--- 1/draft-ietf-appsawg-about-uri-scheme-06.txt 2012-06-07 11:14:10.869924798 +0200 +++ 2/draft-ietf-appsawg-about-uri-scheme-07.txt 2012-06-07 11:14:10.881924866 +0200 @@ -1,18 +1,18 @@ Applications Area WG (APPSAWG) S. Moonesamy, Ed. Internet-Draft Intended Status: Informational -Expires: December 5, 2012 June 3, 2012 +Expires: December 9, 2012 June 7, 2012 The "about" URI Scheme - draft-ietf-appsawg-about-uri-scheme-06 + draft-ietf-appsawg-about-uri-scheme-07 Abstract This document describes the "about" URI scheme, which is widely used by web browsers and some other applications to designate access to their internal resources, such as settings, application information, hidden built-in functionality, and so on. Status of this Memo @@ -48,21 +48,21 @@ to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. URI Scheme Specification . . . . . . . . . . . . . . . . . . . 2 2.1. URI Scheme Syntax . . . . . . . . . . . . . . . . . . . . . 2 - 2.2. URI Scheme Semantics . . . . . . . . . . . . . . . . . . . 3 + 2.2. URI Scheme Semantics . . . . . . . . . . . . . . . . . . . 2 2.2.1. Well-known "about" URIs . . . . . . . . . . . . . . . . 3 2.3. Encoding Considerations . . . . . . . . . . . . . . . . . . 3 3. "about:blank" . . . . . . . . . . . . . . . . . . . . . . . . . 3 4. Security Considerations . . . . . . . . . . . . . . . . . . . . 3 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 4 5.1. URI Scheme Registration . . . . . . . . . . . . . . . . . . 4 5.2. A Registry for Well-known Tokens . . . . . . . . . . . . . 4 5.2.1. Registration procedure . . . . . . . . . . . . . . . . 5 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5 6.1. Normative References . . . . . . . . . . . . . . . . . . . 5 @@ -86,80 +86,76 @@ expressed using Augmented Backus-Naur Form (ABNF) [RFC5234]: about-uri = "about:" about-token [ about-query ] [ about-fragment ] about-token = *pchar about-query = "?" query about-fragment = "#" fragment pchar = query = fragment = - In terms of RFC 3986, part corresponds to , - to the query component and to the - fragment component of the URI. - 2.2. URI Scheme Semantics + The resource which a particular "about" URI references is denoted + by part of the URI. It is not a hierarchical element + for a naming authority. The specifies additional + information about its handling and/or the information that should + be returned by the resource which the URI references. - The resource which a particular "about" URI references is denoted by - part of the URI. The specifies - additional information about its handling and/or the information that - should be returned by the resource which the URI references. - - It is impossible to specify a binding between all the possible tokens - and the semantics of "about" URIs that would contain such tokens. - Therefore the resource referenced by the URI is generally considered - as specific to a Web browser implementation. + It is impossible to specify a binding between all the possible + tokens and the semantics of "about" URIs that would contain such + tokens. Therefore the resource referenced by the URI is generally + considered as specific to a Web browser implementation. 2.2.1. Well-known "about" URIs Some s have been reserved as the behavior when the - resource is referenced is well-known. (Well-known tokens). + resource is referenced is well-known (Well-known tokens). - A well-known "about" URI is a URI that has a well-known token as its - part. It is recommended that such URIs be handled in - accordance with the specification referenced in the Well-known token - registry (see Section 5.2). + A well-known "about" URI is a URI that has a well-known token as + its part. It is recommended that such URIs be + handled in accordance with the specification referenced in the + Well-known Tokens registry (see Section 5.2). - Well-known "about" URIs are intended to be registered when there is a - need to codify the behavior of particular . + Well-known "about" URIs are intended to be registered when there is + a need to codify the behavior of particular . 2.3. Encoding Considerations "about" URIs are subject to encoding rules defined in RFC 3986 [RFC3986]. 3. "about:blank" - This document defines one well-known token: "blank". The URI - "about:blank" refers to a resource represented in the browser by a - blank page. + This document defines one well-known token: "blank". The + "about:blank" URI refers to a resource represented in the browser + by a blank page. 4. Security Considerations Security considerations for URIs are discussed in Section 7 of RFC 3986 [RFC3986]. However, most of those provisions do not apply to the "about" URI scheme as they are mainly scoped to schemes used in the Internet. "about" URIs can sometimes refer to sensitive information, such as user passwords stored in a cache, or parameters that, if changed, - could affect user's data. The application therefore needs to ensure - that the user's data is secured and no threats are imposed by "about" - URIs. + could affect user's data. The application therefore needs to + ensure that the user's data is secured and no threats are imposed + by "about" URIs. 5. IANA Considerations 5.1. URI Scheme Registration The registration of the "about" URI scheme in the "URI Schemes" - registry is requested. The information below is provided according to - the guidelines from RFC 4395 [RFC4395]: + registry is requested. The information below is provided according + to the guidelines from RFC 4395 [RFC4395]: URI scheme name: about Status: Permanent URI scheme syntax: see Section 2.1 of RFC xxxx URI scheme semantics: see Section 2.2 of RFC xxxx URI scheme encoding considerations: see Section 2.3 of RFC xxxx @@ -184,22 +180,22 @@ The registry entries consist of three fields: Well-known Token, Description and Reference. The Well-known Token field has to conform to production defined in Section 2.1. The initial set of assignments is as follows: +--------------+------------------------------------+-------------+ | Well-known | Description | Reference | | Token | | | +------------------+--------------------------------+-------------+ - | blank | Used in "about" URIs to refer to | RFC xxxx | - | | blank page | | + | blank | The about:blank URI references a | RFC xxxx | + | | blank page. | | +--------------+------------------------------------+-------------+ 5.2.1. Registration procedure The registration policy for this registry is "First Come First Served" as described in RFC 5226 [RFC5226]. The registrant of the token should provide the information mentioned in the following registration template: o Registered Token: The desired Well-known token to be used in @@ -211,26 +207,27 @@ o Contact/Change controller: Person (including contact information) authorized to change this registration. o Specification: A stable reference to a document which specifies the registered "about" URI. The question of interoperability does not arise. The key motivation is to have a reference to a specification documenting well-known behavior of the "about" URI in Web browsers. As a rule of thumb if the behavior is common to two or more Web browser implementations it can be considered as well- - known. + known. An existing assignment may be duplicated if the registered + token is used in more than one Web browser implementation. - The following is a template for "blank" token: + The following is a template for the "blank" token: o Registered Token: blank - o Intended usage: The URI references a blank page. + o Intended usage: The about:blank URI references a blank page. o Contact/Change controller: IESG (on behalf of IETF). o Specification: RFC xxxx. [RFC Editor: Please replace xxxx with assigned RFC number] 6. References 6.1. Normative References [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform