IETF Logo Mail Archive

Re: [Uri-review] [IANA #1270959] Registration of dhttp Schema name (uri-schemes)

Ted Hardie <ted.ietf@gmail.com> Thu, 20 April 2023 08:56 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: uri-review@ietfa.amsl.com
Delivered-To: uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D652C15154F for <uri-review@ietfa.amsl.com>; Thu, 20 Apr 2023 01:56:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NMqauONvJBpd for <uri-review@ietfa.amsl.com>; Thu, 20 Apr 2023 01:56:44 -0700 (PDT)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 967ABC14CE40 for <uri-review@ietf.org>; Thu, 20 Apr 2023 01:56:44 -0700 (PDT)
Received: by mail-ed1-x534.google.com with SMTP id 4fb4d7f45d1cf-504dfc87927so716042a12.0 for <uri-review@ietf.org>; Thu, 20 Apr 2023 01:56:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681981002; x=1684573002; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=6owDmKVAWYYNRVs4aa8yfsXknswo73csfsupJkXF6po=; b=nhNvADQzzHlR0VU1E+tBtClryGF52hF/dx8ssBJF5ZvEgc+OZ/Fgi2Q3xI6dbsFLZr kiYFbLtOiHw6cVzTgFL711rDGR4G70XbRL4B4wA6pjVr+DPp9ydph8S7zBDAbbhQjR19 8WzwxQ2dDtLGFvKpz2MqDNUZ+bORoGXtRGOAgLumphglFhbF2RRNfjnUpYx5W0wgIUCQ X9lar2J3yRx2A+Uwy9vkh0fWqF69FhpcPz41LI9Xwvi/xBEbspg88xtbI5aB6nsKybFZ d5o8l1pUcUddqdrasFg7YNu2qkq0F298u3I1B7v7xZBSZbEnzqQARrWus+ztVuj9wQC1 K9yQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681981002; x=1684573002; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6owDmKVAWYYNRVs4aa8yfsXknswo73csfsupJkXF6po=; b=SqzpELwmLvjTfxG6xE9HhxTat2jTM5OIBAiYkETXqMD7+wo/OO9Bdj1VxmMHCEUuSa n2sk+/cXJdi0mLJz5yQazzNppfun7ELZQ5bhZkgEJ3uapdQ68ChSTAW7S3NKLeM+Bhoh 4xDBQTu2zHdHG81Eq5Y/RwENU83YTGEdzlGuwa6f33F5ElVKFxRWAQxoAy9sdZAzQqCc +yJGChi7Nwqc7cu0IAaqMDFzl25ftNo9prI8i7JeLjJDo7Q3rrLw3Rx3+9imSSIWHsyg aD5blnLEK3wZBM3gN1sWNnIj+uEsYV/t4asOFSOxNWWlXjQONUv+QFxn/KyWOKkI+KW1 Vmew==
X-Gm-Message-State: AAQBX9dRD3UqkKed2tLrcnIZpuTRlfXm+pnQoLqOU8jAyLR7Ug7Cy10+ i78afiJdUBUxqyT42oGbkl7QjDWa+RETegaSNeVVpIXvbcNC6w==
X-Google-Smtp-Source: AKy350ZTe1N71NhAquZ0pZx8Xm38uchC2Z31yGlPvpWm6N9AWl40G8PumdgCxrdkVsPCBzgntPY66Od0FUUnboDqNAU=
X-Received: by 2002:a05:6402:1a42:b0:506:8838:45cc with SMTP id bf2-20020a0564021a4200b00506883845ccmr989516edb.6.1681981002326; Thu, 20 Apr 2023 01:56:42 -0700 (PDT)
MIME-Version: 1.0
References: <RT-Ticket-1270959@icann.org> <CAEp-PA_SGScCnxZjpFszTPR+uR==R2gjNV-QoBLiWHok7fvXWA@mail.gmail.com> <rt-5.0.3-126466-1681773256-807.1270959-37-0@icann.org> <24115C2D-8C2F-45D5-BB80-C30F653C019B@gbiv.com> <CA+9kkMAOiVqt5Ywr5ZpL1vNWZDQrraW+2E__ZzWJS6NVuc1rPw@mail.gmail.com> <0D46F593-6FB8-4E30-ABAC-B847BAB809AB@gbiv.com>
In-Reply-To: <0D46F593-6FB8-4E30-ABAC-B847BAB809AB@gbiv.com>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Thu, 20 Apr 2023 09:56:15 +0100
Message-ID: <CA+9kkMBqWqkBRrtb31KO-3CeCUCqCWUxrb4yDXmQM_xXa-HUpQ@mail.gmail.com>
To: "Roy T. Fielding" <fielding@gbiv.com>
Cc: iana-prot-param@iana.org, uri-review@ietf.org
Content-Type: multipart/alternative; boundary="00000000000029a58705f9c0b829"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uri-review/TGpUb0fiG6iBi0l_PkQmpMT2oXI>
Subject: Re: [Uri-review] [IANA #1270959] Registration of dhttp Schema name (uri-schemes)
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uri-review/>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Apr 2023 08:56:49 -0000

