IETF Logo Mail Archive

Re: [Uri-review] Request for review

Timothy Mcsweeney <tim@dropnumber.com> Wed, 11 November 2020 16:10 UTC

Return-Path: <tim@dropnumber.com>
X-Original-To: uri-review@ietfa.amsl.com
Delivered-To: uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C4DD3A0FD6 for <uri-review@ietfa.amsl.com>; Wed, 11 Nov 2020 08:10:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wy6piTbDmgyF for <uri-review@ietfa.amsl.com>; Wed, 11 Nov 2020 08:10:42 -0800 (PST)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10ACD3A0E19 for <uri-review@ietf.org>; Wed, 11 Nov 2020 08:10:40 -0800 (PST)
Received: from oxuslxaltgw03.schlund.de ([10.72.76.59]) by mrelay.perfora.net (mreueus003 [74.208.5.2]) with ESMTPSA (Nemesis) id 0LuwOl-1kCzy50mH3-0102Bt for <uri-review@ietf.org>; Wed, 11 Nov 2020 17:10:40 +0100
Date: Wed, 11 Nov 2020 11:10:39 -0500
From: Timothy Mcsweeney <tim@dropnumber.com>
To: uri-review@ietf.org
Message-ID: <385332703.10610.1605111039889@email.ionos.com>
In-Reply-To: <1804062312.403587.1590622955990@email.ionos.com>
References: <491516506.246380.1589851279474@email.ionos.com> <CA+9kkMAdWj+qZA=3u_9vGG6KybHbk-vvj6LHfGakPTs4A7LoFg@mail.gmail.com> <1630462326.97358.1589928036619@email.ionos.com> <CA+9kkMDD28rg=J5BdkejyWyguN7M0A50T+0MGcn=UENLU4qwiQ@mail.gmail.com> <217485042.439703.1589938351012@email.ionos.com> <CA+9kkMB0gpvy5250tfa-hmJaetn9ihy8VwKEr+S__=Be4tT7uA@mail.gmail.com> <745178906.42051.1590103115859@email.ionos.com> <1804062312.403587.1590622955990@email.ionos.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.3-Rev26
X-Originating-Client: open-xchange-appsuite
X-Provags-ID: V03:K1:zPjQ+XmeUXv0S+zgJ+nh3DFwmdbdCKuoIwga87dzqDFYdtiYDBM BsLQKfsdbwjnqMtrSAQqS5W7OZGhkfH38TDWgbkC9Ga2Rgg1VtRDILvhfDD7RVJmOq171xd 9X2zJC9tASTWnyQxi2Z13AucP6+HZLBPnGXeu61affbIAIUQ7twHz3oaLuvDUoeoxJCoDcI +UR+sZp/G7wAmm6+z2geQ==
X-UI-Out-Filterresults: notjunk:1;V03:K0:jd9/Mv05Hos=:2vyPCP522wMsj9Me2+V+28 zeN6gw+jMf1acnuzJYVRiG9kO1onF3AdaPQ5oR9SD0NcKnEyO3XaDNfaoZWaNsj99a6ytQpJu LDKj1M7Fwat4r6YDvYyei4BTu3G0hv+1/jxsKl0CkneX/8IKNM/UlvpykXQHW3ffq6KbUtjAJ wQZwDspksh2hZKRMHnt00M3Mb2hs20RYWaJC5JnL/AOSoI7DAK2O7TI7HxQ5w5Tduq5Iot+mZ 7dndBb7aTN4Maoy3GAdPyLzoHVWqIIw7wGDa76scRHn3a57qKjrX1YbkxvOEtQq1EdY22yXHS vzLhPTCIwZ7ufY/767SVcy/br0tgLArInG7X3sLGmz0Oc8Uc0ISzqh3u6Ibt6lMth22aPbtKP TcMmnZAQXxm1WllnojiNSxmYPWRdrP8fAGLBZKXZHJ7FX85XRGQrq+2ih05h8VQDjZE6Nu5tz EALvTRq5VQ==
Archived-At: <https://mailarchive.ietf.org/arch/msg/uri-review/GDszy9qlq6MGmT4kQY4h1Oc32lE>
Subject: Re: [Uri-review] Request for review
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uri-review/>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Nov 2020 16:10:49 -0000

text version:
Just putting this conversation up here to show that Ted brought up some good points that I have fixed in the second draft.


