IETF URNbis WG A. Hoenes
Internet-Draft TR-Sys
Obsoletes: 3406 (if approved) October 31, 2011
Intended status: BCP
Expires: May 3, 2012
Uniform Resource Name (URN) Namespace Definition Mechanisms
draft-ietf-urnbis-rfc3406bis-urn-ns-reg-01
Abstract
Uniform Resource Names (URNs) are intended to serve as persistent,
location-independent, resource identifiers. To structure and
organize their usage, the URN syntax specifies a hierarchy that
divides the set of possible URNs into "URN Namespaces" that can be
individually defined and managed. URN Namespaces in particular serve
to map existing identifier systems into the URN system and thereby
make available generic, network-based resolution services for the
identified documents, artifacts, and other objects (and their
metadata).
To actually leverage such synergetic advantage, URN Namespaces need
to be specified in a comparable manner, and their Namespace
Identifiers (NIDs) need to be registered with IANA, so that naming
conflicts are avoided and implementers of services can follow a
structured approach in support of various namespaces, guided by the
registry to the related documents and the particularities of specific
namespaces, as described in these namespace registration documents.
This document serves as a guideline for authors of URN Namespace
definition and registration documents. It describes the essential
content of such documents and how they shall be structured to allow
readers familar with the scheme to quickly assess the properties of a
specific URN Namespace. Further, this RFC describes the process to
be followed to get a URN Namespace registered with IANA.
This document is a companion document to the revised URN Syntax
specification, RFC 2141bis; it supersedes and replaces RFC 3406.
Discussion
Discussion of this memo utilizes the urn@ietf.org mailing list.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Hoenes Expires May 3, 2012 [Page 1]
Internet-Draft URN Namespace Definition Mechanisms October 2011
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 3, 2012.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Hoenes Expires May 3, 2012 [Page 2]
Internet-Draft URN Namespace Definition Mechanisms October 2011
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1. Requirement Language . . . . . . . . . . . . . . . . . . . 5
2. What is a URN Namespace? . . . . . . . . . . . . . . . . . . . 5
3. URN Namespace (Registration) Types . . . . . . . . . . . . . . 6
3.1. Experimental Namespaces . . . . . . . . . . . . . . . . . 6
3.2. Informal Namespaces . . . . . . . . . . . . . . . . . . . 6
3.3. Formal Namespaces . . . . . . . . . . . . . . . . . . . . 7
4. URN Namespace Registry: Processes for Registration and
Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4.1. Experimental Namespaces: No Registration . . . . . . . . . 9
4.2. Informal Namespaces . . . . . . . . . . . . . . . . . . . 9
4.3. Formal Namespaces . . . . . . . . . . . . . . . . . . . . 10
4.4. Registration Documents . . . . . . . . . . . . . . . . . . 11
4.4.1. Namespace Considerations in Registration Documents . . 11
4.4.2. Community Considerations in Registration Documents . . 12
4.4.3. Security Considerations in Registration Documents . . 12
4.4.4. IANA Considerations in Registration Documents . . . . 13
5. Security Considerations . . . . . . . . . . . . . . . . . . . 14
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15
8.1. Normative References . . . . . . . . . . . . . . . . . . . 15
8.2. Informative References . . . . . . . . . . . . . . . . . . 15
Appendix A. URN Namespace Definition Template . . . . . . . . . . 16
Appendix B. Illustration . . . . . . . . . . . . . . . . . . . . 22
B.1. Example Template . . . . . . . . . . . . . . . . . . . . . 22
B.2. Registration steps in practice . . . . . . . . . . . . . . 24
Appendix C. Changes from RFC 3406 . . . . . . . . . . . . . . . . 25
C.1. Essential Changes since RFC 3406 . . . . . . . . . . . . . 25
C.2. Changes from RFC 3406 to URNbis WG Draft -00 . . . . . . . 25
Appendix D. Open Issues . . . . . . . . . . . . . . . . . . . . . 28
Hoenes Expires May 3, 2012 [Page 3]
Internet-Draft URN Namespace Definition Mechanisms October 2011
1. Introduction
Uniform Resource Names (URNs) are resource identifiers with the
specific requirements for enabling location-independent
identification of a resource, as well as longevity of reference.
URNs are part of the larger Uniform Resource Identifier (URI) family
(see the joint W3C/IETF memorandum, RFC 3305 [RFC3305], and the IETF
STD 66, RFC 3986 [RFC3986]) with the specific goal of providing
persistent naming of resources.
There are two assumptions that are key to this document:
Assumption #1: Assignment of a URN is a managed process.
I.e., not all strings that conform to URN syntax are necessarily
valid URNs. A URN is assigned according to the rules of a
particular namespace (in terms of syntax, semantics, and process).
Assumption #2: The space of URN Namespaces is managed.
I.e., not all syntactically correct URN Namespaces (per the URN
syntax definition) are valid URN Namespaces. A URN Namespace must
have a recognized definition in order to be valid.
The purpose of this document is to outline a mechanism and provide a
template for explicit namespace definition, as well as provide the
mechanism for associating an identifier (called a "Namespace ID", or
NID), which is registered with the Internet Assigned Numbers
Authority (IANA) [IANA] in the URN Namespaces registry maintained at
[IANA-URN].
The URN Namespace definition and registration mechanisms originally
have been specified in RFC 2611 [RFC2611], which has been obsoleted
by BCP 66, RFC 3406 [RFC3406]. Guidelines for documents prescribing
IANA procedures have been revised as well over the years, and at the
time of this writing, BCP 26, RFC 5226 [RFC5226] is the normative
document. This document is a revision of RFC 3406 based on the
revised URN Syntax specification RFC 2141bis
[I-D.ietf-urnbis-rfc2141bis-urn] and RFC 5226.
The reader is referred to Section 1.1 of RFC 2141bis
[I-D.ietf-urnbis-rfc2141bis-urn] for a more detailed synopsis of the
history of documents fundamental for URNs.
