Re: [urn] [IANA #1275238] URN:NAN registration request

John C Klensin <> Fri, 23 June 2023 04:10 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 481BCC17EB77 for <>; Thu, 22 Jun 2023 21:10:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Bt0y5TvOiTuI for <>; Thu, 22 Jun 2023 21:10:18 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4521AC17EB59 for <>; Thu, 22 Jun 2023 21:10:17 -0700 (PDT)
Received: from [] (helo=PSB) by with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <>) id 1qCY7j-0001BY-Tv; Fri, 23 Jun 2023 00:10:15 -0400
Date: Fri, 23 Jun 2023 00:09:54 -0400
From: John C Klensin <>
To: Peter Saint-Andre <>
Message-ID: <2D3F6397996346B5CF98A9BF@PSB>
In-Reply-To: <>
References: <> <AS8P250MB0911A579297B901351E97A2EE85DA@AS8P250MB0911.EURP250.PROD.OUTLOOK.COM> <> <>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-SA-Exim-Scanned: No (on; SAEximRunCond expanded to false
Archived-At: <>
Subject: Re: [urn] [IANA #1275238] URN:NAN registration request
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Revisions to URN RFCs <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 23 Jun 2023 04:10:23 -0000


In my capacity as a long-ago dropout from the review effort, I
have nonetheless let my curiosity get the best of me and read
through the application.  It raises one question that I think
would be usefully addressed: even if it is just an example to be
considered by others, what recommendation would Finland make
about when to use an NBN (RFC 8458 and mentioned in the
application) and when to use an NAN?  Given that national
entities make up their own rules, it would almost certainly be
inappropriate to have a firm rule.  However, given that
"national archives and their partner organizations" would often
include the national libraries that are the assigners of NBNs,
some advisory suggestions as to the boundary would, I think, be
helpful.  If not, why not just use NBNs and assign subspace
identifiers to the archives and such other their partners who
are not already partners of the libraries?


--On Thursday, June 22, 2023 21:02 -0600 Peter Saint-Andre
<> wrote:

> Dear Amanda:
> [moving to bcc]
> Procedurally, as defined in RFC 8141, registrants are to send
> their requests to the discussion list so that the
> expert review team can provide feedback. Once that is done,
> the team lead (me) will contact IANA about adding the
> namespace to the registry.
> Upon cursory review this registration request appears to be in
> good order, so you might want to leave the ticket open since
> (barring unforeseen circumstances) I expect that the expert
> review team will approve it in the next few weeks.
> I'll be back in touch after list discussion and team review.
> Many thanks,
> Peter
> On 6/22/23 4:55 PM, Amanda Baber via RT wrote:
>> Dear URN experts,
>> IANA has received a request to add "NAN" to the Formal URN
>> Namespaces registry. See the template and request below. The
>> requester is copied on this message.
>> If this ticket should be closed, please let us know.
>> thanks,
>> Amanda Baber
>> IANA Operations Manager
>> ====
>> Namespace Registration for National Archive Number (NAN)
>> Namespace ID:  NAN Requested of IANA.
>> Version:  1
>> Date:  2023-06-21
>> Registrant: The National Archives of Finland
>> Name: Lauri Leinonen
>> E-mail:
>> Affiliation: The National Archives of Finland
>> Address: Kansallisarkisto, Rauhankatu 17, P.O.Box 258, 00171
>> Helsinki. Web URL:
>> Requesting entity is the national archive of Finland.
>> Purpose:
>> National Archive Number is a generic name for any identifier
>> system used by national archives and their partner
>> organizations to identify archival collections and resources.
>> There has been no need to develop an international standard
>> identifier for archival resources. Resources in archival
>> collections are usually unique and therefore archive-specific
>> identifier systems have been sufficient. Many national
>> archives have developed their own identifier systems, but
>> such identifiers are unique only locally.
>> Digitization or archival resources and long term preservation
>> of such digital surrogates has created a need for developing
>> a globally unique, persistent and actionable identifier
>> system for the national archives and their partner
>> organizations. With URN:NAN, existing local identifier
>> systems meet this requirement.
>> NAN assignment:
>> National Archive Number (NAN) is a generic term referring to
>> a group of identifier systems administered by national
>> archives and institutions authorized by them. The NAN
>> assignment is typically performed by the organization hosting
>> the resource.
>> Assignment of NAN-based URNs is controlled on a national
>> level by the national archive (or national archives, if there
>> is more than one). National guidelines can differ, but the
>> identified resources themselves are usually persistent.
>> NAN assignment policies may differ. Manual assignment by the
>> archive personnel provides the tightest control. In many
>> (national) archives, NANs are also generated programmatically
>> as a part of e.g. digitization processes. Usage rules can
>> vary within one country, between URN:NAN sub-namespaces.