> On 05/27/2020 7:42 PM Timothy Mcsweeney <tim@dropnumber.com> wrote:
> 
> 
> Just putting this conversation up here to show that Ted brought up some good points that I have fixed in the second draft.
> > On May 21, 2020 at 7:18 PM Timothy Mcsweeney <tim@dropnumber.com> wrote: 
> > 
> > 
> > Hi Ted,
> > I have a question for you. In your last couple emails when you said the words "permanent identifier", did you mean:
> > 
> > the string always matches the same object forever
> > -or-
> > the string will always be an identifier for these particular types of objects
> > -or-
> > the string is disposable and there will never be another string like it again.
> > 
> > Thanks,
> > Tim
> > > On May 20, 2020 at 6:42 PM Ted Hardie < ted.ietf@gmail.com> wrote:
> > > 
> > > 
> > > On Tue, May 19, 2020 at 6:32 PM Timothy Mcsweeney < tim@dropnumber.com> wrote:
> > > >
> > > > Ted,
> > > > Thank you very much for the feedback. Would I be correct in deducing from your reply that if the 'drop' scheme remained a locator that you would recommend it remain a URI over a URN?
> > > > Tim
> > > 
> > > Because you can use the DDDS to get from a URN to the a retrieval
> > > step, I'm not sure that's the critical property for me. I think for
> > > me the difference is whether the drop-string is unique or not. As an
> > > example, a URN with a NBN
> > > ( https://en.wikipedia.org/wiki/National_Bibliography_Number) can go
> > > through a resolver to identify a specific resource. In cases like
> > > NBNs (or RFC numbers, for which there are also URNs), the number is
> > > never reassigned; the issuer guarantees that the NBN will change if
> > > the resource changes.
> > > 
> > > If you are constructing an identifier that is unique but will have
> > > internal references which change (e.g. if the telephone number or
> > > address associated with it change), you can still use a URN, but it
> > > will be associated will be a meta-identifier for the collection of
> > > changing versions. That's how vCard's CLIENTPIDMAP works, for
> > > example. It sort-of sounds like drop-strings would be dereferenable
> > > versions of this, via something like
> > > CLIENTPIDMAP.well-known-domain.example. The usefulness of that gets
> > > back to the question we discussed before,of whether these are mnemonic
> > > or not; discovering the right drop-string to use becomes a major part
> > > of the exercise.
> > > 
> > > In general, I think the vCard case might be a useful one for you to
> > > spend some time with, because it may be easier to communicate what
> > > drop-string will do if you relate it to an existing case.
> > > 
> > > regards,
> > > 
> > > Ted Hardie
> > > 
> > > 
> > > >
> > > > Hi Tim,
> > > > On Tue, May 19, 2020 at 3:40 PM Timothy Mcsweeney < tim@dropnumber.com> wrote:
> > > > Hi Ted,
> > > > Thank you for taking the time to have a look at the draft. I had not considered the use of more than one domain. I will be sure to clarify that there will only be one second level domain used for http. Because I am limited to four flags in the DDDS, at this time I would say my intent would be the same as listed. You are probably right when saying that section will need a rewrite.
> > > > Your statement about the drop-string functioning as a permanent identifier with the current telephone number, address, or other contact methods being available as a retrieved resource is spot on but in my head it is a locator. I'm going to give that some more thought. Generally speaking, is this draft something that you would personally find appealing to use?
> > > > If this intended to be a permanent identifier and you intend to use the DDDS, I would suggest you consider either a URN or, if you want to look outside the IETF, at an implementation of the handle system, which is currently maintained by the DONA foundation. If you stick with a URN, the result would be a string like this:
> > > > urn:drop:nss-specific-string
> > > > Drop is the namespace identifier (NID) in this case. The issuer assigned that NID is the issuer of names-specific-strings and has to maintain certain guarantees related to uniqueness, which may or may not work for you depending on your application model. There is, however, already a specification for how to use the DDDS to retrieve URNs (RFC 3402) as well as some experience with S-NAPTR (RFC 3958), which may simplify your deployment.
