Applications Area WG (APPSAWG)                              L. Hunt, Ed.
Internet-Draft                                      Opera Software, ASA.
Intended Status: Standards Track                     M. Yevstifeyev, Ed.
Expires: September 5, 22, 2012                               March 4, 21, 2012

                         The "about" URI Scheme
                 draft-ietf-appsawg-about-uri-scheme-03
                 draft-ietf-appsawg-about-uri-scheme-04

Abstract

   This document specifies the "about" URI scheme, that which is widely used
   by Web web browsers and some other applications to designate access to
   their internal resources, such as settings, application information,
   hidden built-in functionality, and so on.

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as
   Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

Copyright and License Notice

   Copyright (c) 2012 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document. Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1. Introduction  . . . . . . . . . . . . . . . . . . . . . . . . .  2
     1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . .  3  2
   2. URI Scheme Specification  . . . . . . . . . . . . . . . . . . .  3
     2.1. URI Scheme Syntax . . . . . . . . . . . . . . . . . . . . .  3
     2.2. URI Scheme Semantics  . . . . . . . . . . . . . . . . . . .  3
       2.2.1. Special-Purpose "about" URIs  . . . . . . . . . . . . .  3
     2.3. Encoding Considerations . . . . . . . . . . . . . . . . . .  4
   3. Security Considerations . . . . . . . . . . . . . . . . . . . .  4
   4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . .  4
     4.1. URI Scheme Registration . . . . . . . . . . . . . . . . . .  4
     4.2. A Registry for Registered Tokens  . . . . . . . . . . . . .  5
   5. References  . . . . . . . . . . . . . . . . . . . . . . . . . .  6
     5.1. Normative References  . . . . . . . . . . . . . . . . . . .  6
     5.2. Informative References  . . . . . . . . . . . . . . . . . .  7  6
   Appendix A.  Acknowledgments . . . . . . . . . . . . . . . . . . .  7  6
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . .  7

1. Introduction

   This document specifies the "about" Uniform Resource Identifier (URI)
   scheme, that is currently widely used by Web browsers and some other
   applications to designate access to their internal resources, such as
   settings, application information, so called "Easter eggs" (i.e.
   hidden feature or joke in an application), and so on.

   The concept of "about" URIs has been formed at the times when the applications did not have the a
   "friendly" user interface, in order to
   provide an enable access to the aforementioned
   resources via by typing the URIs
   in the into an address bar.  Even though the bar or similar feature.
   They have however become commonplace in modern user interface of applications.

   Given their current
   Internet-targeted software effectively rescinds the issue, and
   "about" URIs can be thought to be a rudimentary phenomenon, they are
   still supported by a variety of Web browsers and are not going to
   cease to exist.

   As use of "about" URIs has been quiet long-lasting, and ubiquity, their absence from the URIs have
   been used without any proper registration URI scheme
   registry and absent any proper
   specification, the necessity for the the latter two actions arises.
   The purpose lack of this a defining document is to provide conspicuous.  Therefore,
   this document provides a stable specification for the "about" URI
   scheme and correspondingly register registers it in the IANA
   registry.  Along, several provisions for handling the "about" URIs
   are set. with IANA.

   Please consult RFC 3986 [RFC3986] for definition of generic URIs
   syntax and RFC 4395 [RFC4395] for description of registration process
   for new URI schemes.

1.1. Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

2. URI Scheme Specification

2.1. URI Scheme Syntax

   The "about" URI MUST syntactically conform to the <about-uri> rule
   below, expressed using Augmented Backus-Naur Form (ABNF) [RFC5234]:

     about-uri   = "about:" about-token [ about-query ]
     about-token = *pchar
     about-query = "?" query
     pchar       = <as specified in RFC 3986, Appendix A>
     query       = <as specified in RFC 3986, Appendix A>

   In terms of RFC 3986, <about-token> part corresponds to <hier-part>,
   and <about-query> to the query component of URI.

2.2. URI Scheme Semantics

   Generally speaking, the resource to which a particular "about" URI
   resolves to is denoted by <about-token> part of the URI, and <about-query> <about-
   query> specifies additional information concerning its handling
   and/or the information that should be returned in the resource a to
   which the URI is resolved
   to. resolves.

   However, it is impossible to specify a binding between all the
   possible tokens and the semantics of "about" URIs that would contain
   such
   tokens, which this document does not attempt to do. tokens.  Therefore, any
   application resolving an "about" URI MAY choose the resource it is
   resolved to at its own discretion, with referenced by the exception of URI is
   application-specific, except for those
   defined listed below as 'special-purpose 'special-
   purpose "about" URIs'.  They  Applications MAY use internal redirection to
   accomplish this (for instance, the Opera web browser redirects all
   "about" URIs except "about:blank" to its internal "opera" URIs).

2.2.1. Special-Purpose "about" URIs

   A small, though expandable, range of <about-token>s are is reserved for
   special purposes ("special-purpose tokens").

   A special-purpose URI is an "about" URI that has a special-purpose
   token as its <about-token> part.  Such URIs MUST be handled in strict
   accordance with the rules defined in the special-purpose token
   registry (see Section 4.2).  The registered entry MAY also define
   additional provisions for handling of the <about-query> part.  If no
   such provisions are defined, the query part has no meaning, and MUST
   be ignored.

   This document defines one special-purpose token: "blank".  The URI
   "about:blank" MUST resolve to a blank page, as seen by the end user.
   There is no additional handling of the query component in
   "about:blank" URIs.

   Additional special-purpose tokens can be defined by registering an by updating the
   registry created in Section 4.2. Special-purpose "about" URIs are
   intended to be uncommon, and new ones should be defined only when
   there is a need to strongly connect a particular <about-token> with a
   particular function in all applications.

2.3. Encoding Considerations

   "about" URIs are subject to encoding rules defined in RFC 3986
   [RFC3986].  "about" IRIs [RFC3987] are not permitted.

3. Security Considerations

   Generic security considerations for URIs are discussed in Section 7
   of RFC 3986 [RFC3986].  However, many few of those provisions hardly apply to
   "about" URI scheme, as they are mainly scoped to schemes used in the
   Internet, not internally.

   "about" URIs may can sometimes refer to a sensitive information, such as
   user passwords stored in a cache, or parameter parameters that, if changed, may
   could  affect user's data.  The application should therefore needs to ensure
   that the user's data is in the safety, secured, and no threats are imposed by
   "about" URIs.

4. IANA Considerations

4.1. URI Scheme Registration

   IANA is asked to register the "about" URI scheme in the "URI Schemes"
   registry defined in Section 5.4 of RFC 4395 [RFC4395]:

     URI scheme name: about

     Status: Permanent

     URI scheme syntax: see Section 2.1 of RFC xxxx

     URI scheme semantics: see Section 2.2 of RFC xxxx

     URI scheme encoding considerations: see Section 2.3 of RFC xxxx

     Applications/protocols that use the scheme: "about" URIs are
     predominantly used by Web browsers, although they may be used by
     other applications.

     Security considerations: see Section 3 of RFC xxxx

     Contact: IETF Applications Area Directors <app-ads@tools.ietf.org>

     Author/Change controller: IESG <iesg@ietf.org> (on behalf of the
     IETF)

     References: see Section 5 of RFC xxxx

   [RFC Editor: Please replace xxxx with assigned RFC number]

4.2. A Registry for Registered Tokens

   IANA is asked to set up a new registry entitled "'about' URI Special
   Purpose Tokens" following the guidelines below.

   The registry entries consist of 3 fields: Special-Purpose Token,
   Description and Reference.  The Special-Purpose Token field MUST has to
   conform to <about-token> production defined in Section 2.1.  The
   initial registry consists of one entry:

   +------------------+------------------------------------+-----------+
   | Special-Purpose  | Description                        | Reference |
   | Token            |                                    |           |
   +------------------+------------------------------------+-----------+
   | blank            | Used in "about" URIs to refer to   | RFC xxxx  |
   |                  | blank page.                        |           |
   +------------------+------------------------------------+-----------+

   The registration procedures for this registry are "First Come First
   Served", described in RFC 5226 [RFC5226], with supporting
   documentation meeting the requirements below.  The registrant of the
   token MUST ought to provide the following registration template, which
   will be made available on IANA web site:

   o Registered Token:  The desired special-purpose token to be used in
     "about" URIs.

   o Intended usage:  A short description of how "about" URIs with the
     registered token must be handled; especially, to what resource they must be
     resolved to, if resolvable.
     are to resolve.

   o Handling query component:  It should be mentioned whether there are
     some provisions on  Describe any requirements for handling
     query components in the "about" URIs
     with that contain the registered token.

   o Contact/Change controller:  An individual or an organization which that
     (1) should be contacted for more details, and (2) is authorized to
     change the registration.

   o Specification.  This provides documentation at  A permanent reference to a level specification that could can
     be used to create a compliant, interoperable implementation of the
     registered "about" URI.  The reference to a full specification MUST
     be provided here, and there should be a reasonable expectation that
     the documentation will remain available.  IANA will consult with the IESG or its
     specified delegate if there is doubt about whether the
     specification is adequate for the this purpose.

   The following is a template for "blank" token:

   o Registered Token:  blank
   o Intended usage:  The <about:blank> URI must resolve to a blank
     page.
   o Handling query component:  No special provisions.
   o Contact/Change controller:  IESG <iesg@ietf.org> (on behalf of
     IETF).
   o Specification:  This document.

5. References

5.1. Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
              Resource Identifier (URI): Generic Syntax", STD 66,
              RFC 3986, January 2005.

   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
              May 2008.

   [RFC5234]  Crocker, D., Ed., and P. Overell, "Augmented BNF for
              Syntax Specifications: ABNF", STD 68, RFC 5234, January
              2008.

5.2. Informative References

   [RFC3987]  Duerst, M. and M. Suignard, "Internationalized Resource
              Identifiers (IRIs)", RFC 3987, January 2005.

   [RFC4395]  Hansen, T., Hardie, T., and L. Masinter, "Guidelines and
              Registration Procedures for New URI Schemes", BCP 35,
              RFC 4395, February 2006.

Appendix A.  Acknowledgments

   This document has been formed from the draft initially authored by,
   additionally to Lachlan Hunt, the editor of the current one, Joseph
   Holsten.  Additionally, the contributions of Frank Ellermann and
   Alexey Melnikov are gratefully acknowledged.  Barry Leiba deserves and Murray
   Kucherawy deserve a special credit for providing a great amount of
   text which has been used in this document.

Authors' Addresses

   Lachlan Hunt (editor)
   Opera Software, ASA.

   EMail: lachlan.hunt@lachy.id.au
   URI:   http://lachy.id.au/

   Mykyta Yevstifeyev (editor)
   8 Kuzovkov St., Apt. 25
   Kotovsk
   Ukraine

   EMail: evnikita2@gmail.com