Re: [apps-discuss] The acct: scheme question

Graham Klyne <> Mon, 02 July 2012 11:57 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 852D721F8BBD for <>; Mon, 2 Jul 2012 04:57:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.074
X-Spam-Status: No, score=-7.074 tagged_above=-999 required=5 tests=[AWL=-1.525, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_TOWRITE=1.05]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 2uZo+sKDZChM for <>; Mon, 2 Jul 2012 04:57:15 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 907D521F8BBB for <>; Mon, 2 Jul 2012 04:57:15 -0700 (PDT)
Received: from ([]) by with esmtp (Exim 4.75) (envelope-from <>) id 1SlfFm-0007Rl-Qt; Mon, 02 Jul 2012 12:57:18 +0100
Received: from ([]) by with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <>) id 1SlfFm-0002hB-79; Mon, 02 Jul 2012 12:57:18 +0100
Message-ID: <>
Date: Mon, 02 Jul 2012 12:53:00 +0100
From: Graham Klyne <>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:6.0) Gecko/20110812 Thunderbird/6.0
MIME-Version: 1.0
To: Peter Saint-Andre <>
References: <> <> <> <> <> <043201cd54a5$79f2e170$6dd8a450$> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Oxford-Username: zool0635
Cc:, "Murray S. Kucherawy" <>
Subject: Re: [apps-discuss] The acct: scheme question
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 02 Jul 2012 11:57:16 -0000


(comments below)

On 01/07/2012 04:09, Peter Saint-Andre wrote:
> On 6/28/12 10:53 AM, Peter Saint-Andre wrote:
>> On 6/28/12 5:09 AM, Graham Klyne wrote:
>>> On 28/06/2012 08:28, Melvin Carvalho wrote:
>>>> Should acct: be rejected, we can simply use mailto: as per SWD.
>>>> Similarly
>>>> you could simply use ?acct=user@host as has been suggested.
>>> Since my comments with reviewer hat on have been cited, I feel I should
>>> summarize my personal feelings about the specification of the acct: scheme.
>>> *Reviewer hat OFF*
>>> Roughly, I think the acct: scheme does provide a useful, possibly minor,
>>> purpose that is not served by other URI schemes, and as such it has
>>> reasonable claim to meet the bar for registering a new scheme.  But I
>>> think the description of the acct: scheme in the WebFinger document does
>>> a poor job of explaining this; i.e. I think there is a document quality
>>> issue here around the acct: scheme registration/specification.
>>> I've had private exchanges with one of the document editors, but I don't
>>> think my suggestions have been reflected in the current draft.  In
>>> summary, what I think is not as clear as it should be in the scheme
>>> registration includes:
>>> * what does an acct URI identify
>>> * how are acct URIs allocated; what's the assignment delegation structure?
>>> * how should an acct: URI be dereferenced?  (e.g. if one were used as a
>>> link in a web page, how should it be handled?).
>>> I suspect that most of this information can be inferred if one has a
>>> detailed knowledge of WebFinger protocol, but for an average Joe web
>>> developer I don't think that's really helpful.
>>> I don't think this is a sufficiently important issue for me to engage
>>> more actively with the discussion.
>> Graham, I think you're right about the fact that these matters are
>> underspecified. I hereby offer to propose some text, and will do that in
>> the next few days.
> I went beyond proposing text and decided to write a standalone I-D:
> Graham, I think that text answers the questions you posed, hopefully in
> an accurate way.

Generally, this is in line with my understanding of the intent of acct: scheme. 
  Paul and/or the WebFinger folks will be better placed to judge.

Some comments:

== Section 3 ==

For example, if a user has an account name of
    "foobar" on a microblogging service "", it can be
    inferred that the user's 'acct' URI at that provider is even if the provider has not
    explicitly assigned such a URI.

I might say thus:
For example, if a user has an account name of
    "foobar" on a microblogging service "", it
    is taken as convention that the string ""
    designates that account.  This is expressed as a URI using the
    acct: scheme as "".

(The phrasing is intended to take account of the fact that WebFinger clients are 
expected to accept the "" without the acct: prefix.)

== Section 4.4 ==

My understanding is that an acct: URI is intended to be dereferenced using the 
WebFinger protocol.  I'm not sure about associated MIME types: does WebFinger 
define any such?

== Section 4.6 ==

I'm a little unsure about the phrasing "only the WebFinger protocol uses the 
'acct' URI scheme", but I can't put my finger on any problem or offer better 
phrasing at this time.

== Section 5 ==

Maybe add:
Dereferencing an acct: URI could reveal information about a user's account.  As 
such, care should be taken that personally identifying information is not 
released without appropriate permissions and/or credentials.