> > > > Your question about whether or not I feel this would be appealing to use is a little hard to answer without knowing more about the construction of the resources it returns and the creation of the strings. If they are essentially random, the deployment model is hard to get going because the users are trading a series of mnemonic strings for an opaque one. vCards (RFC 6350), for example, can contain a UUID in URN form; this is unique, but not memorable. Systems can use it to confirm that a vCard is a new entry in a contacts database, but the URN UUIDs do not really replace any of the entries in the vCard in other contexts. If the strings are not random, then you get markets in the names, along with risks of squatting and so on. Even for the opaque strings there have been such markets (sales of mnemonic telephone numbers, for example, where either keypad mapping or repeating numbers are valued as easy to remember). Those markets (for domain names, twitter handles, and so on) ten
 d to produce a lot of work in balancing the needs of those trying to maintain trademarks and those wishing to create new marks and identifiers.
> > > > regards,
> > > > Ted Hardie
> > > >
> > > > Sincerely,
> > > > Tim
> > > > On May 19, 2020 at 11:45 AM Ted Hardie < ted.ietf@gmail.com> wrote:
> > > > Hi Tim,
> > > > Thanks for the pointer to the draft. I think there are two issues here which are large enough that you may wish to think about the implied architecture. The first is a syntactic issue: the use of "#" as the only delimiter in the proposed URIs. As RFC 3986 describes it, the "#" delimiter is used for identifying fragments and is thus dependent on the MIME type of the retrieved object:
> > > > The fragment's format and resolution is therefore
> > > > dependent on the media type [RFC2046] of a potentially retrieved
> > > > representation, even though such a retrieval is only performed if the
> > > > URI is dereferenced.
> > > > This does not appear to match your usage. The usage you appear to be seeking is a transposition of the string to a subdomain of a well-known domain, so that a client can attempt retrieval via the three methods you enumerate; it is not clear from the document whether there will ever be more than one permitted domain here. A simpler implementation would appear to be drop:drop-string.well-known-domain.example.
> > > > Second, your document appears to imply that the drop string is used to augment existing telephone numbers and addresses, but it is not terribly clear how it does this. One interpretation might be that the drop-string functions as a permanent identifier with the current telephone number, address, or other contact methods being available as a retrieved resource. This section:
> > > > Primarily functioning as a locator there are three ways to get to a
> > > > 'drop' URI resource, http, srv records, and private resolution for
> > > > anything not found using the previous two methods. The first, or
> > > > default, action is when an application invokes the 'drop' URI it will
> > > > cause a lookup for matching application information starting with an A
> > > > record [RFC1035], then on to Service records [RFC2782], and then on to
> > > > other available records that may offer a new rule set for resolution.
> > > > raises a problem with this approach: the records returned by SRV are fundamentally different, in that they are onward pointers to other domains and resolutions. If the implication is that HTTP is always used to retrieve drop records and the appropriate server is discovered by either using an A record, an SRV record, or private resolution, then this section needs a major re-write (to include AAAA records and to clarify the intent). It's also not clear what long lived utility a new scheme serves here if the result is always https://some-string.discovered-domain.example/ .
> > > > If there were a different guarantee of uniqueness than the DNS, this would seem closer to a URN than other URI forms, or possibly an implementation of the handle system (as DOIs are). There is, unfortunately, not enough detail in the draft on the overall system to be confident of that.
> > > > regards,
> > > > Ted Hardie
> > > >
> > > > On Mon, May 18, 2020 at 6:21 PM Timothy Mcsweeney < tim@dropnumber.com> wrote:
> > > > Hello everyone,
> > > > This is a request for a review of the 'drop' URI scheme. The draft can be found here < " rel="noopener" target="_blank" data-mce-href="https://datatracker.ietf.org/doc/draft-mcsweeney-drop-scheme/>">https://datatracker.ietf.org/doc/draft-mcsweeney-drop-scheme/> (https://datatracker.ietf.org/doc/draft-mcsweeney-drop-scheme/). Thank you.
> > > > Sincerely,
> > > > Tim McSweeney
> > > > _______________________________________________
> > > > Uri-review mailing list
> > > > Uri-review@ietf.org
> > > > https://www.ietf.org/mailman/listinfo/uri-review
> > > >
> > > >
> > > >
> > > >
> > > >
> 
>

v2.23.0 | Report a Bug | By Email