Note that this document restricts itself to the description of
processes for the creation of URN Namespaces. If generic
"resolution" of any so-created URN identifiers is desired, a separate
process of registration in a global NID directory, such as that
Hoenes Expires May 3, 2012 [Page 4]
Internet-Draft URN Namespace Definition Mechanisms October 2011
provided by the DDDS system [RFC3401], is necessary. See [RFC3405]
for information on obtaining registration in the DDDS global NID
directory.
1.1. Requirement Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
In this document, these key words describe requirements for the
process to be followed and the content to be provided in namespace
definition documents and registration templates.
For the purpose of this document, its subject is spelled "URN
Namespace" (in headline case), whereas in other context, "namespace"
is spelled in lowercase, e.g. to designate a (standard or non-
standard) identifier system on which a URN Namespace is based.
2. What is a URN Namespace?
For the purposes of URNs, a "namespace" is a collection of uniquely-
assigned identifiers. That is, the identifiers are not ever assigned
to more than 1 resource, nor are they ever re-assigned to a different
resource. A single resource, however, may have more than one URN
assigned to it for different purposes. Such namespace might be
defined by some pre-established (standard or non-standard) identifier
system that can be made "network-actionable" by embedding it into the
URN framework using a specific URN Namespace. A URN Namespace itself
has an identifier in order to:
- ensure global uniqueness of URNs,
- (where desired) provide a cue for the structure of the identifier.
For example, many identifier systems use strings of numbers as
identifiers (e.g., ISBN, ISSN, phone numbers). It is conceivable
that there might be some numbers that are valid identifiers in two
different established identifier systems. Using different
designators for the two collections ensures that no two URNs will be
the same for different resources (since each collection is required
to uniquely assign each identifier).
The development of an identifier structure, and thereby a collection
of identifiers, is a process that is inherently dependent on the
requirements of the community defining the identifier, how they will
be assigned, and the uses to which they will be put. All of these
issues are specific to the individual community seeking to define a
namespace (e.g., publishing community, association of booksellers,
Hoenes Expires May 3, 2012 [Page 5]
Internet-Draft URN Namespace Definition Mechanisms October 2011
protocol developers, etc.); they are beyond the scope of the IETF URN
work.
This document outlines the processes by which a collection of
identifiers satisfying certain constraints (uniqueness of assignment,
etc.) can become a bona fide URN Namespace by obtaining a NID. In a
nutshell, a template for the definition of the namespace is completed
for deposit with IANA, and a NID is assigned. The details of the
process and possibilities for NID strings are outlined below.
3. URN Namespace (Registration) Types
There are three categories of URN Namespaces defined here,
distinguished by expected level of service and required procedures
for registration. Registration processes for each of these namespace
types are given in Section 4.
3.1. Experimental Namespaces
These are not explicitly registered with IANA.
No provision is made for avoiding collision of experimental NIDs;
they are intended for use within internal or limited experimental
contexts. However, as described below in Section 4.1, these are
designated by a specific form of the NID to allow differentiation
(without preexisting knowledge of details) from the other URN
Namespace types.
[[ Editorial Note:
Has anybody ever seen usage of such experimental URN Namespaces?
According to the observations of the author, three years of RFC 2611
and nine years of RFC 3406 have constantly seen "tentative grabbing"
and subsequent usage of NIDs that the stakeholders later have tried
to register with IANA as Formal NIDs (with varying success).
So should this kind of namespaces better be dropped and a kind of
provisional NIDs be created? -- This would be in the spirit of BCP
100, RFC 4020 [RFC4020], and it would resemble the manner how URI
Scheme registrations are dealt with (RFC 4395 [RFC4395], [IANA-URI]).
]]
3.2. Informal Namespaces
These are fully fledged URN Namespaces, with all the rights and
requirements associated thereto. Informal namespaces can be
registered in global registration services. They are required to
uphold the general principles of a well-managed URN Namespace --
providing persistent identification of resources and unique
assignment of identifier strings. Informal and formal namespaces
Hoenes Expires May 3, 2012 [Page 6]
Internet-Draft URN Namespace Definition Mechanisms October 2011
(described below) differ in the NID assignment. IANA will assign an
alphanumeric NID (following a defined pattern) to registered informal
namespaces, per the process outlined in Section 4.
3.3. Formal Namespaces
A formal namespace may be requested, and IETF review sought, in cases
where the publication of the NID proposal and the underlying
namespace will provide benefit to some subset of users on the
Internet. That is, a formal NID proposal, if accepted, must be
functional on and with the global Internet, not limited to users in
communities or networks not connected to the Internet. For example,
assume a NID is requested that is meant for naming of physics
research. If that NID request required that the user use a
proprietary network or service that was not at all open to the
general Internet user, then it would make a poor request for a formal
NID. The intent is that, while the community of those who may
actively use the names assigned within that NID may be small (but no
less important), the potential use of names within that NID is open
to any user on the Internet.
It is expected that Formal NIDs may be applied to namespaces where
some aspects are not fully open. For example, a namespace may make
use of a fee-based, privately managed, or proprietary registry for
assignment of URNs in the namespace, but it may still provide benefit
to some Internet users if the services associated have openly-
published access protocols.
In addition to the basic registration information defined in the
registration template (in Appendix A), a formal namespace request
must be accompanied by documented considerations of the need for a
new namespace and of the community benefit from formally establishing
the proposed URN Namespace.
Additionally, since the goal of URNs is to provide persistent
identification, some consideration as to the longevity and
maintainability of the namespace must be given. The collective
experience of the IETF community contains a wealth of information on
technical factors that will prevent longevity of identification.
Thus, the IESG may elect not to accept a proposed namespace
registration if the IETF community consensus is that the registration
document contains technical flaws that will prevent (or seriously
impair the possibility of) persistent identification, and that it
therefore should not be published as an RFC.
