draft-ietf-trade-mime-detector-01.txt   draft-ietf-trade-mime-detector-02.txt 
INTERNET-DRAFT MIME Handler Detection INTERNET-DRAFT MIME Handler Detection
August 1999 March 2000
Expires February 2000 Expires September 2000
draft-ietf-trade-mime-detector-01.txt
HTTP MIME Type Handler Detection HTTP MIME Type Handler Detection
---- ---- ---- ------- --------- ---- ---- ---- ------- ---------
<draft-ietf-trade-mime-detector-02.txt>
Donald E. Eastlake 3rd Donald E. Eastlake 3rd
Chris J. Smith Chris J. Smith
David M. Soroka David M. Soroka
Status of This Document Status of This Document
This draft, file name draft-ietf-trade-mime-detector-01.txt, is This draft is intended to become an Informational RFC. Distribution
intended to become an Informational RFC. Distribution of this of this document is unlimited. Comments should be sent to the TRADE
document is unlimited. Comments should be sent to the TRADE WG WG mailing list <ietf-trade@eListX.com> or to the authors.
mailing list <ietf-trade@eListX.com> or to the authors.
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of [RFC 2026]. Internet-Drafts are all provisions of Section 10 of RFC2026. Internet-Drafts are working
working documents of the Internet Engineering Task Force (IETF), its documents of the Internet Engineering Task Force (IETF), its areas,
areas, and its working groups. Note that other groups may also and its working groups. Note that other groups may also distribute
distribute working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet- Drafts as reference time. It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress". material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Abstract Abstract
Entities composing web pages to provide services over HTTP frequently Entities composing web pages to provide services over HTTP frequently
have the problem of not knowing what MIME types have handlers have the problem of not knowing what MIME types have handlers
installed at a user's browser. For example, whether an IOTP or VRML installed at a user's browser. For example, whether an IOTP or VRML
or SET or some streaming media handler is available. In many cases or SET or some streaming media handler is available. In many cases
they would want to display different web pages or content depending they would want to display different web pages or content depending
on a MIME handler's availability. This document summarizes a on a MIME handler's availability. This document summarizes
reasonable technique to solve this problem for most of the browsers reasonable techniques to solve this problem for most of the browsers
actually deployed on the Internet as of August 1999. It is intended actually deployed on the Internet as of early 2000. It is intended
to be of practical use to implementors during the period before the to be of practical use to implementors during the period before the
wide deployment of superior standards based techniques which may be wide deployment of superior standards based techniques which may be
developed. developed.
Table of Contents Table of Contents
Status of This Document....................................1 Status of This Document....................................1
Abstract...................................................1
Abstract...................................................2
Table of Contents..........................................2 Table of Contents..........................................2
1. Introduction............................................3 1. Introduction............................................3
2. The HTTP 'Accept' Header................................3 2. The HTTP 'Accept' Header................................3
3. JavaScript..............................................3 3. JavaScript..............................................3
4. Microsoft ActiveX and the Windows Registry..............4 4. Microsoft ActiveX and the Windows Registry..............4
5. ECML, The Electronic Commerce Modeling Language.........5 5. ECML, The Electronic Commerce Modeling Language.........5
6. Putting It All Together.................................5 6. Putting It All Together.................................5
7. Future Development......................................6 7. Future Development......................................6
8. Security Considerations.................................6 8. Security Considerations.................................6
skipping to change at page 3, line 21 skipping to change at page 3, line 21
In many cases they would want to display different web pages or In many cases they would want to display different web pages or
content depending on a MIME handler's availability. Sending a content depending on a MIME handler's availability. Sending a
response with a MIME type that is not supported frequently results in response with a MIME type that is not supported frequently results in
interrupting the flow of the user experience, browser queries as to interrupting the flow of the user experience, browser queries as to
what to do with the data being provided, and, of course, failure to what to do with the data being provided, and, of course, failure to
provide the behavior that would have occurred had the correct MIME provide the behavior that would have occurred had the correct MIME
type handler been installed. type handler been installed.
