Internet Engineering Task Force                               S. Farrell
Internet-Draft                                    Trinity College Dublin
Intended status: Standards Track                             D. Kutscher
Expires: April 26, 2012                                              NEC
                                                            C. Dannewitz
                                                 University of Paderborn
                                                               B. Ohlman
                                                         P. Hallam-Baker
                                                       Comodo Group Inc.
                                                        October 24, 2011

           The Named Information (ni) URI Scheme: Core Syntax


   This document defines a URI-based name form that identifies a named
   object via hash-based binding.  The URI name form defined is intended
   for use in applications that need to uniquely identify resources in a
   location-independent way such as accessing in-network storage
   (DECADE), information-centric networking and more generally.  The
   format is designed to support a strong link to the referenced object
   such that the referenced object may be authenticated to the same
   degree as the reference to it.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on April 26, 2012.

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

Farrell, et al.          Expires April 26, 2012                 [Page 1]

Internet-Draft                 ni URI Core                  October 2011

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   ( in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Format . . . . . . . . . . . . . . . . . . . . . . . . . . . .  4
   3.  Processing NI URIs . . . . . . . . . . . . . . . . . . . . . .  4
     3.1.  Verifying URI/Resource Mappings  . . . . . . . . . . . . .  4
     3.2.  Testing for Equality . . . . . . . . . . . . . . . . . . .  5
     3.3.  Mapping to HTTP(S) URLs  . . . . . . . . . . . . . . . . .  5
   4.  Examples . . . . . . . . . . . . . . . . . . . . . . . . . . .  6
   5.  The Named Information URI TYPE . . . . . . . . . . . . . . . .  6
     5.1.  Encoding Considerations  . . . . . . . . . . . . . . . . .  6
     5.2.  Syntax . . . . . . . . . . . . . . . . . . . . . . . . . .  7
   6.  Security Considerations  . . . . . . . . . . . . . . . . . . .  7
   7.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . .  8
   8.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  8
     8.1.  Assignment of Network Information (ni) URI Scheme  . . . .  8
     8.2.  Assignment of Well Known URI prefix ni . . . . . . . . . .  9
   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . .  9
     9.1.  Normative References . . . . . . . . . . . . . . . . . . .  9
     9.2.  Informative References . . . . . . . . . . . . . . . . . . 10
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10

Farrell, et al.          Expires April 26, 2012                 [Page 2]

Internet-Draft                 ni URI Core                  October 2011

1.  Introduction

   URIs [RFC3986] are used in various protocols for identifying
   resources.  In many deployments those URIs contain strings that are
   hash function outputs in order to ensure uniqueness in terms of
   mapping the URI to a specific resource, or to make URIs hard to guess
   for security reasons.  However, there is no standard way to interpret
   those strings, and so today in general only the creator of the URI
   knows how to use the hash function output.

   For example, protocols for accessing in-network storage servers (as
   defined in the IETF DECADE WG) need a way to identify the stored
   resources uniquely and in a location-independent way so that replicas
   on different servers can be accessed by the same name.  Also, such
   applications may require verifying that a resource that has been
   obtained actually corresponds to the name that was used to request
   the resource, i.e., verifying the name-content binding.

   Similarly, in the context of information-centric networking
   [ref.netinf-design] [ref.ccn] and elsewhere there is value in being
   able to compare a presented resource against the URI that was de-
   referenced in order to access that resource.  If a cryptographically-
   strong comparison function can be used then this allows for many
   forms of in-network storage, without requiring as much trust in the
   infrastructure used to present the resource.  The outputs of hash
   functions can be used in this manner, if presented in a standard way.

   Additional applications might include creating references from web
   pages delivered over HTTP/TLS; DNS resource records signed using
   DNSSEC or Data values embedded in certificates, CRLs, OCSP tokens and
   other signed data objects.

   Accordingly, the "ni" URI scheme allows for checking of the integrity
   of the URI/resource mapping, but it is OPTIONAL for implementations
   to do so when sending, receiving or processing "ni" URIs.

   The URI scheme defined here allows for the use of a query-string,
   simiilar to how query-strings are used in HTTP URLs.  A companion
   specification [niexts] describes specific values that can be used in
   such query strings in for various purposese.  That document also
   specifies additional optional algorithms for truncated hashes and for
   hashing of dynamic objects.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   document are to be interpreted as described in RFC 2119 [RFC2119].

   Syntax definitions in this memo are specified according to ABNF

Farrell, et al.          Expires April 26, 2012                 [Page 3]

Internet-Draft                 ni URI Core                  October 2011


   [[Comments are included in double-square brackets, like this.]]

2.  Format

   In this section we provide an informal description of the ni name
   syntax.  An ni URI consists of the following components:

   Scheme Name [Required]  The scheme name is 'ni'.

   Colon and Slashes [Required]  The literal "://"

   Authority [Optional]  The optional authority component may assist
      applications in accessing the object named by an ni URI.  Note
      that while the ni names with and without an authority differ
      syntactically, both names will almost always refer to the same

   One slash [Required]  The literal "/"

   Digest Algorithm [Required]  The name of the digest algorithm, as
      specified in the IANA registry titled "Data Structure for the
      Security Suitability of Cryptographic Algorithms registry
      'Cryptographic Algorithms'" [RFC5698].

   Separator [Required]  The literal ";"

   Digest Value [Required]  The digest value encoded in the specified
      encoding.  The digest value MAY be trucated at a 64 byte boundary.

   Query Parameter separator [Optional] '?'  The query parameter
      separator acts a separator between the digest value and the query
      parameters (if specified).

   Query Parameters [Optional]  A tag=value list of optional query
      parameters as are used with HTTP URLs.

3.  Processing NI URIs

3.1.  Verifying URI/Resource Mappings

   It is OPTIONAL for implementations to check the integrity of the URI/
   resource mapping when sending, receiving or processing "ni" URIs.

Farrell, et al.          Expires April 26, 2012                 [Page 4]

Internet-Draft                 ni URI Core                  October 2011

3.2.  Testing for Equality

   When verifying whether two NI URIs refer to same object, an
   implementation MUST only consider the Digest Algorithm identifier and
   the Digest Value, i.e., it MUST NOT consider the authority field or
   any parameters.

3.3.  Mapping to HTTP(S) URLs

   We define a bidirectional mapping between the ni URI scheme and a
   subset of the the HTTP scheme that makes use of the .well-known URI
   [RFC5785] by defining an "ni" suffix (see Section 8).

   The HTTP(s) mapping MAY be used in any context where legacy clients
   without support for ni indentifiers is required without loss of
   interoperability or functionality.  A legacy client interprets the ni
   identifier as an ordinary HTTP(s) URL while a ni aware client can
   determine the corresponding ni form of the URI and apply ni

   Implementations SHOULD support this mapping, in both directions.
   [[Not sure if we really want 2119 language for the mapping, nor if we
   need to specify both directions, so this is kind of a placeholder.]]

   For an ni name of the form "ni://n-authority/alg;val?query-string"
   the corresponding HTTP URL produced by this algorithm is
   "http://h-authority/.well-known/ni/alg/val?query-string".  If the ni
   name has a specified authority then the h-authority MUST have the
   same value.  If the ni name has no authority specified (i.e. the
   n-authority string is empty), a h-authority value MAY be derived from
   the applicaiton context.  For example, if the mapping is being done
   in the context of a web page then the origin [websec-origin] for that
   web site can be used.  Of course, there are in general no guarantees
   that the object named by the ni name will be available at the
   corresponding HTTP URL.  But in the case that any data is returned,
   the retreiver can determine if it is the correct content.

   If an application is presented with a HTTP URL with "/.well-
   known/ni/" as the start of its pathname component, then the reverse
   mapping to an ni name either including or excluding the authority
   might produce an ni name that is meaningful depending on the

   In all of the above the application MAY use the "https" URI scheme if
   security considerations warrant use of TLS.

