Network Working Group M. Nottingham Internet-Draft July 3, 2008 Updates: 4287 (if approved) Intended status: Standards Track Expires: January 4, 2009 HTTP Header Linking draft-nottingham-http-link-header-02 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on January 4, 2009. Abstract This document clarifies the status of the Link HTTP header and attempts to consolidate link relations in a single registry. Nottingham Expires January 4, 2009 [Page 1]
Internet-Draft HTTP Header Linking July 2008 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 3 3. The Link Header Field . . . . . . . . . . . . . . . . . . . . 4 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 6.1. Normative References . . . . . . . . . . . . . . . . . . . 9 6.2. Informative References . . . . . . . . . . . . . . . . . . 9 Appendix A. Notes on HTML Links . . . . . . . . . . . . . . . . . 10 Appendix B. Notes on Atom Links . . . . . . . . . . . . . . . . . 11 Appendix C. Acknowledgements . . . . . . . . . . . . . . . . . . 11 Appendix D. Document history . . . . . . . . . . . . . . . . . . 11 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 12 Intellectual Property and Copyright Statements . . . . . . . . . . 13 Nottingham Expires January 4, 2009 [Page 2]
Internet-Draft HTTP Header Linking July 2008 1. Introduction A means of indicating the relationships between documents on the Web has been available for some time in HTML [W3C.REC-html401-19991224], and was considered as a HTTP header in [RFC2068], but removed from [RFC2616], due to a lack of implementation experience. There have since surfaced many cases where a means of including this information in HTTP headers has proved useful. However, because it was removed, the status of the Link header is unclear, leading some to consider minting new application-specific HTTP headers instead of reusing it. This document seeks to address these shortcomings. Additionally, formats other than HTML -- namely, Atom [RFC4287] -- have also defined generic linking mechanisms that are similar to those in HTML, but not identical. This document aims to reconcile these differences when such links are expressed as headers. [[ NOTE: This is a straw-man draft that is intended to give a ROUGH idea of what it would take to align and consolidate the HTML and Atom link relations into a single registry with reasonable extensibility rules. In particular; a) it changes the registry for Atom link relations, and the process for registration; b) it assigns more generic semantics to several existing link relations, both Atom and HTML; c) it changes the syntax of the Link header (in the case where extensions are present). Feedback is welcome on the ietf-http-wg@w3.org mailing list, although this is NOT a work item of the HTTPBIS WG. ]] 2. Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, [RFC2119], as scoped to those conformance targets. This document uses the Augmented Backus-Naur Form (ABNF) notation of [RFC2616], and explicitly includes the following rules from it: quoted-string, token, SP (space). Additionally, the following rules are included from [RFC3986]: URI-Reference, and from [RFC4288]: type- name. Nottingham Expires January 4, 2009 [Page 3]
Internet-Draft HTTP Header Linking July 2008 3. The Link Header Field The Link entity-header field provides a means for describing a relationship between two resources, generally between that of the entity associated with the header and some other resource. An entity MAY include multiple Link values. The Link header field is semantically equivalent to the <LINK> element in HTML, as well as the atom:link element in Atom [RFC4287]. Link = "Link" ":" #("<" URI-Reference ">" *( ";" link-param ) ) link-param = ( ( "rel" "=" relationship ) | ( "type" "=" type-name ) | ( "title" "=" quoted-string ) | ( link-extension ) ) link-extension = token [ "=" ( token | quoted-string ) ] relationship = URI-Reference | <"> URI-Reference *( SP URI-Reference) <"> ) Relationship values that include a semicolon (";") or comma (",") MUST be quoted. The title parameter MAY be used to label the destination of a link such that it can be used as identification within a human-readable menu. For example: Link: <http://www.cern.ch/TheBook/chapter2>; rel="previous"; title="previous chapter" This indicates that chapter2 is previous to this resource in a logical navigation path. 3.1. Link Relationships Relationship values are URIs that identify the type of link. If the relationship is a relative URI, its base URI MUST be considered to be "http://www.iana.org/assignments/relation/", and the value MUST be present in the link relation registry. Nottingham Expires January 4, 2009 [Page 4]
Internet-Draft HTTP Header Linking July 2008 4. IANA Considerations 4.1. Link Header Registration This specification requires that the Message Header Registry entry for "Link" in HTTP [RFC3864] be updated to refer to this document, and located at "http://www.iana.org/assignments/relation/". Header field: Link Applicable protocol: http Status: standard Author/change controller: IETF (iesg@ietf.org) Internet Engineering Task Force Specification document(s): [ this document ] 4.2. Link Relation Registry This specification is intended to update Atom to become the reference for the Link Relation registry, and clarifies its nature and use. A Link relation is a way of indicating the semantics of a link. Link relations are not format-specific, and MUST NOT specify a particular format or media type that they are to be used with. The security