This document describes reasonable techniques to solve this problem This document describes reasonable techniques to solve this problem
for most of the browsers actually deployed on the Internet as of for most of the browsers actually deployed on the Internet as of
August 1999. It is intended to be of practical use to implementors early 2000. It is intended to be of practical use to implementors
during the period before the wide deployment of superior standards during the period before the wide deployment of superior standards
based techniques which may be developed. It is written in terms of based techniques which may be developed. It is written in terms of
determining whether a handler for application/iotp or application/x- determining whether a handler for application/iotp or application/x-
iotp exists but is equally applicable to other MIME types. iotp exists but is equally applicable to other MIME types.
2. The HTTP 'Accept' Header 2. The HTTP 'Accept' Header
The problem should be solved by the Hyper Text Transport Protocol The problem should be solved by the Hyper Text Transport Protocol
[HTTP] request "Accept" header which lists accepted [MIME] types. [HTTP] request "Accept" header which lists accepted [MIME] types.
This header is present in both Version 1.0 and 1.1 of HTTP and its This header is present in both Version 1.0 and 1.1 of HTTP and its
content is supposed to be a list of MIME types and subtypes that are content is supposed to be a list of MIME types and subtypes that are
accepted. The only problem is that many browsers just send "*/*". accepted. The only problem is that many browsers just send "*/*" or
the like.
If the particular MIME type you are looking for is present in the If the particular MIME type you are looking for is present in the
Accept header, it is generally safe to assume that some specific Accept header, it is generally safe to assume that some specific
handler for it is actually installed or part of the browser. handler for it is actually installed or part of the browser.
NOTE: Although not part of the main topic of this document, if you NOTE: Although not part of the main topic of this document, if you
are designing MIME type handler software and have access to a browser are designing MIME type handler software and have access to a browser
interface that allows you to request the insertion of the MIME type interface that allows you to request the insertion of the MIME type
or types your software handles into the Accept header, you generally or types your software handles into the Accept header, you generally
should do so. It will make it easier for servers sensitive to that should do so. It will make it easier for servers sensitive to that
skipping to change at page 5, line 41 skipping to change at page 5, line 41
5. ECML, The Electronic Commerce Modeling Language 5. ECML, The Electronic Commerce Modeling Language
A industry group has recently proposed a standard for fields used in A industry group has recently proposed a standard for fields used in
electronic commerce. This fields allow "wallet" software acting for electronic commerce. This fields allow "wallet" software acting for
the consumer to convey standardized information to a merchant, the consumer to convey standardized information to a merchant,
including information as to what payment related protocols are including information as to what payment related protocols are
supported at the customer site. See [ECML]. supported at the customer site. See [ECML].
6. Putting It All Together 6. Putting It All Together
[..] The following diagram indicates how these techniques can be put
together.
start>-----+ start>-----+
| |
+------------------+ +------------------+
| Was desired type | NO +-------------------------+ | Was desired type | NO +-------------------------+
|found in Accept? |------------>| Is JavaScript available | |found in Accept? |------------>| Is JavaScript available |
+------------------+ |and does it show type? | +------------------+ |and does it show type? |
| +-------------------------+ | +-------------------------+
YES | | | | YES | | | |
|<---------------------------+ | NO | |<---------------------------+ | NO |
| YES | | | YES | |
| +---<explorer<--+ | | +---<explorer<--+ |
| | | | | |
| +----------------------+ | | +----------------------+ |
| | Is ActiveX available | | | | Is ActiveX available | |
| |and does it show type?| | | |and does it show type?| |
| +----------------------+ | | +----------------------+ |
| YES | | | NO | | YES | | | NO |
|<-----------+ | +----------------->| |<-----------+ | +----------------->|
| V | | V |
remember | Indeterminate remember | remember | Indeterminate. remember |
that |. take default that type | that |. Take default that type |
type IS | action. is NOT | type IS | action. is NOT |
supported| supported | supported| supported |
X done X X done X
[...] [...]