Farrell, et al.          Expires April 26, 2012                 [Page 5]

Internet-Draft                 ni URI Core                  October 2011

4.  Examples

   [[Note: check examples and make sure they're correct sometime.]]

   The following digest URI specifies a reference to the text "Hello
   World !" using the SHA-2 algorithm with 256 bit output and no
   authority field:


   And the same example shown with an authority would be:


   The following HTTP URL represents a mapping from the previous ni name
   based on the algorithm outlined above.

5.  The Named Information URI TYPE

5.1.  Encoding Considerations

   [[Note that this section may change.  However, the intent is that
   there be one and only one well defined encoding scheme for ni names.
   However, getting the right scheme for that, and for the URL mapping
   may be tricky.]]

   The digest value MUST be encoded using base64url [RFC4648] encoding.

   The query segment of an URI is NOT hierarchical.  Thus escape
   encoding of slash '/' characters is NOT required.  Since application
   code often attempts to enforce such encoding, decoders MUST recognize
   the use of URI escape encoding.  Section 3.4 of [RFC3986] states that
   "The characters slash ("/") and question mark ("?") may represent
   data within the query component."

   Consequently no special escaping mechanism is required for the query
   parameter portion of ni URIs.  URI escaping is however frequently
   imposed automatically by scripting environments.  Thus to ensure
   interoperability, implementations SHOULD NOT generate URIs that
   employ URI character escaping, and implementations MUST accept any
   URIs that employ URI character escaping.  [[That might need to be
   more specific.]]

Farrell, et al.          Expires April 26, 2012                 [Page 6]

Internet-Draft                 ni URI Core                  October 2011

5.2.  Syntax

   The Named Information URI has the following syntax:

         niname ="ni://" [ authority ] "/" alg ";" val [ "?" query ]
         alg = 1*CHAR
         val = 1*CHAR

                         Figure 1: ni Name syntax

   The "authority" and "query" types are as in the URI specification.

   Implementations MUST support the sha-256 algorithm as specified in

   Implementations MAY support other algorithms specified in the Data
   Structure for the Security Suitability of Cryptographic Algorithms
   registry 'Cryptographic Algorithms' [RFC5698].

   Note that additional algorithms are specified in the companion
   document to this one [niexts] that implementations can choose to
   support if they wish.  Those algorithms use a different IANA registry
   defined in that document.

   The "val" field MUST contain the output of applying the hash function
   ("alg") to its defined input, which defaults to the object bytes that
   are expected to be returned when the URI is de-referenced.

6.  Security Considerations

   No secret information is required to generate or verify an ni URI.
   Therefore an ni URI only provides a proof of integrity for the
   referenced object and the proof of integrity provided is only as good
   as the proof of integrity for the ni URI.  In other words, the digest
   value can provide name-data integrity binding the ni name value to
   the object bytes returned when the ni name is de-referenced using
   some protocol.

   Disclosure of an ni URI value does not necessarily entail disclosure
   of the referenced object but may enable an attacker to determine the
   contents of the referenced object by reference to a search engine or
   other data repository or, for highly formatted object with little
   variation, by simply guessing the value and checking if the digest
   value matches.

   The integrity of the referenced content would be compromised if a

Farrell, et al.          Expires April 26, 2012                 [Page 7]

Internet-Draft                 ni URI Core                  October 2011

   weak digest were used.

   If a truncated digest is used, certain security properties MAY be
   affected.  In general a digest algorithm is designed to produce
   sufficient bits to prevent a 'birthday attac' collision occuring.  To
   ensure that the difficulty of discovering two pieces of content that
   result in the same digest with a work factor O(2^x) by brute force
   requires a digest length of 2x.  Many security applications only
   require protection against a 2nd pre-image attack which only requires
   a digest length of x to achieve the same work factor.

   [[Don't reduce too much, and don't rely on a digest that has been
   truncated as being the strength of the original digest alg.]]