>> Each national archive uses NANs independently of other
>> national archives; apart from this registration, there are no
>> guidelines that specify or control NAN usage. As such, NANs
>> are unique only on the national level. When used as URNs,
>> base NAN strings MUST be augmented with a controlled prefix,
>> which is the particular nation's ISO 3166-1 alpha-2
>> two-letter country code (referred to as "ISO country code"
>> below).  These prefixes guarantee uniqueness of the URN:NANs
>> at the global scale.
>> National archives using URN:NANs usually specify local
>> assignment policies for themselves. Such policy can limit the
>> URN:NAN usage to, e.g., the born digital or digitized
>> resources stored in the national archive's fonds.  Although
>> this specification does not specify principles for URN:NAN
>> assignment policies that can be applied, NANs assigned to
>> resources which are not archived permanently should not be
>> made URN:NANs unless such policy can be justified.
>> NANs as such are locally but not globally unique; two
>> national archives can assign the same NAN to different
>> resources. A prefix, based on the ISO country code as
>> described above, guarantees the global uniqueness of
>> URN:NANs. Once an NAN has been assigned to a resource, it
>> MUST be persistent, and therefore URN:NANs are persistent as
>> well.
>> A URN:NAN, once it has been generated from a NAN, MUST NOT be
>> reused for another resource.
>> Users of the URN:NAN namespace MUST ensure that they do not
>> assign the same URN:NAN twice. Different policies can be
>> applied to guarantee this.  For instance, NANs and
>> corresponding URN:NANs can be assigned sequentially by
>> programs in order to avoid human mistakes. It is also
>> possible to use printable representations of checksums such
>> as SHA-1 [RFC6234] as NANs.
>> Syntax:
>> URN:NAN syntax is equivalent to the URN:NBN syntax. The
>> Namespace-Specific String (NSS) consists of three parts:
>> •	a prefix consisting of an ISO 3166-1 alpha-2 country code
>> and optional sub-namespace code(s) separated by a colon(s);
>> •	a hyphen (-) as the delimiting character; and,
>> •	an NAN string assigned by the national archive or
>> sub-delegated authority.
>> The following formal definition uses ABNF [RFC5234].
>>      nan-nss     = prefix "-" nan-string
>>      prefix      = iso-cc *( ":" subspc )
>>                  ; The entire prefix is case insensitive.
>>      iso-cc      = 2ALPHA
>>                  ; Alpha-2 country code as assigned by part 1
>>                  of ISO 3166 ; (identifies the national
>>                  archive to which the branch ; is delegated).
>>      subspc      = 1*(ALPHA / DIGIT)
>>                  ; As assigned by the respective national
>>                  archive.
>>      nan-string  = path-rootless
>>                  ; The "path-rootless" rule is defined in RFC
>>                  3986. ; Syntax requirements specified in RFC
>>                  8141 MUST be ; taken into account.
>> A colon SHOULD be used within the prefix only as a delimiting
>> character between the ISO 3166-1 country code and
>> sub-namespace code(s), which splits the national namespace
>> into smaller parts.
>> The structure (if any) of the NAN_string is determined by the
>> authority for the prefix. Whereas the prefix is regarded as
>> case insensitive, NAN strings can be case sensitive at the
>> preference of the assigning authority; parsers therefore MUST
>> treat these as case sensitive, and any case mapping needed to
>> introduce case insensitivity is the responsibility of the
>> relevant resolution system.
>> A hyphen SHOULD be used as the delimiting character between
>> the prefix and the NAN string.  Within the NAN string, a
>> hyphen MAY be used for separating different sections of the
>> identifier from one another.
>> All two-letter codes are reserved by the ISO 3166 Maintenance
>> Agency for either existing or possible future ISO country
>> codes (or for private use).
>> Sub-namespace identifiers MUST be registered on the national
>> level by the national archive that assigned the identifier.
>> The list of such identifiers can be made publicly available
>> via the Web.
>> Note that because case mapping for ASCII letters is
>> completely reversible and does not lose information, the case
>> used in case-insensitive matching is a local matter.
>> Implementations can convert to lower or upper case as they
>> see fit; they only need to do it consistently.
>> Encoding considerations and lexical equivalence:
>> Expressing NANs as URNs is usually straightforward, as
>> normally only ASCII characters are used in NAN strings. If
>> this is not the case, non-ASCII characters in NANs MUST be
>> translated into canonical form as specified in RFC 8141. If a
>> national archive uses NANs that can contain percent-encoded
>> characters higher than U+007F, the archive needs to carefully
>> define the canonical transformation from these NANs into
>> URNs, including normalization forms.
