IETF Logo Mail Archive

Re: [Uri-review] Registration request for "at" URI scheme

Eliot Lear <lear@lear.ch> Sun, 07 May 2023 07:38 UTC

Return-Path: <lear@lear.ch>
X-Original-To: uri-review@ietfa.amsl.com
Delivered-To: uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E38D5C151B02 for <uri-review@ietfa.amsl.com>; Sun, 7 May 2023 00:38:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.886
X-Spam-Level:
X-Spam-Status: No, score=-0.886 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=lear.ch
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VkKPA4BtGGZH for <uri-review@ietfa.amsl.com>; Sun, 7 May 2023 00:38:16 -0700 (PDT)
Received: from upstairs.ofcourseimright.com (upstairs.ofcourseimright.com [IPv6:2a00:bd80:aa::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F5A5C151719 for <uri-review@ietf.org>; Sun, 7 May 2023 00:38:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lear.ch; s=upstairs; t=1683445088; bh=vWUC1xM8D98/SkQyAHJUNkCwX+PAL7Eb1+e/KBgcsBQ=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=NJ8jOKR+wRWzD8oXAi0HJ0A9t2RfOWGxp8YrZpMkt3CiYpyy5bKwBQYxCYaCAVvga IycYJ01Jx2bapTBRDNoyA/Ie7L+L1PecnqnTcaUuDtIyHuauQWcFY4pG7mzyS/5cvZ UPOygQW56DJplgBtM4158REY4KTyK5REq2bVAOyw=
Received: from [192.168.0.99] (77-58-144-232.dclient.hispeed.ch [77.58.144.232]) (authenticated bits=0) by upstairs.ofcourseimright.com (8.15.2/8.15.2/Debian-22ubuntu3) with ESMTPSA id 3477c8LE135977 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Sun, 7 May 2023 09:38:08 +0200
Message-ID: <81587de4-d623-01d2-9a68-0f797a1eec6b@lear.ch>
Date: Sun, 07 May 2023 09:38:08 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.10.1
Content-Language: en-US
To: Melvin Carvalho <melvincarvalho@gmail.com>, Bryan Newbold <bryan@blueskyweb.xyz>
Cc: Paul Frazee <pfrazee@gmail.com>, uri-review@ietf.org, Devin Ivy <devin@blueskyweb.xyz>, Jay Graber <jay@blueskyweb.xyz>
References: <f456a86-b079-2bec-f698-f2fc4fb7e76b@robocracy.org> <CAKaEYhKaB9=NVGY_eQk3vq4zGEy_N7FNy9yj02wdz0DuHS2wqw@mail.gmail.com> <CABFYohi+CD33Hn9SnPk3Fk+_W3=8pwtnHeGF1KWVQZG4bV_hnA@mail.gmail.com> <CAKaEYhK=snie3_nAz3CdJoMDh=fx6zmGwbcc9m_jESdjV2ym3w@mail.gmail.com>
From: Eliot Lear <lear@lear.ch>
In-Reply-To: <CAKaEYhK=snie3_nAz3CdJoMDh=fx6zmGwbcc9m_jESdjV2ym3w@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------AjlDhl0DrHEG9rONFmRSt4kL"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uri-review/L7AdUTYVxnQeekbBcsJPyo0lvfg>
Subject: Re: [Uri-review] Registration request for "at" URI scheme
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uri-review/>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 May 2023 07:38:22 -0000

As another casual observer, can I suggest that you use a slightly more 
descriptive scheme name?  "at" is heavily overloaded, and a name that 
provides at least a guess what this is will serve the user better.