In addition to the technical aspects of the namespace and its
resolution, consideration should be given to the following
organizatorial aspects:
Hoenes Expires May 3, 2012 [Page 7]
Internet-Draft URN Namespace Definition Mechanisms October 2011
- the organization maintaining the URN Namespace should demonstrate
stability and the ability to maintain the URN namespace for a long
time, and/or it should be clear how the namespace can continue to
be usable/useful if the organization ceases to be able to foster
it;
- it should demonstrate ability and competency in name assignment;
this should improve the likelihood of persistence (e.g., to
minimize the likelihood of conflicts);
- it needs to commit to not re-assigning existing names and allowing
old names to continue to be valid, even if the owners or assignees
of those names are no longer members or customers of that
organization; this does not mean that there must be resolution of
such names, but that they must not resolve the name to false or
stale information, and that they must not be reassigned.
These aspects, though hard to quantify objectively, should be
considered by organizations/people considering the development of a
Formal URN Namespace, and they will be kept in mind when evaluating
the technical merits of any proposed Formal URN Namespace. The kind
of mandate upon which the organization aims to undertake this
activity might give a strong indication for this evaluation, because
it likely mirrors the trust that other parties (e.g. states,
international treaty organizations, professionals' associations,
etc.) put on the organization.
4. URN Namespace Registry: Processes for Registration and Update
Different levels of disclosure are expected/defined for namespaces.
According to the level of open-forum discussion surrounding the
disclosure, a URN Namespace may be assigned an identifier or may
request a particular identifier.
The IANA Considerations Guidelines document (BCP 26, RFC 5226
[RFC5226]) suggests the need to specify update mechanisms for
registrations -- who is given the authority to do so, from time to
time, and what are the processes. Since URNs are meant to be
persistently useful, few (if any) changes should be made to the
structural interpretation of URN strings (e.g., adding or removing
rules for lexical equivalence that might affect the interpretation of
URN IDs already assigned). However, it may be important to introduce
clarifications, expand the list of authorized URN assigners, etc.,
over the natural course of a namespace's lifetime. Specific
processes are outlined below.
The official list of registered URN Namespaces is currently
maintained by IANA at
.
Hoenes Expires May 3, 2012 [Page 8]
Internet-Draft URN Namespace Definition Mechanisms October 2011
The registraty is subdivided into two sub-registries, one for "Formal
URN Namespaces" and one for "Informal URN Namespaces", and each entry
there links to a stable repository of the registration document or
(an escrow copy of) the filled-out registration template.
The registration and maintenance procedures vary slightly between the
namespace types.
4.1. Experimental Namespaces: No Registration
The NIDs of Experimental Namespaces (Section 3.1) are not explicitly
registered with IANA. They take the form:
X-
where is a string consisting solely of letters, decimal digits,
and hyphen ("-") characters, as specified by the NID syntax
specification in Section 2.1 of RFC 2141bis
[I-D.ietf-urnbis-rfc2141bis-urn].
No provision is made for avoiding collision of experimental NIDs;
they are intended for use within internal or limited experimental
contexts exclusively.
As there is no registration, no registration/maintenance procedures
are needed.
Usage of Experimental URN Namespaces MUST be short-lived and whithin
a private scope; it MUST NOT be disclosed to the Internet at large,
e.g. by distribution of software versions that make use of such.
4.2. Informal Namespaces
The NIDs of Informal Namespaces are synthesized by the IANA using an
assigned sequence number and registered in their own sub-registry, as
indicated in Section 4; they take the format:
urn-
where is the decimal representation of a natural number,
with no leading zeroes. This sequence number is assigned by the IANA
on a First-Come-First-Served [RFC5226] basis to registration requests
for informal namespaces.
Registrants should send a copy of the registration template (as shown
in Appendix A), duly completed, to the urn-nid@ietf.org mailing list
for review and allow for a two-week discussion period for clarifying
the expression of the registration information and suggestions for
Hoenes Expires May 3, 2012 [Page 9]
Internet-Draft URN Namespace Definition Mechanisms October 2011
technical improvements to the namespace proposal.
[[ NOTE: Longer time is needed in practice! Increase to 4 weeks? ]]
After suggestions for clarification of the registration information
have been incorporated, the template may be submitted for assignment
of a NID by email to iana@iana.org .
Registrations may be updated later by the original registrant, or by
an entity designated by the registrant, by updating the registration
template, submitting it to the discussion list for a further two-week
discussion period, and finally resubmitting it to IANA in a message
to iana@iana.org .
4.3. Formal Namespaces
Formal NIDs are assigned via IETF Review, as defined in BCP 26
[RFC5226]. The designated expert(s) for URN Namespace registrations
are nominated by the IESG, and their role adheres to the regulations
in BCP 26, unless specified otherwise below.
NIDs for Formal URN Namespaces MUST NOT have the forms indicated in
the preceding two sections for the other two Namespace types. (The
detailed formal rules are given below in Section 4.4.4.) Applicants,
in concert with the IANA experts, should ensure that the sought NID
strings are "proper" for the designated purpose, according to common
sense (and applicable legal rules).
This means that the Formal NID application is made via submission to
the IETF of an Internet-Draft that contains the namespace definition
and targets publication as an RFC of Informational or Standards Track
category, which needs to be approved by the IESG after performing an
IETF Last Call on the document and evaluating review comments. The
applicant can be an individual or an IETF working group, in alignment
with the designation of the Internet-Draft. It is RECOMMENDED that
the registration documents for NIDs belonging to an established
standard namespace aim at Standards Track, whereas other applications
aim at Informational.
Before publication can be requested, however, the draft namespace
specification document must undergo an Expert Review process
[RFC5226] pursuant to the guidelines written here (as well as
standard RFC publication guidelines). The template defined in
Appendix A SHOULD be included as part of an RFC-to-be defining some
other aspect(s) of the namespace, or it may be put forward as a
namespace definition document in its own right. The proposed
template (including a pointer to a readily available copy of the
registration document) should be sent to the urn-nid@ietf.org mailing
list for review. This list is monitored by the designated expert(s).
Hoenes Expires May 3, 2012 [Page 10]
Internet-Draft URN Namespace Definition Mechanisms October 2011
The applicant has to allow for a two-week [[ four-week ? ]]
discussion period for clarifying the expression of the registration
information, and SHOULD improve the namespace document and/or
registration template based on the comments received, under the
guidance of the designated expert(s), before the IESG reviews the
document.