Hi Roy,

Some additional thoughts in-line.

On Wed, Apr 19, 2023 at 7:25 PM Roy T. Fielding <fielding@gbiv.com> wrote:

> Hi Ted,
>
> I've always believed that such processes are describing the technical
> review of
> registered names rather than matter-of-fact social review. I would expect
> things
> like libel, profanity, racism, or cooption of existing names to be blocked
> somewhere
> regardless of the RFC.  By blocked somewhere, I mean we should have a
> general
> mechanism for quickly approving/denying questionable entries even if
> "provisional"
> is  supposed to be an easy path for technical questions.
>
>
>From one perspective, the provisional registry exists to document schemes
that are in use or are expected to be encountered in the wild; that's why
there is a 3rd party registration option.  So the shift to FCFS was really
to help ensure that the registry was complete, no matter how the URI scheme
came to be minted.  That said, there is a mechanism to object, in Section
7.1:

   The IANA policy (using terms defined in [RFC5226
<https://www.rfc-editor.org/rfc/rfc5226>]) for 'provisional'
   registration was formerly Expert Review; this document changes the
   policy to First Come First Served.  The policy for 'permanent' and
   'historical' registration continues to be Expert Review.

   The registration procedure is intended to be very lightweight for
   noncontentious registrations.  For the most part, we expect the good
   sense of submitters and reviewers, guided by these procedures, to
   achieve an acceptable and useful consensus for the community.

   In exceptional cases, where the negotiating parties cannot form a
   consensus, the final arbiter of any contested registration shall be
   the IESG.

Given that web3 was already registered, I don't personally see that dhttp
is over the line that has already been set, but you can go to the IESG with
your concerns and ask for a review.  My question to you and the IESG would
then be: is this going to be encountered in the wild?  If so, I would
suggest that it be included, even if it might be distasteful to do so.
Hiding it in the registry won't stop anyone from minting or using it, as we
have seen multiple times in the past.

Again, just my opinion.