Eliot

On 07.05.23 03:26, Melvin Carvalho wrote:
>
>
> so 6. 5. 2023 v 21:22 odesílatel Bryan Newbold <bryan@blueskyweb.xyz> 
> napsal:
>
>     Hi Melvin! Thanks for your comments. Reply in-line below.
>
>     On Sat, May 6, 2023 at 8:24 AM Melvin Carvalho
>     <melvincarvalho@gmail.com> wrote:
>
>         The JSON objects already have 7 different types of
>         identifiers, and there's more (e.g. CID) and when you replace
>         did:plc it will be at least 9.  See:
>
>
>     This JSON document is a DID document, in W3C specification. I'm
>     not sure why the number of identifier types is relevant to this
>     URI scheme request.
>
>     At the level of the at:// URI scheme, we specify that a DID be
>     used, not that did:plc specifically is required. It is true that
>     there are a large number of DID resolution methods, and that from
>     a pragmatic standpoint we strongly recommend only using did:plc
>     and did:web in the AT Protocol ecosystem, but this is not a
>     constraint at the URI scheme level.
>
>     We will also take this as a reminder to finish formalizing and
>     register the did:plc resolution mechanism with W3C.
>
>         I think it ought not be an issue to register "at", but I
>         really think you might be saving yourself some trouble if you
>         hold off for a bit and complete the protocol.  at:// likely is
>         not needed at all.
>
>
>     Some aspects of the protocol are still under development, but our
>     use of the at:// URI schema is stable. There are third party
>     implementations of the protocol under development, and several
>     independent parties handling real-world data with AT URIs embedded
>     in them. This seems like an appropriate time to provisionally
>     register the URI scheme, and progress to "permanent" registration
>     when the protocol specification matures.
>
>         The HTTP identifiers can be done with http:// and the did
>         identifers can be done with did:, which is part of the design
>         of URIs.  There's not a huge need to put at:// in front of
>         either, IMHO
>
>
>      There are several good reasons to have a URI scheme distinct from
>     HTTP in AT Protocol, here are two:
>
>     Accounts ("repos") in AT Protocol are easy to migrate between
>     service providers. This means that the *location* of the current
>     authoritative host for a repo changes over time. An HTTP URL would
>     indicate one specific location for the repo and would go stale
>     after a migration. As you note above, we *do* use an HTTP URL for
>     the *current* location of the PDS, in the DID document, but this
>     value changes over time, while the AT URIs are intended to be stable.
>
>     Content in AT Protocol is re-distributable between multiple
>     services and actors, and the mechanism for transportation is
>     flexible. The current protocol uses HTTP and WebSocket, but
>     content can also stored in plan files on disk, etc. There is a
>     need to reference specific records ("resources") regardless of
>     location and transportation mechanism. This is what AT URIs are for.
>
>
> Thank you for the additional information. As a casual observer of this 
> list, I believe there should be no issue with this being a provisional 
> URI scheme. I happen to chair the W3C Nostr Community Group [1], and 
> I'm aware that BlueSky aims to interoperate with Nostr and other 
> protocols. Please feel free to join us for further discussion.
>
> Regarding the at:// protocol, designers must determine when to reuse 
> existing protocols and when to create new ones. The examples provided 
> for the at URI scheme [2] initially seemed quite similar to the http 
> protocol. While the hostnames like alice.host.com 
> <http://alice.host.com> look like http, you point out that the 
> authority may change over time and hence require a lookup.  That might 
> work, albeit with some added complexity.
>
> A minor note of caution is to ensure that the resulting URI adheres to 
> RFC3986, which does not allow for two hashes in the identifier. Be 
> mindful of this when designing the authority part or any other components.
>
> I'm excited to see how this project evolves, especially in the free 
> software community. There is hope is that the client-side app might be 
> open-sourced, since it has received much praise.
>
> [1] https://www.w3.org/community/nostr/
> [2] https://atproto.com/specs/at-uri-scheme
>
>
>     Cheers,
>
>     --bryan
>
>
> _______________________________________________
> Uri-review mailing list
> Uri-review@ietf.org
> https://www.ietf.org/mailman/listinfo/uri-review

v2.23.0 | Report a Bug | By Email