Working groups generally SHOULD seek early expert review for a
namespace definition document, before they hand it over to the IESG,
and individual applicants are also advised to seek expert comments
early enough. The aforementioned list can be contacted for informal
advice at any stage.
4.4. Registration Documents
The following subsections describe essential, MANDATORY parts of URN
Namespace registration documents, which will be focal in the expert
Review process and IETF Review.
4.4.1. Namespace Considerations in Registration Documents
The namespace definition document MUST include a "Namespace
Considerations" section that outlines the perceived need for a new
namespace (i.e., where existing namespaces fall short of the
proposer's requirements).
Considerations MUST include, directly or with the help of referenced
stable (and preferably readily available) documents:
- URN assignment procedures;
- URN resolution/delegation;
- type of resources to be identified;
- type of services to be supported.
NOTE: It is expected that more than one namespace may serve the same
"functional" purpose; the intent of the "Namespace Considerations"
section is to provide a record of the proposer's "due diligence" in
exploring existing possibilities, for the IESG's consideration.
[[ Editorial Note: See the endnote of the next section!
In particular, the above list (from RFC 3406) seems to be rather
orthogonal to the primary purpose of such section (as indicated in
the first paragraph), namely to provide evidence for the perceived
need for the new namespace.
]]
Hoenes Expires May 3, 2012 [Page 11]
Internet-Draft URN Namespace Definition Mechanisms October 2011
4.4.2. Community Considerations in Registration Documents
The namespace definition document MUST also include a "Community
Considerations" section that indicates the dimensions upon which the
proposer expects its community to be able to benefit by publication
of this namespace, as well as how a general Internet user will be
able to use the space if they care to do so.
Potential considerations include:
- open assignment and use of identifiers within the namespace;
- open operation of resolution servers for the namespace
(server);
- creation of software that can meaningfully resolve and access
services for the namespace (client).
[[ Editorial Note:
It is acknowledged that, in many cases, the Namespace Considerations
and Community Considerations are closely intertwined. Further, the
bulleted lists above (from RFC 3406) seems to be more related to the
items in the registration template entitled "Identifier uniqueness
considerations", "Identifier persistence considerations", "Process of
identifier assignment", and "Process for identifier resolution" than
to the primary objectives presented in the first paragraph above
(also from RFC 3406).
In fact, namespace registration documents seen so far duplicate in
the registration template material from the "Community
Considerations" that addresses the above bullets.
Therefore: Should this specification now allow a combined section
"Namespace and Community Considerations" that focuses on the
(non-)utility of possible alternate namespace re-use and the
*benefits* of an independent new namespace?
]]
4.4.3. Security Considerations in Registration Documents
According to the general procurements for RFCs, URN Namespace
definition documents must include a "Security Considerations" section
(cf. BCP 72 [RFC3552]). That section has to identify the security
considerations specific to the subject URN Namespace. If the subject
URN Namespace is based on an underlying namespace, the registration
can include substantive security considerations described in
specifications related to that particular namespace by reference to
these documents. For general security considerations regarding URN
usage (and more generally, URI usage), for the sake of clarity and
brevity, it should refer to the Security Considerations in STD 63
Hoenes Expires May 3, 2012 [Page 12]
Internet-Draft URN Namespace Definition Mechanisms October 2011
[RFC3986] and in the URN Syntax document
[I-D.ietf-urnbis-rfc2141bis-urn].
4.4.4. IANA Considerations in Registration Documents
According to the general procurements for RFCs, URN Namespace
definitions documents must include an "IANA Considerations" section
(cf. BCP 26 [RFC5226]). That section has to indicate that the
document includes a URN Namespace registration that is to be entered
into the IANA registry of Formal URN Namespaces.
Registration documents for formal URN Namespaces will provide a
particular, unique, desired NID string, and this will be assigned by
the Standards/Protocol Action of the IESG that approves the
publication of the registration document as an RFC. RFC 2141bis
[I-D.ietf-urnbis-rfc2141bis-urn] specifies that NID strings are ASCII
strings that are interpreted in a case-insensitive manner, but the
NID string SHALL be registered in the capitalization form preferred
by the registrant. The proposed NID string MUST conform with the
syntax rule in Section 2.1 of RFC 2141bis
[I-D.ietf-urnbis-rfc2141bis-urn] and it MUST adhere to the following
additional constraints:
- not be an already-registered NID;
- not start with "X-" (see Section 4.1 above);
- not start with "urn-" (see Section 4.2 above);
- not start with "xy-", where xy is any combination of 2 ASCII
letters (see NOTE below);
- be more than 2 characters long.
NOTE: All two-letter combinations as well as two-letter combinations
followed by "-" and any sequence of valid NID characters are reserved
for potential use as countrycode-based NIDs for eventual national
registrations of URN Namespaces. The definition and scoping of rules
for allocation of responsibility for such namespaces is beyond the
scope of this document.
Further, to avoid confusion, "urn" is not allowed as an NID string;
IANA has permanently reserved this string to prohibit assignment.
Registrations may be revised by updating the RFC through standard
IETF RFC update processes. In any case, a revised document, in the
form of a new Internet-Draft, must be published, and the proposed
updated template must be circulated on the urn-nid discussion list,
allowing for a two-week [[ four-week ? ]] review period before
pursuing RFC publication of the new document.
Hoenes Expires May 3, 2012 [Page 13]
Internet-Draft URN Namespace Definition Mechanisms October 2011
5. Security Considerations
This document largely focuses on providing mechanisms for the
declaration of public information. Nominally, these declarations
should be of relatively low security profile, however there is always
the danger of "spoofing" and providing mis-information. Information
in these declarations should be taken as advisory.
