Re: [Uri-review] URI scheme registration request
"Roy T. Fielding" <fielding@gbiv.com> Sat, 14 November 2015 19:00 UTC
Return-Path: <fielding@gbiv.com>
X-Original-To: uri-review@ietfa.amsl.com
Delivered-To: uri-review@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB72A1ACF5E for <uri-review@ietfa.amsl.com>; Sat, 14 Nov 2015 11:00:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.365
X-Spam-Level:
X-Spam-Status: No, score=-2.365 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WXx_OReoU9NL for <uri-review@ietfa.amsl.com>; Sat, 14 Nov 2015 11:00:51 -0800 (PST)
Received: from homiemail-a110.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id 2838F1ACEE5 for <uri-review@ietf.org>; Sat, 14 Nov 2015 11:00:51 -0800 (PST)
Received: from homiemail-a110.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a110.g.dreamhost.com (Postfix) with ESMTP id B85EF2005E50D; Sat, 14 Nov 2015 11:00:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gbiv.com; h=content-type :mime-version:subject:from:in-reply-to:date:cc:message-id :references:to; s=gbiv.com; bh=rJV0ka2LKrhBzghwTEjoqP5Y0sI=; b=M ff1k/dREkfbDqlCfCOGcbwm3CxDFjv+RoCBT3riXyW1e9rhAKNIi+B/J3tFWGwsN Loo7nSIjSHFo3vx7zgTTy2B0uNHK61pydEphlYcsXcyuXFoUKI45ZtM2G942vAvH 8VheyWduyVamIRI+KMwcQ3eEKw2NWuH8r0DluIH/jE=
Received: from [192.168.1.2] (ip68-228-71-159.oc.oc.cox.net [68.228.71.159]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: fielding@gbiv.com) by homiemail-a110.g.dreamhost.com (Postfix) with ESMTPSA id 944F62005D807; Sat, 14 Nov 2015 11:00:50 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_69F5BDDB-54CE-4DFD-9952-04032FEFF15F"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: "Roy T. Fielding" <fielding@gbiv.com>
In-Reply-To: <5646C765.4050907@wasontech.com>
Date: Sat, 14 Nov 2015 11:00:50 -0800
Message-Id: <E3443077-C4D8-496E-BCD0-661F387831E3@gbiv.com>
References: <564531FC.7000606@wasontech.com> <2D58682309E75147BB3B286C815CAC7E2ACD0A184B@AUSX7MCPS308.AMER.DELL.COM> <5646C765.4050907@wasontech.com>
To: John Wason <wason@wasontech.com>
X-Mailer: Apple Mail (2.2104)
Archived-At: <http://mailarchive.ietf.org/arch/msg/uri-review/ZXTfNQ7PDxHBSccrqrrbGH5N-Ko>
Cc: uri-review@ietf.org
Subject: Re: [Uri-review] URI scheme registration request
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uri-review/>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Nov 2015 19:00:55 -0000
A URI scheme should define what it names and how that naming maps to the URI syntax.
There is nothing wrong with using separate schemes for different transports if those transports
are essential parts of the name (e.g., if something named Fred at TCP:80 is different from something
named Fred at UDP:89898). (I prefer using dots, like rr.tcp and rr.udp and rr.tcp.tls.)
The brace characters {} are not allowed in URIs. They are reserved for things like URI Templates
and local macros.
The proposed identifiers are a mix of hardcoded addresses and object identifiers. There is no
definition of the protocol being used after a connection is made. If UDP broadcast is being used
for node discovery, then what is it that the UDP packets are telling the clients? One of these URLs?
In short, I think you need to better document what each URI scheme means from the perspective of
a server and then what the client is expected to do with such a URI. It doesn't matter if this is all
internally defined in a library that the programmers don't have to worry about: we need to see
the details to make any sense of the scheme and its security implications.
....Roy
> On Nov 13, 2015, at 9:32 PM, John Wason <wason@wasontech.com> wrote:
>
> Would a web browser be able to understand a question mark in the URI? For instance, this is what a current URI looks like:
>
> tcp://192.168.1.2:48653/{7269993b-c6b0-4135-ba55-8129a9cc6402}/example.create.Create <tcp://192.168.1.2:48653/{7269993b-c6b0-4135-ba55-8129a9cc6402}/example.create.Create>
>
> This is obviously not going to work if I want to have a URI that can detect the protocol. So would this:
>
> rr://192.168.1.2:48653?transport=tcp/{7269993b-c6b0-4135-ba55-8129a9cc6402}/example.create.Create <rr://192.168.1.2:48653?transport=tcp/{7269993b-c6b0-4135-ba55-8129a9cc6402}/example.create.Create>
>
> be considered a valid URI if I were to write a plugin for a web browser that understands the "rr" scheme?
>
> On 11/14/2015 12:02 AM, David_Warden@Dell.com <mailto:David_Warden@Dell.com> wrote:
>> John,
>>
>> My suggestion is that you use a single “rr” URI scheme for all the variants. I suspect the client will more often know what transports are available than the URI generator will. While they probably have meaning to you, the variants aren’t all that descriptive in general. For example, I can tunnel TCP over USB and you can’t be much more nebulous than “cloud”. If you try and register each variant, it will make it harder on firewall administrators (for instance) who want to handle (allow/disallow) all rr protocols the same way (in principle). It will also clutter the parameters registry.
>>
>> You could include parameters to handle the variants like rr://foo?transport=tcp&security=tls <rr://foo?transport=tcp&security=tls>. You will probably need to define parameters anyway if you want to constrain the TLS negotiation at all (say by including the remote certificate thumbprint) or your other protocol details like PCI slot. You could define these in an RFC or other document.