7. Future Development 7. Future Development
Active work is proceeding in the IETF, World Wide Web Consortium Active work is proceeding in the IETF, World Wide Web Consortium
[W3C], and Electronic Commerce Modeling Language Alliance [ECML] [W3C], and Electronic Commerce Modeling Language Alliance [ECML]
concerning content and capabilities negotiation. This work is likely concerning content and capabilities negotiation. This work is likely
to lead to superior methods to implement the functionality described to lead to superior methods to implement the functionality described
herein. However, near universal deployment of such new herein. However, near universal deployment of such new
standards/features will take some time. Thus you should expect the standards/features will take some time. Thus you should expect the
methods given herein to be obsoleted, but perhaps not for a few methods given herein to be obsoleted, but perhaps not for some years.
years.
8. Security Considerations 8. Security Considerations
It should be noted that the variety of Active X control suggested It should be noted that the variety of Active X control suggested
above is reading the user's registry, that is, examining their above is reading the user's registry, that is, examining their
computer and reporting back some information it has discovered. This computer and reporting back some information it has discovered. This
may be a concern among some users. may be a concern among some users.
In general, the use of JavaScript even more so ActiveX is dangerous
because they are so powerful. JavaScript or ActiveX from a web page
could be invisibly damaging to the client.
Security of web interactions is normally provided by adopting channel Security of web interactions is normally provided by adopting channel
encryption on the browser to server connections, such as [TLS]. In encryption on the browser to server connections, such as [TLS]. In
the absence of some such additional security outside of HTTP, the absence of some such additional security outside of HTTP,
requests and/or responses may be forged or tampered with. requests and/or responses may be forged or tampered with.
9. IANA Considerations 9. IANA Considerations
None specific to the techniques described herein. For MIME types and None specific to the techniques described herein. For MIME types and
type registration procedures, see [RFCs 2046, 2048]. type registration procedures, see [MIME: RFCs 2046, 2048].
References References
[ECML] draft-eastlake-ecom-fields-*.txt, D. Eastlake, T. Goldstein, [ECML] <http://www.ecml.org>
<www.ecml.org>. RFC 2706 - "ECML v1: Field Names for E-Commerce", D. Eastlake,
T. Goldstein, October 1999
draft-eastlake-ecom-fields2-*.txt, D. Eastlake, T. Goldstein.
[HTTP] RFC 1945 - "Hypertext Transfer Protocol -- HTTP/1.0", T. [HTTP] RFC 1945 - "Hypertext Transfer Protocol -- HTTP/1.0", T.
Berners-Lee, R. Fielding & H. Frystyk. May 1996. Berners-Lee, R. Fielding & H. Frystyk. May 1996.
RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1", R. RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1", R.
Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T.
Berners-Lee. June 1999. Berners-Lee. June 1999.
[IOTP] draft-ietf-trade-iotp-v1.0-protocol-*.txt - David Burdett, [IOTP] draft-ietf-trade-iotp-v1.0-protocol-*.txt - David Burdett,
1999. 2000.
[MIME] RFC 2045 - "Multipurpose Internet Mail Extensions (MIME) Part [MIME] RFC 2045 - "Multipurpose Internet Mail Extensions (MIME) Part
One: Format of Internet Message Bodies", N. Freed & N. Borenstein. One: Format of Internet Message Bodies", N. Freed & N. Borenstein.
November 1996. November 1996.
RFC 2046 - "Multipurpose Internet Mail Extensions (MIME) Part RFC 2046 - "Multipurpose Internet Mail Extensions (MIME) Part
Two: Media Types", N. Freed & N. Borenstein. November 1996. Two: Media Types", N. Freed & N. Borenstein. November 1996.
RFC 2047 - "MIME (Multipurpose Internet Mail Extensions) Part RFC 2047 - "MIME (Multipurpose Internet Mail Extensions) Part
Three: Message Header Extensions for Non-ASCII Text", K. Moore. Three: Message Header Extensions for Non-ASCII Text", K. Moore.