6. IANA Considerations
This document outlines the processes for registering URN Namespaces,
and has implications for the IANA in terms of registries to be
maintained, as previously defined in RFC 3406 [RFC3406]. This
document replaces RFC 3406; it contains a revised description for the
management of the "Uniform Resource Names (URN) Namespaces" IANA
Registry that uses the policy designation terms from BCP 26, RFC 5226
[RFC5226], but does not introduce significant changes to the
applicable procedures.
All references there to the predecessor, [RFC3406], should be
replaced by references to this document.
We would appreciate a reorganization of the Registry web page to make
the registration templates for Informal URN Namespaces directly
linked from the main page; this would make the page /assignments/
urn-informal.htm page dispensable (for persistency's sake, the web
server should redirect requests to the /assignments/urn-namespaces
page.
Section 4.4.4 above describes the syntax rules for NIDs to which the
registry needs to obey. As pointed out in Section 4.4.4 above and in
RFC 2141bis [I-D.ietf-urnbis-rfc2141bis-urn], the string "urn" is
permanently reserved and MUST NOT be assigned as an NID.
In all cases of new namespace registration proposals, the IANA should
provisionally assign the appropriate NID (informal or formal), as
described throughout the body of this memo, once an IESG-designated
expert has confirmed that the requisite registration process steps
have been completed. These registrations become permanent and can be
made publicly available once the registration document has been
approved by the IESG for publications as a Standards Track or
Informational RFC.
Hoenes Expires May 3, 2012 [Page 14]
Internet-Draft URN Namespace Definition Mechanisms October 2011
7. Acknowledgements
This document is heavily based on RFC 3406, the authors of which are
cordially acknowledged.
This document also been inspired by other recent documents that have
updated important IANA registries, and the countless authors and
contributors to these efforts are acknowledged anonymously.
Several individuals in the URNbis working group have participated in
the detailed discussion of this memo. Particular thanks for detailed
review comments and text suggestions go to Juha Hakala and Mykyta
Yevstifeyev.
8. References
8.1. Normative References
[I-D.ietf-urnbis-rfc2141bis-urn]
Hoenes, A., "Uniform Resource Name (URN) Syntax",
draft-ietf-urnbis-rfc2141bis-urn-01 (work in progress),
October 2011.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3339] Klyne, G., Ed. and C. Newman, "Date and Time on the
Internet: Timestamps", RFC 3339, July 2002.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, January 2005.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008.
8.2. Informative References
[IANA] IANA, "The Internet Assigned Numbers Authority",
.
[IANA-URI] IANA, "URI Schemes Registry",
.
[IANA-URN] IANA, "Uniform Resource Names (URN) Namespace Registry",
.
Hoenes Expires May 3, 2012 [Page 15]
Internet-Draft URN Namespace Definition Mechanisms October 2011
[RFC2276] Sollins, K., "Architectural Principles of Uniform Resource
Name Resolution", RFC 2276, January 1998.
[RFC2611] Daigle, L., van Gulik, D., Iannella, R., and P. Faltstrom,
"URN Namespace Definition Mechanisms", BCP 33, RFC 2611,
June 1999.
[RFC3305] Mealling, M. and R. Denenberg, "Report from the Joint W3C/
IETF URI Planning Interest Group: Uniform Resource
Identifiers (URIs), URLs, and Uniform Resource Names
(URNs): Clarifications and Recommendations", RFC 3305,
August 2002.
[RFC3401] Mealling, M., "Dynamic Delegation Discovery System (DDDS)
Part One: The Comprehensive DDDS", RFC 3401, October 2002.
[RFC3405] Mealling, M., "Dynamic Delegation Discovery System (DDDS)
Part Five: URI.ARPA Assignment Procedures", BCP 65,
RFC 3405, October 2002.
[RFC3406] Daigle, L., van Gulik, D., Iannella, R., and P. Faltstrom,
"Uniform Resource Names (URN) Namespace Definition
Mechanisms", BCP 66, RFC 3406, October 2002.
[RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC
Text on Security Considerations", BCP 72, RFC 3552,
July 2003.
[RFC4020] Kompella, K. and A. Zinin, "Early IANA Allocation of
Standards Track Code Points", BCP 100, RFC 4020,
February 2005.
[RFC4395] Hansen, T., Hardie, T., and L. Masinter, "Guidelines and
Registration Procedures for New URI Schemes", BCP 35,
RFC 4395, February 2006.
[RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", STD 68, RFC 5234, January 2008.
Appendix A. URN Namespace Definition Template
Definition of a URN Namespace is accomplished by completing the
following information template.
Apart from providing a mechanism for disclosing the structure of the
URN Namespace, this information is designed to be useful for
Hoenes Expires May 3, 2012 [Page 16]
Internet-Draft URN Namespace Definition Mechanisms October 2011
- entities seeking to have a URN assigned in a namespace (if
applicable) and
- entities seeking to provide URN resolvers for a namespace (if
applicable).
This is particularly important for communities evaluating the
possibility of using a portion of an existing URN Namespace rather
than creating their own.
Applications for Formal URN Namespaces must also document "Namespace
Considerations", "Community Considerations", "Security
Considerations", and "IANA Considerations", as described in
Section 4.4.
Information in the template is as follows (text in curly braces is
tutorial and should be removed from filled-in templates):
Namespace ID:
{ If request is for an Informal NID, indicate so; the number will
be assigned by IANA. In the case of a Formal NID registration,
regularly a particular NID string will be requested. }
Registration Information:
{ This is information to identify the particular version of
registration information: }
- version number:
{ starting with 1, incrementing by 1 with each new version }
- date:
{ date submitted to the IANA or date of approval of
registration document, using the format outlined in "Date and
Time on the Internet: Timestamps", [RFC3339]: YYYY-MM-DD }
Declared registrant of the namespace:
- Registering organization:
Name: { ... }
Address: { ... }
- Designated contact person:
Name: { ... }
{ Address: ...