considerations of following a particular link are not determined by the link's relation type; they are determined by the specific context of the use and the media type of the response. Likewise, a link relation SHOULD NOT specify what the context of its use is, although the media type of the dereferenced link may constrain how it is applied. Link relations that differ only in case (e.g., "Foo" and "foo") MUST NOT be registered. New relations MAY be registered, subject to IESG Approval, as outlined in [RFC2434]. Requests should be made by email to IANA, which will then forward the request to the IESG, requesting approval. The request should use the following template: o Relation Name: o Description: o Reference: The Link Relation registry replaces the Atom Link Relation registry, using the same address with the following contents: Nottingham Expires January 4, 2009 [Page 5]
Internet-Draft HTTP Header Linking July 2008 o Relation Name: alternate o Description: Designates a substitute for the link's context. o Reference: [W3C.REC-html401-19991224] o Relation Name: appendix o Description: Refers to an appendix. o Reference: [W3C.REC-html401-19991224] o Relation Name: bookmark o Description: Refers to a bookmark or entry point. o Reference: [W3C.REC-html401-19991224] o Relation Name: chapter o Description: Refers to a chapter in a collection of resources. o Reference: [W3C.REC-html401-19991224] o Relation Name: contents o Description: Refers to a table of contents. o Reference: [W3C.REC-html401-19991224] o Relation Name: copyright o Description: Refers to a copyright statement. o Reference: [W3C.REC-html401-19991224] o Relation Name: current o Description: Refers to a resource containing the most recent item(s) in a collection of resources. o Reference: [RFC5005] o Relation Name: edit o Description: Refers to a resource that can be used to edit the link's context. o Reference: [RFC5023] o Relation Name: edit-media o Description: Refers to a resource that can be used to edit media associated with the link's context. o Reference: [RFC5023] o Relation Name: enclosure o Description: Identifies a related resource that is potentially large and might require special handling. o Reference: [RFC4287] o Relation Name: first o Description: A URI that refers to the furthest preceding resource in a series of resources. Nottingham Expires January 4, 2009 [Page 6]
Internet-Draft HTTP Header Linking July 2008 o Reference: <http://www.iana.org/assignments/link-relations/first> o Relation Name: glossary o Description: Refers to a glossary of terms. o Reference: [W3C.REC-html401-19991224] o Relation Name: help o Description: Refers to a resource offering help (more information, links to other sources information, etc.) o Reference: [W3C.REC-html401-19991224] o Relation Name: index o Description: Refers to an index. o Reference: [W3C.REC-html401-19991224] o Relation Name: last o Description: A URI that refers to the furthest following resource in a series of resources. o Reference: <http://www.iana.org/assignments/link-relations/last> o Relation Name: license o Description: Refers to a license associated with the link's context. o Reference: [RFC4946] o Relation Name: next o Description: Refers to the next resource in a ordered series of resources. o Reference: [W3C.REC-html401-19991224] o Relation Name: next-archive o Description: Refers to the immediately following archive resource. o Reference: [RFC5005] o Relation Name: payment o Description: indicates a resource where payment is accepted. o Reference: <http://www.iana.org/assignments/link-relations/payment> o Relation Name: prev o Description: Refers to the previous resource in an ordered series of resources. Synonym for "previous". o Reference: [W3C.REC-html401-19991224] o Relation Name: previous o Description: Refers to the previous resource in an ordered series of resources. Synonym for "prev". Nottingham Expires January 4, 2009 [Page 7]
Internet-Draft HTTP Header Linking July 2008 o Reference: [W3C.REC-html401-19991224] o Relation Name: prev-archive o Description: Refers to the immediately preceding archive resource. o Reference: [RFC5005] o Relation Name: related o Description: Identifies a related resource. o Reference: [RFC4287] o Relation Name: replies o Description: Identifies a resource that is a reply to the context of the link. o Reference: [RFC4685] o Relation Name: section o Description: Refers to a section in a collection of resources. o Reference: [W3C.REC-html401-19991224] o Relation Name: self o Description: Conveys an identifier for the link's context. o Reference: [RFC4287] o Relation Name: start o Description: Refers to the first resource in a collection of resources. o Reference: [W3C.REC-html401-19991224] o Relation Name: stylesheet o Description: Refers to an external style sheet. o Reference: [W3C.REC-html401-19991224] o Relation Name: subsection o Description: Refers to a resource serving as a subsection in a collection of resources. o Reference: [W3C.REC-html401-19991224] o Relation Name: via o Description: Identifies a resource that is the source of the information in the link's context. o Reference: [RFC4287] 5. Security Considerations The content the Link headers is not secure, private or integrity- guaranteed, and due caution should be excercised when using it. Nottingham Expires January 4, 2009 [Page 8]