7.  Acknowledgements

   This work has been supported by the EU FP7 project SAIL.  The authors
   would like to thank SAIL participants to our naming discussions,
   especially Jean-Francois Peltier, for their input.

   [[Mention folk on the WebSec list who contributed to the

8.  IANA Considerations

8.1.  Assignment of Network Information (ni) URI Scheme

   The procedures for registration of a URI scheme are specified in RFC
   4395 [RFC4395].  The following is the proposed assignment template.

   URI scheme name: ni

   Status: Permanent

   URI scheme syntax.  See Section 5.2

   URI scheme semantics.  See Section 5.2

   Encoding considerations.  See Section 5.1

   Applications/protocols that use this URI scheme name: General
   applicability with initial use cases provided by WEBSEC and DECADE

   Interoperability considerations: TBS

   Security considerations: See Section 6

Farrell, et al.          Expires April 26, 2012                 [Page 8]

Internet-Draft                 ni URI Core                  October 2011

   Contact: TBD

   Author/Change controller: IETF

   References: As specified in this document

8.2.  Assignment of Well Known URI prefix ni

   The procedures for registration of a Well Known URI entry are
   specified in RFC 5785 [RFC5785].  The following is the proposed
   assignment template.

   URI suffix: ni

   Change controller: IETF

   Specification document(s): This document

   Related information: None

9.  References

9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
              Resource Identifier (URI): Generic Syntax", STD 66,
              RFC 3986, January 2005.

   [RFC4055]  Schaad, J., Kaliski, B., and R. Housley, "Additional
              Algorithms and Identifiers for RSA Cryptography for use in
              the Internet X.509 Public Key Infrastructure Certificate
              and Certificate Revocation List (CRL) Profile", RFC 4055,
              June 2005.

   [RFC4395]  Hansen, T., Hardie, T., and L. Masinter, "Guidelines and
              Registration Procedures for New URI Schemes", BCP 35,
              RFC 4395, February 2006.

   [RFC4648]  Josefsson, S., "The Base16, Base32, and Base64 Data
              Encodings", RFC 4648, October 2006.

   [RFC5698]  Kunz, T., Okunick, S., and U. Pordesch, "Data Structure
              for the Security Suitability of Cryptographic Algorithms
              (DSSC)", RFC 5698, November 2009.

Farrell, et al.          Expires April 26, 2012                 [Page 9]

Internet-Draft                 ni URI Core                  October 2011

   [RFC5785]  Nottingham, M. and E. Hammer-Lahav, "Defining Well-Known
              Uniform Resource Identifiers (URIs)", RFC 5785,
              April 2010.

9.2.  Informative References

   [niexts]   Hallam-Baker, P., Stradling, R., Farrell, S., Kutscher,
              C., and B. Ohlman, "The Network Information (ni) URI
              Scheme: Parameters", draft-hallambaker-decade-ni-params-00
              (work in progress), October 2011.

   [ref.ccn]  Jacobsen, K, D, F, H, and L, "Networking Named Content",
              CoNEXT 2009 , December 2009.

              Ahlgren, D'Ambrosio, Dannewitz, Marchisio, Marsh, Ohlman,
              Pentikousis, Rembarz, Strandberg, and Vercellone, "Design
              Considerations for a Network of Information", Re-Arch 2008
              Workshop , December 2008.

              Barth, A., "The Web Origin Concept",
              draft-ietf-websec-origin-06 (work in progress),
              October 2011.

Authors' Addresses

   Stephen Farrell
   Trinity College Dublin
   Dublin,   2

   Phone: +353-1-896-2354

   Dirk Kutscher
   Kurfuersten-Anlage 36


Farrell, et al.          Expires April 26, 2012                [Page 10]

Internet-Draft                 ni URI Core                  October 2011

   Christian Dannewitz
   University of Paderborn


   Borje Ohlman
   Stockholm  S-16480


   Phillip Hallam-Baker
   Comodo Group Inc.


Farrell, et al.          Expires April 26, 2012                [Page 11]