(at least one of: Email, Phone, Postal address) }
Hoenes Expires May 3, 2012 [Page 17]
Internet-Draft URN Namespace Definition Mechanisms October 2011
Declaration of syntactic structure of NSS part:
[[ Editorial Note: In the past, there has been iterated trouble in
tentative registration documents with confusion between entire URN
syntax and NSS syntax (only). Since the "urn:" prefix is fixed
and the NID is fully determined by the "Namespace ID" clause
above, in order to avoid error prone duplication, this version of
the template tentatively restricts this clause to the NSS
(namespace specific string) part of the new URNs. ]]
{
This section should outline any structural features of identifiers
in this namespace. At the very least, this description may be
used to introduce terminology used in other sections. This
structure may also be used for determining realistic caching/
shortcuts approaches; suitable caveats should be provided. If
there are any specific character encoding rules (e.g., which
character should always be used for single-quotes), these should
be listed here.
Answers might include, but are not limited to:
- the structure is opaque (no exposition);
- a regular expression for parsing the identifier into
components, including naming authorities;
- formal syntax of the NSS, preferably in ABNF (STD 68
[RFC5234]).
}
Relevant ancillary documentation:
{
This section should list any RFCs, standards, or other published
documentation that defines or explains all or part of the
namespace structure.
Answers might include, but are not limited to:
- RFCs that outline the syntax of the namespace;
- other documents of the defining community (e.g., ISO) that
outline the syntax of the identifiers in the namespace;
- explanatory material that introduces the namespace.
}
Conformance with URN Syntax:
[[ Editorial Note: This clause moved into vicinity of "syntax". ]]
{
This section should outline any special considerations required
Hoenes Expires May 3, 2012 [Page 18]
Internet-Draft URN Namespace Definition Mechanisms October 2011
for conforming with the URN syntax. This is particularly
applicable in the case of legacy naming systems that are used in
the context of URNs.
For example, if a namespace is used in contexts other than URNs,
it may make use of characters that are reserved in the URN syntax.
This section should flag any such characters, and outline
necessary mappings to conform to URN syntax. Normally, this will
be handled by percent-encoding the symbol.
}
Rules for Lexical Equivalence of NSS part:
[[ Editorial Note: This clause moved into vicinity of "syntax". ]]
[[ Editorial Note: In the past, there has been iterated trouble in
tentative registration documents with regard to what rules can be
imposed for lexical equivalence. Since the "urn:" prefix and the
NID part both are invariably case-insensitive per RFC 3986 and RFC
2141[bis], in order to avoid repeated confusion, this version of
the template tentatively restricts this clause to only the NSS
part of the new URN Namespace definition documents. ]]
{
If there are particular algorithms for determining equivalence
between two identifiers in the underlying namespace (and hence, in
the URN string itself), rules can be provided here.
Some examples include:
- equivalence between hyphenated and non-hyphenated groupings in
the identifier string;
- equivalence between single-quotes and double-quotes;
- namespace-defined equivalences between specific characters,
such as "character X with or without diacritic marks".
Note that these are not normative statements for any kind of best
practice for handling equivalences between characters; they are
statements limited to reflecting the namespace's own rules.
}
Identifier uniqueness considerations:
{
This section should address the requirement that URN identifiers
be assigned uniquely -- they are assigned to at most one resource,
and are not reassigned.
Hoenes Expires May 3, 2012 [Page 19]
Internet-Draft URN Namespace Definition Mechanisms October 2011
(Note that the definition of "resource" is fairly broad; for
example, information on "Today's Weather" might be considered a
single resource, although the content is dynamic.)
Possible answers include, but are not limited to:
- exposition of the structure of the identifiers, and
partitioning of the space of identifiers amongst assignment
authorities that are individually responsible for respecting
uniqueness rules;
- identifiers are assigned sequentially;
- information is withheld; that is, the namespace is opaque.
}
Identifier persistence considerations:
{
Although non-reassignment of URN identifiers ensures that a URN
will persist in identifying a particular resource even after the
"lifetime of the resource", some consideration should be given to
the persistence of the usability of the URN. This is particularly
important in the case of URN Namespaces providing global
resolution.
Possible answers include, but are not limited to:
- quality of service considerations.
}
Process of identifier assignment:
{
This section should detail the mechanisms and/or authorities for
assigning URNs to resources. It should make clear whether
assignment is completely open, or if limited, how to become an
assigner of identifiers, and/or get one assigned by existing
assignment authorities.
Answers could include, but are not limited to:
- assignment is completely open, following a particular
algorithm;
- assignment is delegated to authorities recognized by a
particular organization (e.g., the Digital Object Identifier
Foundation controls the DOI assignment space and its
delegation);
- assignment is completely closed (e.g., for a private
organization).
}
Hoenes Expires May 3, 2012 [Page 20]
Internet-Draft URN Namespace Definition Mechanisms October 2011
Process for identifier resolution:
{
If a namespace is intended to be accessible for global resolution,
it must be registered in an RDS (Resolution Discovery System, see
RFC 2276 [RFC2276]) such as the DDDS (see RFC 3401 [RFC3401]).
Resolution then proceeds according to standard URI resolution
processes, and the mechanisms of the RDS. What this section
should outline is the requirements for becoming a recognized
resolver of URNs in this namespace (and being so listed in the RDS
registry).
Answers may include, but are not limited to:
- the namespace is not listed with an RDS, this is not relevant;
- resolution mirroring is completely open, with a mechanism for
updating an appropriate RDS;
- resolution is controlled by entities to which assignment has
been delegated.
}
Validation mechanism:
{
Apart from attempting resolution of a URN, a URN Namespace may
provide mechanisms for "validating" a URN -- i.e., determining
whether a given string is currently a validly-assigned URN. There
are 2 issues here: 1) users should not "guess" URNs in a
namespace; 2) when the URN Namespace is based on an existing
identifier system, it may not be the case that all the existing
identifiers are assigned on Day 0. The reasonable expectation is
that the resource associated with each resulting URN is somehow
related to the thing identified by the original identifier system,
but those resources may not exist for each original identifier.
For example, even if a telephone number-based URN Namespace was
created, it is not clear that all telephone numbers would
immediately become "valid" URNs, that could be resolved using
whatever mechanisms are described as part of the namespace
registration.
