Re: [ietf-types] Registration of media typeimage/svg+xml

ned+xml-mime@mrochek.com Tue, 07 December 2010 17:11 UTC

Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id oB7HBPew015567 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 7 Dec 2010 10:11:25 -0700 (MST) (envelope-from owner-ietf-xml-mime@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id oB7HBPrC015566; Tue, 7 Dec 2010 10:11:25 -0700 (MST) (envelope-from owner-ietf-xml-mime@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-xml-mime@mail.imc.org using -f
Received: from mauve.mrochek.com (mauve.mrochek.com [66.59.230.40]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id oB7HBOH3015560 for <ietf-xml-mime@imc.org>; Tue, 7 Dec 2010 10:11:24 -0700 (MST) (envelope-from ned+xml-mime@mrochek.com)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01NV4TRPQBSG00DA62@mauve.mrochek.com> for ietf-xml-mime@imc.org; Tue, 7 Dec 2010 09:11:22 -0800 (PST)
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01NUZOZ6T6UO007CHU@mauve.mrochek.com> (original mail from NED@mauve.mrochek.com) for ietf-xml-mime@imc.org; Tue, 7 Dec 2010 09:11:16 -0800 (PST)
From: ned+xml-mime@mrochek.com
Cc: ietf-types@iana.org, ietf-xml-mime@imc.org, Alexey Melnikov <alexey.melnikov@isode.com>, Philippe Le Hegaret <plh@w3.org>
Message-id: <01NV4TRMHDSC007CHU@mauve.mrochek.com>
Date: Tue, 07 Dec 2010 09:10:56 -0800 (PST)
Subject: Re: [ietf-types] Registration of media typeimage/svg+xml
In-reply-to: "Your message dated Tue, 07 Dec 2010 15:52:24 +0100" <2110595737.20101207155224@w3.org>
MIME-version: 1.0
Content-type: TEXT/PLAIN
References: <2110595737.20101207155224@w3.org>
To: Chris Lilley <chris@w3.org>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mrochek.com; s=mauve; t=1291739097; bh=vpl3bJ6p65H3zhPoY0cK5PMDrwpTvXM2/EP0yfFArD0=; h=From:Cc:Message-id:Date:Subject:In-reply-to:MIME-version: Content-type:References:To; b=EZZmn4i7MAd/Y/HOQcDtSat1zn0V7MGpQ72k6uHeMaIsKxtSnL1VmhmopMQj62CNc CoRMyiUrAmP7C4bRTshvID5fAQxCn/jQkGfZ4hW8I6O+51znx0Xsx7M4SQq/RNx1bs PPYdPLh8u5zzlA0OtsoYWXxf0YqVgHn0DlWRg6aw=
Sender: owner-ietf-xml-mime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-xml-mime/mail-archive/>
List-ID: <ietf-xml-mime.imc.org>
List-Unsubscribe: <mailto:ietf-xml-mime-request@imc.org?body=unsubscribe>

This looks ready to go to me.

				Ned

> This is an updated and final registration request, incorporating the latest round of feedback. Philippe, this is ready to go to the IESG now.

> Type name:

>     image

> Subtype name:

>     svg+xml

> Required parameters:

>     None.

> Optional parameters:

>     charset

>     Same as application/xml media type, as specified in [RFC3023] or
>     its successors.

> Encoding considerations:

>     Same as for application/xml. See [RFC3023], section 3.2 or its
>     successors.

> Security considerations:

>     As with other XML types and as noted in [RFC3023] section 10,
>     repeated expansion of maliciously constructed XML entities can be
>     used to consume large amounts of memory, which may cause XML
>     processors in constrained environments to fail.

>     Several SVG elements may cause arbitrary URIs to be referenced. In
>     this case, the security issues of [RFC3986], section 7, should be
>     considered.

>     In common with HTML, SVG documents may reference external media
>     such as images, audio, video, style sheets, and scripting
>     languages. Scripting languages are executable content. In this
>     case, the security considerations in the Media Type registrations
>     for those formats shall apply.

>     In addition, because of the extensibility features for SVG and of
>     XML in general, it is possible that "image/svg+xml" may describe
>     content that has security implications beyond those described
>     here. However, if the processor follows only the normative
>     semantics of the published specification, this content will be
>     outside the SVG namespace and shall be ignored. Only in the case
>     where the processor recognizes and processes the additional
>     content, or where further processing of that content is dispatched
>     to other processors, would security issues potentially arise. And
>     in that case, they would fall outside the domain of this
>     registration document.

> Interoperability considerations:

>     The published specification describes processing semantics that
>     dictate behavior that must be followed when dealing with, among
>     other things, unrecognized elements and attributes, both in the
>     SVG namespace and in other namespaces.

>     Because SVG is extensible, conformant "image/svg+xml" processors
>     must expect that content received is well-formed XML, but it
>     cannot be guaranteed that the content is valid to a particular DTD
>     or Schema or that the processor will recognize all of the elements
>     and attributes in the document.

>     SVG has a published Test Suite and associated implementation
>     report showing which implementations passed which tests at the
>     time of the report. This information is periodically updated as
>     new tests are added or as implementations improve.

> Published specification:

>     This media type registration is extracted from Appendix P
>     http://www.w3.org/TR/SVG/mimereg.html
>     of the SVG 1.1 specification.
>     http://www.w3.org/TR/SVG/
    
> Applications that use this media type:

>     SVG is used by Web browsers, often in conjunction with HTML; by
>     mobile phones and digital cameras, as a format for interchange of
>     graphical assets in desk top publishing, for industrial process
>     visualization, display signage, and many other applications which
>     require scalable static or interactive graphical capability.

> Additional information:

>     Magic number(s):

>     File extension(s):
>         svg

>         Note that the extension 'svgz' is used as an alias for
>         'svg.gz' [RFC1952], i.e. octet streams of type image/svg+xml,
>         subsequently compressed with gzip.

>     Macintosh file type code(s):

>         "svg " (all lowercase, with a space character as the fourth letter).

>         Note that the Macintosh file type code 'svgz' (all lowercase)
>         is used as an alias for GZIP [RFC1952] compressed "svg ", i.e.
>         octet streams of type image/svg+xml, subsequently compressed
>         with gzip.

>     Macintosh Universal Type Identifier code:

>         org.w3c.svg conforms to public.image and to public.xml

>     Windows Clipboard Name:

>         "SVG Image"

>     Fragment Identifiers

>         For documents labeled as application/svg+xml, the
>         fragment identifier notation is either Shorthand Pointers
>         (formerly called barenames) or the SVG-specific SVG Views
>         syntax;
>         http://www.w3.org/TR/SVG/linking.html#LinksIntoSVG
>         both described in the fragment identifiers section of the
>         SVG specification.
>         http://www.w3.org/TR/SVG/linking.html#SVGFragmentIdentifiers

> Person & email address to contact for further information:

>     Chris Lilley, Doug Schepers (member-svg-media-type@w3.org).

> Intended usage:

>     COMMON

> Restrictions on usage:

>     None

> Author:

>     The SVG specification is a work product of the World Wide Web
>     Consortium's SVG Working Group.

> Change controller:

>     The W3C has change control over this specification.







> --
>  Chris Lilley   Technical Director, Interaction Domain
>  W3C Graphics Activity Lead, Fonts Activity Lead
>  Co-Chair, W3C Hypertext CG
>  Member, CSS, WebFonts, SVG Working Groups

> _______________________________________________
> ietf-types mailing list
> ietf-types@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf-types