regards,

Ted



> I don't believe {short-prefix}{ietf-standard} should ever be allowed as a
> provisional registration unless the owner is IETF.  That should be assumed
> of
> any IANA registry.  I don't think we need an RFC to state that
> "https-sucks"
> does not belong in the provisional registry, for the same reason.
>
> ....Roy
>
>
> On Apr 19, 2023, at 2:18 AM, Ted Hardie <ted.ietf@gmail.com> wrote:
>
> Hi Roy,
>
> The current list of requirements for provisionals is in RFC 7595, Section
> 4:
>
> The scheme name must meet the syntactic requirements of  Section 3.8.
>
>    o  There must not already be an entry with the same scheme name.  In
>       the unfortunate case that there are multiple, different uses of
>       the same scheme name, the Designated Expert can approve a request
>       to modify an existing entry to note the separate use.
>
>    o  Contact information identifying the person supplying the
>       registration must be included.  Previously unregistered schemes
>       discovered in use can be registered by third parties (even if not
>       on behalf of those who created the scheme).  In this case, both
>       the registering party and the scheme creator SHOULD be identified.
>
>    o  If no permanent, citable specification for the scheme definition
>       is included, credible reasons for not providing it SHOULD be
>       given.
>
>    o  The scheme definition SHOULD include clear security considerations
>       (Section 3.7) or explain why a full security analysis is not
>       available (e.g., in a third-party scheme registration).
>
>    o  If the scheme definition does not meet the guidelines laid out in
>       Section 3, the differences and reasons SHOULD be noted.
>
> While it may be the case that using 'dhttp' implies something to humans
> about the relationship to other schemes, it meets the current test that
> "there must not already be an entry with the same scheme name".  As you
> will no doubt recall, we loosened the registration of provisionals in this
> way because folks were minting URI schemes without registration and the
> risk of collision was getting worse as a result.
>
> I am not as clear, though, about whether this registration is intended to
> deprecate web3 (which is also a provisionally registered URI scheme) so
> that web3 could be marked historic.  If that is the case, we could at least
> eliminate the alias scheme issue which you note below.
>
> Just my personal opinion, of course,
>
> Ted
>
> On Tue, Apr 18, 2023 at 4:45 PM Roy T. Fielding <fielding@gbiv.com> wrote:
> >
> > Is there a way that we can block provisional registrations that are
> actively harmful?
> >
> >   1) this is abusing the existing http and https schemes;
> >   2) alias schemes are harmful, in general; and,
> >   3) web3 is a scam that we shouldn't make respectable by association
> with HTTP.
> >
> > .....Roy
> >
> >
> > > On Apr 17, 2023, at 4:14 PM, Sabrina Tanamal via RT <
> iana-prot-param@iana.org> wrote:
> > >
> > > Hi Qi,
> > >
> > > We've added provisional URI scheme dhttp to the registry:
> > >
> > > https://www.iana.org/assignments/uri-schemes/prov/dhttp
> > >
> > > Registry: https://www.iana.org/assignments/uri-schemes
> > >
> > > Per the designated expert for URI Schemes registry, we're also
> notifying the uri-review@ietf.org mailing list upon completing a
> provisional registration.
> > >
> > > Best regards,
> > >
> > > Sabrina Tanamal
> > > Lead IANA Services Specialist
> > >
> > > On Mon Apr 17 03:05:35 2023, qizhou@web3q.io wrote:
> > >> Hi Amanda,
> > >>
> > >> We would like to register dhttp:// schema with the following
> information
> > >>
> > >> Schema name: dhttp
> > >>
> > >> Status: Provisional
> > >>
> > >> Applications/protocols that use this scheme:
> > >>
> > >> This schema dhttp:// is the alias of schema web3://
> > >>
> > >> Contact:
> > >>
> > >> Qi Zhou
> > >> 55 E 3rd Ave, San Mateo, CA 94401
> > >> mailto: qizhou@web3q.io
> > >>
> > >> Change controller:
> > >>
> > >> Qi Zhou
> > >> 55 E 3rd Ave, San Mateo, CA 94401
> > >> mailto: qizhou@web3q.io
> > >>
> > >> References:
> > >>
> > >> A draft specification can be found at
> > >> https://eips.ethereum.org/EIPS/eip-4804 (replacing web3:// with
> dhttp://)
> > >>
> > >> Scheme syntax:
> > >>
> > >> "dhttp://" [userinfo "@"] contractName [":" chainid] path ["?" query]
> > >>
> > >> Thanks!
> > >>
> > >> Best regards,
> > >>
> > >> - Qi
> > >
> > > _______________________________________________
> > > Uri-review mailing list
> > > Uri-review@ietf.org
> > > https://www.ietf.org/mailman/listinfo/uri-review
> > >
> >
> > _______________________________________________
> > Uri-review mailing list
> > Uri-review@ietf.org
> > https://www.ietf.org/mailman/listinfo/uri-review
> _______________________________________________
> Uri-review mailing list
> Uri-review@ietf.org
> https://www.ietf.org/mailman/listinfo/uri-review
>
>
>

v2.23.0 | Report a Bug | By Email