Validation mechanisms might be:
- a syntax grammar;
- an on-line service;
- an off-line service.
}
Hoenes Expires May 3, 2012 [Page 21]
Internet-Draft URN Namespace Definition Mechanisms October 2011
Scope:
{
This section should outline the scope of the use of the
identifiers in this namespace. Apart from considerations of
private vs. public namespaces, this section is critical in
evaluating the applicability of a requested NID. For example, a
namespace claiming to deal with "social security numbers" should
have a global scope and address all social security number
structures (unlikely). On the other hand, at a national level, it
is reasonable to propose a URN Namespace for "this nation's social
security numbers".
}
Appendix B. Illustration
B.1. Example Template
[[ Editorial Note: Do we really need this any more?
Such an almost-concrete example likely contradicts current IESG
policy on usage of examples in RFCs. ]]
The following example is provided for the purposes of illustrating
the URN NID template described in Appendix A. Although it is based
on a hypothetical "generic Internet namespace" that has been
discussed informally within the URN WG, there are still technical and
infrastructural issues that would have to be resolved before such a
namespace could be properly and completely described.
Namespace ID:
To be assigned
Registration Information:
- version number: 1
- date:
Declared registrant of the namespace:
- Registering organization:
Name: Thinking Cat Example Enterprises
Postal: 1 ThinkingCat Way
Trupville, NewCountry
Hoenes Expires May 3, 2012 [Page 22]
Internet-Draft URN Namespace Definition Mechanisms October 2011
- Designated contact person:
Name: L. Daigle
Email: leslie@thinkingcat.example
Declaration of syntactic structure of NSS part:
The namespace specific string structure is as follows:
:
where FQDN is a fully-qualified domain name, and the assigned
string is conformant to URN syntax requirements.
Relevant ancillary documentation:
Definition of domain names, found in:
P. Mockapetris, "DOMAIN NAMES - CONCEPTS AND FACILITIES", STD 13,
RFC 1034, November 1987.
P. Mockapetris, "DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION",
STD 13, RFC 1035, November 1987.
Conformance with URN Syntax:
No special considerations.
Rules for Lexical Equivalence of NSS part:
FQDNs are case-insensitive. Thus, the leading portion of the URN
up to the colon after the FQDN is case-insensitive for matches.
The remainder of the identifier must be considered case-sensitive.
Identifier uniqueness considerations:
Uniqueness is guaranteed as long as the assigned string is never
reassigned for a given FQDN, and that the FQDN is never
reassigned.
N.B.: operationally, there is nothing that prevents a domain name
from being reassigned; indeed, it is not an uncommon occurrence.
This is one of the reasons that this example makes a poor URN
namespace in practice, and is therefore not seriously being
proposed as it stands.
Hoenes Expires May 3, 2012 [Page 23]
Internet-Draft URN Namespace Definition Mechanisms October 2011
Identifier persistence considerations:
Persistence of identifiers is dependent upon suitable delegation
of resolution at the level of "FQDN"s, and persistence of FQDN
assignment.
Same note as above.
Process of identifier assignment:
Assignment of these URNs is delegated to individual domain name
holders (for FQDNs). The holder of the FQDN registration is
required to maintain an entry (or delegate it) in the DDDS.
Within each of these delegated name partitions, the string may be
assigned per local requirements.
E.g., urn:urn-:thinkingcat.example:001203
Process for identifier resolution:
Domain name holders are responsible for operating or delegating
resolution servers for the FQDN in which they have assigned URNs.
Validation mechanism:
None specified.
Scope:
Global.
B.2. Registration steps in practice
The key steps for registration of informal or formal namespaces
typically play out as follows:
A) Informal NID:
1. Complete the registration template. This may be done as part
of an Internet-Draft.
2. Communicate the registration template to urn-nid@ietf.org for
technical review -- as an email with a pointer to the
submitted I-D or inline text containing the template.
3. Update the registration template (and/or document) as
necessary from comments, and repeat steps 2 and 3 as
necessary.
Hoenes Expires May 3, 2012 [Page 24]
Internet-Draft URN Namespace Definition Mechanisms October 2011
4. Once comments have been addressed (and the review period has
expired), send a request to IANA with the revised registration
template.
B) Formal NID:
1. Write an Internet-Draft describing the namespace and include
the registration template, duly completed. Be sure to include
"Namespace Considerations", "Community Considerations",
"Security Considerations", and "IANA Considerations" sections,
as described in Section 4.4.
2. Submit the Internet-Draft, and send a pointer to the I-D
(perhaps using a copy of the I-D announcement) to
urn-nid@ietf.org in order to solicit technical review.
3. Update the Internet-Draft as necessary from comments, and
repeat steps 2 and 3 as needed.
4. If the Internet-Draft is the product of a working group in the
IETF, follow the usual WG process to forward the document to
the IESG for publication as an RFC. Otherwise, find a
sponsoring Area Director willing to guide the draft through
the IESG. The IESG (or the IETF at large in case an IETF-wide
last call is deemed necessary) may request further changes
(submitted as I-D revisions) and/or direct discussion to
designated working groups, area experts, etc.
5. The IESG evaluation process includes a review by IANA, and if
the IESG approves the document for publication as an RFC, IANA
processing of the document will follow the regular work-flow
between the RFC Editor and IANA. This way, the NID
registration will be made public by IANA when the RFC is
published.
