bibliographic and publishing communities in the case of the 'ISBN' and 'ISSN' namespaces, or the developers of extensions to the Extensible Messaging and Presence Protocol in the case of the 'XMPP' namespace).
URN namespaces inherit certain rights and responsibilities by the nature of URNs, e.g.:
There are two types of URN namespace: formal and informal. These are distinguished by the expected level of service, the information needed to define the namespace, and the procedures for registration. Because the majority of the namespaces registered so far have been formal, this document concentrates on formal namespaces.
Note: [RFC3406] defined a third type of "experimental namespaces", denoted by prefixing the namespace identifier with the string "X-". Consistent with [RFC6648], this specification removes the experimental category. Because experimental namespaces were never registered, removing the experimental category has no impact on the existing registries or future registration procedures.
A formal namespace provides benefit to some subset of users on the Internet (e.g., it would not make sense for a formal namespace to be used only by a community or network that is not connected to the Internet). For example, it would be inappropriate for a NID to effectively force someone to use a proprietary network or service not open to the general Internet user. The intent is that, while the community of those who might actively use the names assigned within that NID might be small, the potential use of identifiers within that NID is open to any user on the Internet. Formal NIDs might be appropriate when some aspects are not fully open. For example, a namespace might make use of a fee-based, privately managed, or proprietary registry for assignment of URNs in the namespace. However, it might still benefit some Internet users if the associated services have openly-published access protocols.
An organization that will assign URNs within a formal namespace ought to meet the following criteria:
A formal namespace establishes a particular NID, subject to the following constraints (above and beyond the syntax rules already specified):
All two-letter combinations, and all two-letter combinations followed by "-" and any sequence of valid NID characters, are reserved for potential use as countrycode-based NIDs for eventual national registrations of URN namespaces. The definition and scoping of rules for allocation of responsibility for such countrycode-based namespaces is beyond the scope of this document.
Informal namespaces are full-fledged URN namespaces, with all the associated rights and responsibilities. Informal namespaces differ from formal namespaces in the process for assigning a NID: for an informal namespace, the registrant does not designate the NID; instead, IANA assigns a NID consisting of the string 'urn-' followed by one or more digits (e.g., "urn-7") where the digits consist of the next available number in the sequence of positive integers assigned to informal namespaces. Thus the syntax of an informal namespace is:
"urn-" <number>
The only restrictions on <number> are that it (1) consist strictly of ASCII digits and (2) not cause the NID to exceed the length limitations defined for the URN syntax.
The definition of a formal namespace ought to pay particular attention to:
The following sections explain these matters in greater detail. For convenience, a template for defining and registering a URN namespace is provided under Appendix A. This information can be especially helpful to entities that wish to request assignment of a URN in a namespace and to entities that wish to provide URN resolution for a namespace.
The "Purpose" section of the template describes matters such as:
The "Syntax" section of the template describes:
The "Assignment" section of the template describes matters such as:
The "Security" section of the template describes any potential issues related to security and privacy with regard to assignment, use, and resolution of identifiers within the namespace. Examples of such issues include the consequences of producing false negatives and false positives during comparison for equivalence (see also [RFC6943]), leakage of private information when identifiers are communicated on the public Internet, the potential for directory harvesting, and various issues discussed in the guidelines for security considerations in RFCs [RFC3552] and the privacy considerations for Internet protocols [RFC6973].
The "Resolution" section specifies the rules for resolution of URNs assigned within the namespace. If such URNs are intended to be resolvable, the namespace needs to be registered in a Resolution Discovery System (RDS, see [RFC2276]) such as DDDS. Resolution then proceeds according to standard URI resolution processes, as well as the mechanisms of the RDS. This section ought to lists the requirements for becoming a recognized resolver of URNs in the relevant namespace (and being so listed in the RDS registry). Answers might include, but are not limited to:
The registration policy for formal namespaces is Expert Review as defined in the "IANA Considerations" document [RFC5226]. The key steps for registration of a formal namespace are:
A formal namespace registration can be revised by updating the registration template, following the same steps outlined above for new registrations. A revised registration should make special note of any relevant changes in the underlying technologies or namespace management processes.
