URI Design and Ownership
RFC 7320
| Document | Type |
RFC - Best Current Practice
(July 2014; Errata)
Updates RFC 3986
Also known as BCP 190
|
|
|---|---|---|---|
| Last updated | 2015-10-14 | ||
| Replaces | draft-nottingham-uri-get-off-my-lawn | ||
| Stream | IETF | ||
| Formats | plain text pdf html bibtex | ||
| Reviews | |||
| Stream | WG state | Submitted to IESG for Publication (wg milestone: Feb 2014 - Publication requeste... ) | |
| Document shepherd | Martin Thomson | ||
| Shepherd write-up | Show (last changed 2014-04-07) | ||
| IESG | IESG state | RFC 7320 (Best Current Practice) | |
| Consensus Boilerplate | Yes | ||
| Telechat date | |||
| Responsible AD | Barry Leiba | ||
| Send notices to | (None) | ||
| IANA | IANA review state | Version Changed - Review Needed | |
| IANA action state | No IANA Actions | ||
Internet Engineering Task Force (IETF) M. Nottingham
Request for Comments: 7320
BCP: 190 July 2014
Updates: 3986
Category: Best Current Practice
ISSN: 2070-1721
URI Design and Ownership
Abstract
Section 1.1.1 of RFC 3986 defines URI syntax as "a federated and
extensible naming system wherein each scheme's specification may
further restrict the syntax and semantics of identifiers using that
scheme." In other words, the structure of a URI is defined by its
scheme. While it is common for schemes to further delegate their
substructure to the URI's owner, publishing independent standards
that mandate particular forms of URI substructure is inappropriate,
because that essentially usurps ownership. This document further
describes this problematic practice and provides some acceptable
alternatives for use in standards.
Status of This Memo
This memo documents an Internet Best Current Practice.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
BCPs is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7320.
Nottingham Best Current Practice [Page 1]
RFC 7320 URI Design Ownership July 2014
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Intended Audience . . . . . . . . . . . . . . . . . . . . 4
1.2. Notational Conventions . . . . . . . . . . . . . . . . . 4
2. Best Current Practices for Standardizing Structured URIs . . 4
2.1. URI Schemes . . . . . . . . . . . . . . . . . . . . . . . 5
2.2. URI Authorities . . . . . . . . . . . . . . . . . . . . . 5
2.3. URI Paths . . . . . . . . . . . . . . . . . . . . . . . . 5
2.4. URI Queries . . . . . . . . . . . . . . . . . . . . . . . 6
2.5. URI Fragment Identifiers . . . . . . . . . . . . . . . . 6
3. Alternatives to Specifying Structure in URIs . . . . . . . . 7
4. Security Considerations . . . . . . . . . . . . . . . . . . . 7
5. References . . . . . . . . . . . . . . . . . . . . . . . . . 8
5.1. Normative References . . . . . . . . . . . . . . . . . . 8
5.2. Informative References . . . . . . . . . . . . . . . . . 8
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . 9
1. Introduction
URIs [RFC3986] very often include structured application data. This
might include artifacts from filesystems (often occurring in the path
component) and user information (often in the query component). In
some cases, there can even be application-specific data in the
authority component (e.g., some applications are spread across
several hostnames to enable a form of partitioning or dispatch).
Furthermore, constraints upon the structure of URIs can be imposed by
an implementation; for example, many Web servers use the filename
extension of the last path segment to determine the media type of the
response. Likewise, prepackaged applications often have highly
structured URIs that can only be changed in limited ways (often, just
the hostname and port on which they are deployed).
Nottingham Best Current Practice [Page 2]
RFC 7320 URI Design Ownership July 2014
Because the owner of the URI (as defined in [webarch]
Section 2.2.2.1) is choosing to use the server or the application,
this can be seen as reasonable delegation of authority. However,
when such conventions are mandated by a party other than the owner,
it can have several potentially detrimental effects:
o Collisions - As more ad hoc conventions for URI structure become
standardized, it becomes more likely that there will be collisions
between them (especially considering that servers, applications,
Show full document text