Internet-Draft HTTP Header Linking July 2008 Applications that take advantage of these mechanisms should consider the attack vectors opened by automatically following, trusting, or otherwise using links gathered from HTTP headers. 6. References 6.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 2434, October 1998. [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. [RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration Procedures for Message Header Fields", BCP 90, RFC 3864, September 2004. [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, January 2005. [RFC4288] Freed, N. and J. Klensin, "Media Type Specifications and Registration Procedures", BCP 13, RFC 4288, December 2005. 6.2. Informative References [RFC2068] Fielding, R., Gettys, J., Mogul, J., Nielsen, H., and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2068, January 1997. [RFC4287] Nottingham, M. and R. Sayre, "The Atom Syndication Format", RFC 4287, December 2005. [RFC4685] Snell, J., "Atom Threading Extensions", RFC 4685, September 2006. [RFC4946] Snell, J., "Atom License Extension", RFC 4946, July 2007. [RFC5005] Nottingham, M., "Feed Paging and Archiving", RFC 5005, September 2007. Nottingham Expires January 4, 2009 [Page 9]
Internet-Draft HTTP Header Linking July 2008 [RFC5023] Gregorio, J. and B. de hOra, "The Atom Publishing Protocol", RFC 5023, October 2007. [W3C.REC-html401-19991224] Raggett, D., Hors, A., and I. Jacobs, "HTML 4.01 Specification", W3C REC REC-html401-19991224, December 1999. Appendix A. Notes on HTML Links HTML motivated the original syntax of the Link header, and many of the design decisions in this document are driven by a desire to stay compatible with these uses. All of the link relations defined by HTML4 have been included in the link relation registry, so they can be used without modification. However, extension link relations work differently in HTML4 and the Link header; the former uses a document-wide "profile" URI to scope the relations, while the latter allows the use of full URIs on individual relations. Therefore, when using the profile mechanism in HTML4, it is necessary to map the profiled link relations to URIs when expressed in Link headers. For example, in HTML: <html> <head profile="http://example.com/profile1/"> <link rel="foo" href="/foo"> </head> [...] could be represented as a header like this; Link: </foo>; rel="http://example.com/profile1/foo" Profile authors should note this when creating profile URIs; it may be desirable to use URIs that end in a delimiter (e.g., "/" or "#"), to make extracting the specific relation in use easier. HTML defines link relation values as case-insensitive, while the Link header's syntax does not. Therefore, it is important to case- normalise relation values in HTML before comparing or converting them to Link headers. HTML also defines several attributes on links that are not explicitly Nottingham Expires January 4, 2009 [Page 10]
Internet-Draft HTTP Header Linking July 2008 defined by the Link header. Although most of these are believed to be defunct, they can be used as link-extensions. Appendix B. Notes on Atom Links Atom conveys links in the atom:link element. When serialising an atom:link into a Link header, it is necessary to convert IRIs (if used) to URIs. Additionally, since the base URI for link relations in Link headers is fixed, extension links (i.e,. those not in the registry) MUST be represented as absolute URIs. Note also that while the Link header allows multiple relations to be associated with a single link, atom:link does not. In this case, a single Link header may map to several atom:link elements. As with HTML, atom:link defines some attributes that are not explicitly mirrored in the Link header syntax, but they may also be used as link-extensions. Appendix C. Acknowledgements This specification lifts the definition of the Link header from RFC2068; credit for it belongs entirely to the authors of and contributors to that document. The link relation registrations themselves are sourced from several documents; see the applicable references. The author would like to thank the many people who commented upon, encouraged and gave feedback to this draft, especially including Frank Ellermann and Julian Reschke. Appendix D. Document history -02 o Dropped XLink language. o Removed 'made' example. o Removed 'rev'. Can still be used as an extension. o Added HTML reference to introduction. o Required relationship values that have a ; or , to be quoted. o Changed base URI for relation values. Nottingham Expires January 4, 2009 [Page 11]
Internet-Draft HTTP Header Linking July 2008 o Noted registry location. o Added advisory text about HTML profile URIs. o Disallowed registration of relations that only differ in case. o Clarified language about IRIs in Atom. o Added descriptions for 'first', 'last', and 'payment', referring to current IANA registry entries, as these were sourced from e-mail. Will this cause self-referential implosion? o Explicitly updates RFC4287. o Added 'type' parameter. o Removed unnecessary advice about non-HTML relations in HTML section. -01 o Changed syntax of link-relation to one or more URI; dropped Profile. o Dropped anchor parameter; can still be an extension. o Removed Link-Template header; can be specified by templates spec or elsewhere. o Straw-man for link relation registry. -00 o Initial draft; normative text lifted from RFC2068. Author's Address Mark Nottingham Email: mnot@mnot.net URI: http://www.mnot.net/ Nottingham Expires January 4, 2009 [Page 12]
Internet-Draft HTTP Header Linking July 2008 Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Nottingham Expires January 4, 2009 [Page 13]