IETF Logo Mail Archive

Policy URL -> Policy URI

Rick van Rein <rick@openfortress.nl> Mon, 07 February 2005 11:17 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA16830 for <openpgp-archive@lists.ietf.org>; Mon, 7 Feb 2005 06:17:15 -0500 (EST)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j17AoU1T052941; Mon, 7 Feb 2005 02:50:30 -0800 (PST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j17AoUjN052940; Mon, 7 Feb 2005 02:50:30 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from smtp17.wxs.nl (smtp17.wxs.nl [195.121.6.13]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j17AoTVG052902 for <ietf-openpgp@imc.org>; Mon, 7 Feb 2005 02:50:29 -0800 (PST) (envelope-from rick@openfortress.nl)
Received: from phantom.vanrein.org (ip545163dc.direct-adsl.nl [84.81.99.220]) by smtp17.wxs.nl (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0IBJ00DTEFFXLK@smtp17.wxs.nl> for ietf-openpgp@imc.org; Mon, 07 Feb 2005 11:50:21 +0100 (CET)
Received: by phantom.vanrein.org (Postfix, from userid 502) id 6821A2A650; Mon, 07 Feb 2005 11:50:21 +0100 (CET)
Date: Mon, 07 Feb 2005 11:50:21 +0100
From: Rick van Rein <rick@openfortress.nl>
Subject: Policy URL -> Policy URI
To: ietf-openpgp@imc.org
Message-id: <20050207105021.GA17950@phantom.vanrein.org>
MIME-version: 1.0
Content-type: text/plain; charset="us-ascii"
Content-transfer-encoding: 7bit
Content-disposition: inline
User-Agent: Mutt/1.4.2.1i
X-My-Coolest-Hack: http://rick.vanrein.org/linux/badram -> Exploit broken RAM
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit

Hello OpenPGP-drafters,

It seems important to me to consider replacing URL with URI in the OpenPGP
spec.  This would include URN-schemes, such as references to books that
everybody can pick up in their local bookstore or at Amazon.  A book URN       
would look like URN:ISBN:1-234-56789-0 (see RFC 3187).  There are several       
other useful URN schema's.

There are two places in the specification that speak of URL's; one is the       
keyserver (which really is a location, so it makes sense to keep it as
a URL) and the other is the policy.  I think it makes sense to support more
than just the available-on-my-website kind of local/incompatible policies.

Note that other signing standards do speak of URIs for policies.  In the
PKIX standard RFC 3280, there is a CPSuri definiton; in RFC 3275 (XML
Signing) there is no explicit support for policies (...) but the proper way
of getting it into the signature is with a <Reference/> element which
obtains its information from a URI rather than just a URL.

In OpenPGP, replacing a Policy URL with a Policy URI need not lead to    
conflicts with older software; inasfar as they interpret the subpacket,
they usually treat it either as a literal string that should be matched or
as something that can be presented in a browser.  The reason is that
policies cannot be interpreted by software -- they are usually written in
English.

Browsers are supposed to resolve URN-schemes; as far as they do not
recognise them they will consider the urn: start as a protocol, and of
course state that they do not support it.  Same goes for any other
downloading software.

In other words, the change of a Policy URL into a Policy URN seems
advantageous, and I cannot see how it could cause problems.  I therefore
warmly recommend changing it.


Thanks,

Rick van Rein,
OpenFortress Digital signatures

v2.23.0 | Report a Bug | By Email