Appendix C. Changes from RFC 3406
C.1. Essential Changes since RFC 3406
[ RFC Editor: please remove the Appendix C.1 headline and all
subsequent subsections of Appendix C starting with Appendix C.2. ]
T.B.D. (after consolidation of this memo)
C.2. Changes from RFC 3406 to URNbis WG Draft -00
Hoenes Expires May 3, 2012 [Page 25]
Internet-Draft URN Namespace Definition Mechanisms October 2011
o Abstract: rewritten entirely;
o Section 1 (Introduction): added historical RFC information;
o Section 1.1 (Requirements Language): added;
o Section 3.1: added Note that challenges the utility of
Experimental namespaces and raises question of whether formal
"provisional" registrations would be useful;
o Section 4: text expanded and updated; background material added;
added Note to challenge IANA website practices;
o Section 4.2 ff: changed "home" of URN-NID registration discussion
list (it already had been moved to the IETF Secretariat servers);
o Section 4.2: added Note to challenge the 2-week review period; in
current practice, that is almost always exceeded, and some regard
it as too short;
o Section 4.3: largely clarified procedures as they happen in
practice; adapted language for conformance with RFC 5226; use new
home of URN-NID (as mentioned above); the registration template
(Appendix A) now "SHOULD" be used;
o Section 4.3: split off new Section 4.4 on Registration Documents,
because registrants essentially are encouraged to follow these
guidelines for Informal namespaces as well, as far as practical;
replaced "RFC" by "Registration Document"; Section 4.4 is
subdivided for all mandatory sections;
o Section 4.4.1: made requirements a "MUST";
o Sections 4.4.1 and 4.4.2: added common Note that challenges the
need to split Namespace and Community Considerations, based on
observed problems in practice to separate the topics, and pointing
to overlap with clauses in the registration template due to
bullets listed that are not so clearly related to the headlines
under which they appear; suggestion is to avoid duplication, place
factual stuff into the template and focus on rationale in these
Considerations, perhaps in a common section;
o Section 4.4.3: added discussion of Security Considerations
section; advice is to focus on namespace-specific considerations
and refer to the SecCons in the "generic" RFCs for the general
issues;
Hoenes Expires May 3, 2012 [Page 26]
Internet-Draft URN Namespace Definition Mechanisms October 2011
o Section 4.4.4: amended discussion of IANA Considerations section;
this tries to reflect standing practice and codifies that Formal
NIDs are generally proposed by the registrant; added Note that
"urn" is permanently reserved and MUST NOT be assigned as a NID,
to avoid confusion (as also specified in RFC 2141bis draft); wrt
registration maintenance: got rid of wrong reference in RFC 3406
(to RFC 2606);
o Section 6 (IANA Considerations): updated and rephrased description
of the role of this document, including a sketch of the history;
added teat that tries to precisely describe what is expected from
IANA on approval of this draft; added text on procedures and
suggest a provisional assignment practice upon "thumbs-up" of the
IANA Expert to protect prospective registrants from collateral
damage on NID precedence in case the document suffers from delays
unrelated to the registration template before it eventually gets
approved;
o Section 7 (Acknowledgements): added;
o References: Updated and amended references; added pointers to
chartered URNbis work items; removed entirely outdated example
material related to legacy documents;
o Appendix A and B.1: added words on Security Considerations
section;
o Appendix A (Registration Template): clarified role of text
snippets in the Template: hint and commentary now all enclosed in
curly braces, with not that these parts shall be removed when
filling in the tempalte; indicate that Formal NIDs are normally
proposed by registrant; changed date/time ref. from ISO 8601 to
RFC 3339; use inherited term "percent-encoding";
o Appendix A -- structure: moved formal clauses on Conformance with
URN Syntax and Rules for Lexical Equivalence to vicinity of
namespace specific syntax clause, to which these are closely
related;
o Appendix A -- changes of clauses: the Declaration of syntactic
structure and Rules for Lexical Equivalence clauses now
tentatively have been restricted to the NSS part only; this change
is described in NOTEs and motivated by the observation of repeated
confusion in past and present registration documents, which
hopefully can be avoided (and the job of the Expert and reviewers
made easier) by leaving discussion of the invariate parts that
cannot be re-specified there at the single place where they belong
to: the NID is fully specified in the initial clause, rules for
Hoenes Expires May 3, 2012 [Page 27]
Internet-Draft URN Namespace Definition Mechanisms October 2011
the NID and the URI scheme name "urn" are inherited from RFC
2141[bis] and RFC 3986, respectively, and hence the new clause
descriptions avoid conflict by taking these components out of
scope of these clauses;
o Appendix B.1 (Example Template): facelifted a bit; concerns with
IESG policy on examples in RFCs raised in a NOTE;
o Appendix B.2 (Registration steps in practice): updated and
clarified description of procedure, in alignment to current
practice;
o Appendix C: removed "Changes from RFC 2611"; added this change
log;
o General: numerous editorial changes and enhancements, following
contemporary RFC style.
Appendix D. Open Issues
Discuss consequences of RFC 2141bis (once consensus is achieved); if
proposal for fragment part is adopted, details need to be described
per namespace that wants to adopt these possibilities, and maybe the
registration template needs a new clause where this will be specified
-- or the information has to be assigned to existing clauses.
More elaboration on Services. Since RFC 2483 is considered outdated,
but RFC 2483bis not yet a URNbis work item, we might need a registry
for URN Services (initially populated from RFC 2483) that can be
referred to in namespace registration documents, thus avoiding
normative dependencies on a future RFC 2483bis.
Do we actually need Experimental Namespaces?
The syntax of the NID strings for the various NID types is given in
an informal manner (as has been done in RFC 3406); is it worth the
effort to introduce ABNF for this purpose?
Increase review/timeout periods for urn-nid list and IANA experts to
4 weeks?
Clarification of the desired content of the "Namespace
Considerations" and "Community Considerations" sections in
registration documents. Shall we admit a combined section for both
topics? (so far supported by 2 postings) Cf. the NOTEs in Sections
4.4.1 and 4.4.2 for more details.
Shall other strings than "urn" also be 'reserved' in the NID
registry? (e.g. "uri", "url", "urc", "example", ...)
Hoenes Expires May 3, 2012 [Page 28]
Internet-Draft URN Namespace Definition Mechanisms October 2011
Do we still need Appendix B.1 ? (There are lots of real-life
examples now!)
Also see the Editorial Notes interspersed in the body of this draft.
Author's Address
Alfred Hoenes
TR-Sys
Gerlinger Str. 12
Ditzingen D-71254
Germany
EMail: ah@TR-Sys.de
Hoenes Expires May 3, 2012 [Page 29]