November 1996. November 1996.
RFC 2048 - "Multipurpose Internet Mail Extensions (MIME) Part RFC 2048 - "Multipurpose Internet Mail Extensions (MIME) Part
Four: Registration Procedures", N. Freed, J. Klensin & J. Postel. Four: Registration Procedures", N. Freed, J. Klensin & J. Postel.
November 1996. November 1996.
[SET]- Secure Electronic Transaction (SET) Specification, Version [SET] - "Secure Electronic Transaction (SET) Specification, Version
1.0, May 31, 1997, available from <http://www.setco.org>. 1.0", May 31, 1997, available from <http://www.setco.org>.
Book 1: Business Description Book 1: Business Description
Book 2: Programmer's Guide Book 2: Programmer's Guide
Book 3: Formal Protocol Definition Book 3: Formal Protocol Definition
[TLS] RFC 2246 - "The TLS Protocol Version 1.0", T. Dierks, C. Allen. [TLS] RFC 2246 - "The TLS Protocol Version 1.0", T. Dierks, C. Allen.
[W3C] Wolrd Wide Web Constortium, <www.w3.org> [W3C] World Wide Web Consortium, <www.w3.org>
Appendix A: Browser Version Sniffer Code Appendix A: Browser Version Sniffer Code
<SCRIPT LANGUAGE="JavaScript"> <SCRIPT LANGUAGE="JavaScript">
<!-- hide JavaScript from non-JavaScript browsers <!-- hide JavaScript from non-JavaScript browsers
//Ultimate client-side JavaScript client sniff. //Ultimate client-side JavaScript client sniff.
//(C)Netscape Communications 1998. Permission granted to reuse and distribute. //(C)Netscape Communications 1998. Permission granted to reuse and distribute.
//Revised 20 April 98 to add is.nav4up and is.ie4up (see below). //Revised 20 April 98 to add is.nav4up and is.ie4up (see below).
// Everything you always wanted to know about your JavaScript client // Everything you always wanted to know about your JavaScript client
skipping to change at page 13, line 8 skipping to change at page 13, line 8
(parseInt(navigator.appVersion)==3)) (parseInt(navigator.appVersion)==3))
isIE3Mac = true; isIE3Mac = true;
else else
is = new Is(); is = new Is();
//--> end hide JavaScript //--> end hide JavaScript
</SCRIPT> </SCRIPT>
Authors Addresses Authors Addresses
Donald E. Eastlake 3rd Donald E. Eastlake 3rd
IBM Motorola
65 Shindegan Hill Road 65 Shindegan Hill Road
Carmel, NY 10512 USA Carmel, NY 10512 USA
Telephone: +1 914-276-2668(h) Telephone: +1 914-276-2668(h)
+1 914-784-7913(w) +1 508-261-5434(w)
FAX: +1 914-784-3833(w) FAX: +1 508-261-4447(w)
email: dee3@us.ibm.com email: Donald.Eastlake@motorola.com
Chris J. Smith Chris J. Smith
Royal Bank of Canada Royal Bank of Canada
277 Front Street West 277 Front Street West
Toronto, Ontario M5V 3A4 CANADA Toronto, Ontario M5V 3A4 CANADA
Telephone: +1 416-348-6090 Telephone: +1 416-348-6090
FAX: +1 416-348-2210 FAX: +1 416-348-2210
email: chris.smith@royalbank.com email: chris.smith@royalbank.com
David M. Soroka David M. Soroka
IBM IBM
Raleigh, NC Raleigh, NC
Telephone: +1 919-486-2684 Telephone: +1 919-486-2684
Fax: +1 919-543-4653 Fax: +1 919-543-4653
email: dsoroka@us.ibm.com email: dsoroka@us.ibm.com
Expiration and File Name Expiration and File Name
This draft expires February 2000. This draft expires September 2000.
Its file name is draft-ietf-trade-mime-detector-01.txt. Its file name is draft-ietf-trade-mime-detector-02.txt.
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/