>> When an NAN is used as a URN, the NSS MUST consist of three
>> parts:
>> •	a prefix, structured as a primary prefix, which is a
>> two-letter ISO 3166-1 country code of the national arcive's
>> country, and zero or more secondary prefixes that are each
>> indicated by a delimiting colon character (:) and a
>> sub-namespace identifier;
>> •	a hyphen (-) as a delimiting character; and,
>> •	the NAN string.
>> Different delimiting characters are not semantically
>> equivalent.
>> The syntax and roles of the three parts listed above are
>> described in the previous paragraph.
>> If there are several national archives in one country or if
>> the national archive consists of several independent units,
>> these archives MUST agree on how to divide the national
>> namespace between themselves using this method before the
>> URN:NAN assignment begins in any of these archives.
>> A national archive MAY also assign URN:NAN sub-namespaces to
>> other organizations with archival fonds such as government
>> institutions.  The sub-namespace MAY be further divided by
>> the partner organization. All sub-namespace identifiers used
>> within a country-code-based namespace MUST be registered on
>> the national level by the national archive that assigned the
>> code.  The national register of these codes SHOULD be made
>> available online.
>> Being part of the prefix, sub-namespace identifier strings
>> are case-insensitive. They MUST NOT contain any colons or
>> hyphens.
>> Formally, two URN:NANs are lexically equivalent if they are
>> octet-by-octet equal after the following (conceptional)
>> preprocessing:
>>     1.  convert all characters in the leading "urn:nan:"
>>     token to a single case;
>>     2.  convert all characters in the prefix (country code
>>     and its optional sub-divisions) to a single case; and,
>>     3.  convert all characters embedded in any
>>     percent-encodings to a single case.
>> Models (indicated line break inserted for readability):
>>        URN:NAN:<ISO 3166 alpha-2 country code>-<assigned NAN
>>        string>
>>        URN:NAN:<ISO 3166 alpha-2 country code>:<sub-namespace
>>        code>-\ <assigned NAN string>
>>     Example:
>>        URN:NAN:fi:ka:a-1510439051
>> Security and Privacy:
>> This document defines means of encoding NANs as URNs.  A URN
>> resolution service for NAN-based URNs is technically possible
>> but not described herein; thus, questions of secure or
>> authenticated resolution mechanisms and authentication of
>> users are out of scope of this document.
>> Although no validation mechanisms are specified on the global
>> level (beyond a routine check of those characters that
>> require special encoding when employed in URIs), NANs
>> assigned by any given authority can have a well-specified and
>> rich syntax (including, e.g., fixed length and checksum). In
>> such cases, it is possible to validate the correctness of
>> NANs programmatically.
>> Issues regarding intellectual property rights or
>> confidentiality associated with objects identified by the
>> URN:NANs are beyond the scope of this document, as are
>> questions about rights to the databases that might be used to
>> construct resolution services.
>> No specific security threats have been identified for
>> URN:NANs.
>> Interoperability:
>> There is no international standard identifier system URN:NANs
>> would replace. URN:NAN is compliant with existing local
>> identifier systems, and will assist the national archives and
>> their partners in making these systems actionable and
>> globally unique.
>> Some overlap with other URN namespaces is possible, depending
>> on the archived resources.
>> NANs may contain characters which must be percent-encoded
>> when presented as URN:NANs.
>> Resolution:
>> Depending on the local policy and the nature of the
>> identified resource, URN:NANs may or may not be actionable.
>> No centralized resolution service for URN:NANs will be
>> established. Country-code-based prefix part of the URN:NAN
>> namespace-specific string will provide a hint needed to find
>> the correct resolution service for a URN:NAN.
>> Additional Documentation:
>> None
>> Revision Information:
>> None.
>> References:
>> None.
>> On Wed Jun 21 07:59:11 2023,
>> wrote:
>>> Dear recipient,
>>> Please find attached the request by the National Archives of
>>> Finland to register the URN:NAN namespace for archival
>>> collections and resources. The namespace is modelled after
>>> URN:NBN registered by the National Library of Finland.
>>> If any further documentation or clarification is needed,
>>> please let me know.
>>> Best regards,
>>> Lauri Leinonen
>>> Tutkija/Forskare/Researcher
>>> Tutkimus ja innovaatiot/Forskning och innovation/Research and
>>> Innovation
>>> Kansallisarkisto/Riksarkivet/National Archives
>>> Rauhankatu/Fredsgatan 17
>>> PL/PB/P.O. Box 258, FI-00171
>>> Helsinki/Helsingfors, Finland
>>> puh./tel. +358 29 533 7398, +358 50 434 2761
>>> e-mail
>> _______________________________________________
>> urn mailing list
> _______________________________________________
> urn mailing list