The registration policy for informal namespaces is First Come First Served [RFC5226]. The key steps for registration of an informal namespace are:
An informal namespace registration can be revised by updating the registration template, following the same steps outlined above for new registrations.
Experience to date with NID registration requests has shown that registrants sometimes do not initially understand some of the subtleties of URN namespaces, and that defining the namespace in the form of a specification enables the registrants to clearly formulate their "contract" with the intended user community. Therefore, although the registration policy for formal namespaces is Expert Review and a stable specification is not strictly required, the designated experts for NID registration requests ought to encourage applicants to provide a stable specification documenting the namespace definition.
Naming can be difficult and contentious; the designated experts and applicants are strongly encouraged to work together in a spirit of good faith and mutual understanding to achieve rough consensus on progressing registrations through the process. They are also encouraged to bring additional expertise into the discussion if that would be helpful in adding perspective or otherwise resolving issues.
This section formally registers a URI scheme of 'urn'.
[Note to RFC Editor: please replace "XXXX" with the number assigned to this document upon publication.]
This document outlines the processes for registering URN namespaces, and has implications for the IANA in terms of registries to be maintained. In all cases, the IANA ought to assign the appropriate NID (formal or informal) once the procedures outlined in this document have been completed.
The definition of a URN namespace needs to account for potential security and privacy issues related to assignment, use, and resolution of identifiers within the namespace (e.g., some namespace resolvers might assign special meaning to certain characters in the Namespace Specific String).
In most cases, URN namespaces providing a way to declare public information. Nominally, these declarations will be of relatively low security profile, however there is always the danger of "spoofing" and providing misinformation. Information in these declarations ought to be taken as advisory.
| [RFC2119] | Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. |
| [RFC3986] | Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, January 2005. |
| [RFC5226] | Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008. |
| [RFC5234] | Crocker, D. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", STD 68, RFC 5234, January 2008. |
Requested of IANA (formal) or assigned by IANA (informal).
The version of the registration, starting with 1 and incrementing by 1 with each new version.
The date when the registration is requested of IANA, using the format YYYY-MM-DD.
The person or organization that has registered the NID, including the following information:
Described under Section 7.1 of this document.
Described under Section 7.2 of this document.
Described under Section 7.3 of this document.
Described under Section 7.5 of this document.
A pointer to an RFC, a specification published by another standards development organization, or another stable document that provides further information about the namespace.
This document makes the following substantive changes from [RFC2141]:
This document makes the following substantive changes from [RFC3406]:
In addition, some of the text has been updated to be consistent with the definition of Uniform Resource Identifiers (URIs) [RFC3986] and the processes for registering information with the IANA [RFC5226], as well as more modern guidance with regard to security issues [RFC3552] and identifier comparison [RFC6943].
RFC 2141, which provided the basis for the syntax portion of this document, was authored by Ryan Moats.
RFC 3406, which provided the basis for the namespace portion of this document, was authored by Leslie Daigle, Dirk-Willem van Gulik, Renato Iannella, and Patrik Faltstrom.
Their work is gratefully acknowledged.
Many thanks to Marc Blanchet, Leslie Daigle, Martin Duerst, Juha Hakala, Ted Hardie, Alfred Hoenes, Paul Jones, Barry Leiba, Sean Leonard, Larry Masinter, Keith Moore, Mark Nottingham, Julian Reschke, Lars Svensson, Dale Worley, and other participants in the URNBIS WG for their input. Alfred Hoenes in particular edited an earlier version of this document and served as co-chair of the URNBIS WG.
Juha Hakala deserves special recognition for his dedication to successfully completing this work, as do Andrew Newton in his role as working group chair and Barry Leiba in his role as area director.