>>
>> Regards,
>> David
>> (The above reflects my personal opinion and not necessarily that of my employer.)
>>
>> From: Uri-review [mailto:uri-review-bounces@ietf.org <mailto:uri-review-bounces@ietf.org>] On Behalf Of John Wason
>> Sent: Thursday, November 12, 2015 6:43 PM
>> To: uri-review@ietf.org <mailto:uri-review@ietf.org>
>> Subject: [Uri-review] URI scheme registration request
>>
>> Scheme Name:
>>
>> The requested scheme improvement is for use with Robot Raconteur, a communication framework for robotics and automation. It will have the basic form "rr://" for unsecured transport and "rrs://" for transports secured using StartTLS channel upgrade. Because Robot Raconteur is capable of running over multiple transports, the scheme will also need to specify which transport to use. This will be accomplished using the "rr" "plus" transport type. Currently in use transport schemes are:
>>
>> rr://foo <rr://foo> - Cloud Transport (always secure)
>> rr+cloud://foo <rr+cloud://foo> - Cloud Transport (always secure)
>> rr+tcp://foo <rr+tcp://foo> - TCP Transport
>> rrs+tcp://foo <rrs+tcp://foo> - TCP secure transport
>> rr+usb://localhost <rr+usb://localhost> - USB transport
>> rr+pci://localhost <rr+pci://localhost> - PCI/PCIe transport
>>
>> Possible schemes for future use with websockets (currently not used)
>> rr+ws://foo <rr+ws://foo>
>> rrs+ws://foo <rrs+ws://foo>
>> rr+wss://foo <rr+wss://foo>
>> rrs+wss://foo <rrs+wss://foo>
>>
>> Status:
>> Provisional
>>
>> Application/protocols that use this scheme name:
>> None
>>
>> Contact:
>> John Wason
>> Wason Technology, LLC
>> PO Box 669
>> Tuxedo, NY 10987
>> +1-518-279-6234
>> wason@wasontech.com <mailto:wason@wasontech.com>
>>
>> Change controller:
>> John Wason
>> Wason Technology, LLC
>> PO Box 669
>> Tuxedo, NY 10987
>> +1-518-279-6234
>> wason@wasontech.com <mailto:wason@wasontech.com>
>>
>> Reference:
>> Robot Raconteur is currently a proprietary software project. All documentation can be found at http://robotraconteur.com/documentation <http://robotraconteur.com/documentation> . It currently has port 48653 officially registered for TCP and UDP use along with the host names "robotraconteur" and "rr-discovery". Standardization is of interest however the exact method and commercial implications are still being investigated.
>>
>> Scheme Syntax:
>> See "Scheme Name"
>>
>> Scheme semantics:
>> Each scheme will point to a host (and possibly port). The host will be "localhost" for the hardware based protocols.
>>
>> Definition of Operations:
>> Asynchronous message stream using binary protocol.
>>
>> Context of Use:
>> Robot Raconteur communication protocol over port 48653 (where applicable).
>>
>> Internationalization and Character Encoding:
>> All strings in the message stream are encoded as UTF-8 and do not have any security implications. The only part of the URI expecting to contain international characters are hostnames registered through DNS.
>>
>> Security considerations:
>> Robot Raconteur is mainly used for communication over the local network except for the cloud transport. All transports over the internet use TLS or DTLS security using certificates matched to each node through a UUID unless the user specifically uses unsecured TCP. Nodes can be secured using password and certificate based authentication. The transport itself is immune to parsing attacks as it uses length prefixes for all data fields.
>>
>>
>> --
>> John Wason, Ph.D.
>> Wason Technology, LLC
>> PO Box 669
>> Tuxedo, NY 10987
>> (518) 279-6234
>> wason@wasontech.com <mailto:wason@wasontech.com>
>
> --
> John Wason, Ph.D.
> Wason Technology, LLC
> PO Box 669
> Tuxedo, NY 10987
> (518) 279-6234
> wason@wasontech.com <mailto:wason@wasontech.com>_______________________________________________
> Uri-review mailing list
> Uri-review@ietf.org <mailto:Uri-review@ietf.org>
> https://www.ietf.org/mailman/listinfo/uri-review <https://www.ietf.org/mailman/listinfo/uri-review>
- [Uri-review] URI scheme registration request John Wason
- Re: [Uri-review] URI scheme registration request Daniel R. Tobias
- Re: [Uri-review] URI scheme registration request John Wason
- Re: [Uri-review] URI scheme registration request David_Warden
- Re: [Uri-review] URI scheme registration request John Wason
- Re: [Uri-review] URI scheme registration request Roy T. Fielding
- Re: [Uri-review] URI scheme registration request David_Warden
- Re: [Uri-review] URI scheme registration request Dave Thaler
- Re: [Uri-review] URI scheme registration request John Wason
- Re: [Uri-review] URI scheme registration request Dave Thaler
- Re: [Uri-review] URI scheme registration request John Wason
- Re: [Uri-review] URI scheme registration request John Wason
- Re: [Uri-review] URI scheme registration request John Wason
- Re: [Uri-review] URI scheme registration request Ted Hardie
- Re: [Uri-review] URI scheme registration request Dave Thaler
- Re: [Uri-review] URI scheme registration request Roy T. Fielding
- Re: [Uri-review] URI scheme registration request John Wason
- Re: [Uri-review] URI scheme registration request Roy T. Fielding
- Re: [Uri-review] URI scheme registration request John Wason
- Re: [Uri-review] URI scheme registration request David_Warden
- Re: [Uri-review] URI scheme registration request Ted Hardie
- Re: [Uri-review] URI scheme registration request Graham Klyne
- Re: [Uri-review] URI scheme registration request John Wason