Re: HTML5 and URI scheme *name* prefixes from Mykyta Yevstifeyev on 2012-01-14 (public-iri@w3.org from January 2012)

From: Mykyta Yevstifeyev <evnikita2@gmail.com>
Date: Sat, 14 Jan 2012 16:11:33 +0200
To: Julian Reschke <julian.reschke@gmx.de>
Cc: "PUBLIC-IRI@W3.ORG" <PUBLIC-IRI@w3.org>
Message-ID: <CADBvc9-mYYcG39XMyPDBvDLSQSMBazojn3r08F5F6h6EekSthA@mail.gmail.com>

My personal opinion:

Neither RFC 4395 nor 4395bis provide a possibility to perform such
sorts of registrations.  This is not a URI scheme but a prefix thereof
- theoretically, if this is register, de-facto an infinite range of
scheme names is registered; this is really not what authors of RFC
4395 wanted their document to serve for -, and additionally I can
hardly find what should schemes starting with "web+" stand for save
"The scheme is expected to be used in the context of Web
applications."; furthermore, this is impossible to understand how
should Web pages register such scheme names (this is in Sec.
considerations).

I support Julian's position on this.

Mykyta Yevstifeyev

2012/1/14 Julian Reschke <julian.reschke@gmx.de>:
> Hi there,
>
> ref: <https://www.w3.org/html/wg/tracker/issues/189>
>
> HTML5 introduces a naming convention for URI scheme *names*; see
> <http://dev.w3.org/html5/spec/Overview.html#web-scheme-prefix>:
>
>> 12.6 web+ scheme prefix
>>
>> This section describes a convention for use with the IANA URI scheme
>> registry. It does not itself register a specific scheme. [RFC4395]
>>
>> URI scheme name
>>    Schemes starting with the four characters "web+" followed by one or
>> more letters in the range a-z.
>> Status
>>    permanent
>> URI scheme syntax
>>    Scheme-specific.
>> URI scheme semantics
>>    Scheme-specific.
>> