draft-ietf-appsawg-mime-default-charset-00.txt   draft-ietf-appsawg-mime-default-charset-01.txt 
Applications Area Working Group A. Melnikov Applications Area Working Group A. Melnikov
Internet-Draft Isode Limited Internet-Draft Isode Limited
Updates: 2046 (if approved) J. Reschke Updates: 2046 (if approved) J. Reschke
Intended status: Standards Track greenbytes Intended status: Standards Track greenbytes
Expires: August 4, 2012 February 1, 2012 Expires: October 1, 2012 March 30, 2012
Update to MIME regarding Charset Parameter Handling in Update to MIME regarding Charset Parameter Handling in
Textual Media Types Textual Media Types
draft-ietf-appsawg-mime-default-charset-00 draft-ietf-appsawg-mime-default-charset-01
Abstract Abstract
This document changes RFC 2046 rules regarding default charset This document changes RFC 2046 rules regarding default charset
parameter values for text/* media types to better align with common parameter values for text/* media types to better align with common
usage by existing clients and servers. usage by existing clients and servers.
Editorial Note (To be removed by RFC Editor)
Discussion of this draft should take place on the Apps Area Working
Group mailing list (apps-discuss@ietf.org), which is archived at
<http://www.ietf.org/mail-archive/web/apps-discuss>.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 4, 2012. This Internet-Draft will expire on October 1, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 14 skipping to change at page 2, line 20
Table of Contents Table of Contents
1. Introduction and Overview . . . . . . . . . . . . . . . 3 1. Introduction and Overview . . . . . . . . . . . . . . . 3
2. Conventions Used in This Document . . . . . . . . . . . 3 2. Conventions Used in This Document . . . . . . . . . . . 3
3. New rules for default charset parameter values for 3. New rules for default charset parameter values for
text/* media types . . . . . . . . . . . . . . . . . . 3 text/* media types . . . . . . . . . . . . . . . . . . 3
4. Default charset parameter value for text/plain 4. Default charset parameter value for text/plain
media type . . . . . . . . . . . . . . . . . . . . . . 4 media type . . . . . . . . . . . . . . . . . . . . . . 4
5. Security Considerations . . . . . . . . . . . . . . . . 4 5. Security Considerations . . . . . . . . . . . . . . . . 4
6. IANA Considerations . . . . . . . . . . . . . . . . . . 4 6. IANA Considerations . . . . . . . . . . . . . . . . . . 5
7. References . . . . . . . . . . . . . . . . . . . . . . 4 7. References . . . . . . . . . . . . . . . . . . . . . . 5
7.1. Normative References . . . . . . . . . . . . . . . . . 4 7.1. Normative References . . . . . . . . . . . . . . . . . 5
7.2. Informative References . . . . . . . . . . . . . . . . 5 7.2. Informative References . . . . . . . . . . . . . . . . 5
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . . 5 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . 5 Authors' Addresses . . . . . . . . . . . . . . . . . . 5
1. Introduction and Overview 1. Introduction and Overview
[RFC2046] specified that the default charset parameter (i.e. the [RFC2046] specified that the default charset parameter (i.e. the
value used when it is not specified) is "US-ASCII". [RFC2616] value used when it is not specified) is "US-ASCII". [RFC2616]
changed the default for use by HTTP to be "ISO-8859-1". This changed the default for use by HTTP to be "ISO-8859-1". This
encoding is not very common for new text/* media types and a special encoding is not very common for new text/* media types and a special
skipping to change at page 3, line 27 skipping to change at page 3, line 27
reference this document in order to use the updated rules of default reference this document in order to use the updated rules of default
charset in "text/*" media types.]] charset in "text/*" media types.]]
Many complex text subtypes such as text/html [RFC2854] and text/xml Many complex text subtypes such as text/html [RFC2854] and text/xml
[RFC3023] have internal (to their format) means of describing the [RFC3023] have internal (to their format) means of describing the
charset. Many existing User Agents ignore the default of "US-ASCII" charset. Many existing User Agents ignore the default of "US-ASCII"
rule for at least text/html and text/xml. rule for at least text/html and text/xml.
This document changes RFC 2046 rules regarding default charset This document changes RFC 2046 rules regarding default charset
parameter values for text/* media types to better align with common parameter values for text/* media types to better align with common
usage by existing clients and servers. usage by existing clients and servers. It does not change the
defaults for any currently registered media type.
2. Conventions Used in This Document 2. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
3. New rules for default charset parameter values for text/* media 3. New rules for default charset parameter values for text/* media
types types
skipping to change at page 4, line 6 skipping to change at page 4, line 6
As explained in the Introduction section this rule is considered to As explained in the Introduction section this rule is considered to
be outdated, so this document replaces it with the following set of be outdated, so this document replaces it with the following set of
rules: rules:
Each subtype of the "text" media type which uses the "charset" Each subtype of the "text" media type which uses the "charset"
parameter can define its own default value for the "charset" parameter can define its own default value for the "charset"
parameter, including absence of any default. parameter, including absence of any default.
In order to improve interoperability with deployed agents, "text/*" In order to improve interoperability with deployed agents, "text/*"
media type definitions SHOULD either a) specify that the "charset" media type registrations SHOULD either
parameter is not used for the defined subtype, because the charset
information is transported inside the payload (as in "text/xml") or a. specify that the "charset" parameter is not used for the defined
b) require explicit unconditional inclusion of the "charset" subtype, because the charset information is transported inside
parameter eliminating the need for a default value. In accordance the payload (such as in "text/xml"), or
with option (a), above, "text/*" media types that can transport b. require explicit unconditional inclusion of the "charset"
charset information inside the corresponding payloads, specifically parameter eliminating the need for a default value.
including "text/html" and "text/xml", SHOULD NOT specify the use of a
"charset" parameter, nor any default value, in order to avoid In accordance with option (a), above, registrations for "text/*"
conflicting interpretations should the charset parameter value and media types that can transport charset information inside the
the value specified in the payload disagree. corresponding payloads (such as "text/html" and "text/xml") SHOULD
NOT specify the use of a "charset" parameter, nor any default value,
in order to avoid conflicting interpretations should the charset
parameter value and the value specified in the payload disagree.
New subtypes of the "text" media type, thus, SHOULD NOT define a New subtypes of the "text" media type, thus, SHOULD NOT define a
default "charset" value. If there is a strong reason to do so default "charset" value. If there is a strong reason to do so
despite this advice, they SHOULD use the "UTF-8" [RFC3629] charset as despite this advice, they SHOULD use the "UTF-8" [RFC3629] charset as
the default. the default.
Specifications of how to specify the "charset" parameter, and what Specifications of how to specify the "charset" parameter, and what
default value, if any, is used, are subtype-specific, NOT protocol- default value, if any, is used, are subtype-specific, NOT protocol-
specific. Protocols that use MIME, therefore, MUST NOT override specific. Protocols that use MIME, therefore, MUST NOT override
default charset values for "text/*" media types to be different for default charset values for "text/*" media types to be different for
their specific protocol. The protocol definitions MUST leave that to their specific protocol. The protocol definitions MUST leave that to
the subtype definitions. the subtype definitions.
4. Default charset parameter value for text/plain media type 4. Default charset parameter value for text/plain media type
The default charset parameter value for text/plain is unchanged from The default charset parameter value for text/plain is unchanged from
[RFC2046] and remains as "US-ASCII". [RFC2046] and remains as "US-ASCII".
5. Security Considerations 5. Security Considerations
TBD. Guessing of default charset is a security problem. Conflicting Guessing of the charset parameter can lead to security issues such as
information in-band vs out-of-band is also a security problem. content buffer overflows, denial of services or bypass of filtering
mechanisms. However, this document does not promote guessing, but
encourages use of charset information that is specified by the
sender.
Conflicting information in-band vs out-of-band can also lead to
similar security problems, and this document recommends the use of
charset information which is more likely to be correct (for example,
in-band over out-of-band).
6. IANA Considerations 6. IANA Considerations
This document asks IANA to update the "text" subregistry of the Media This document asks IANA to update the "text" subregistry of the Media
Types registry to additionally point to this document. Types registry to additionally point to this document.
7. References 7. References
7.1. Normative References 7.1. Normative References
 End of changes. 8 change blocks. 
20 lines changed or deleted 38 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/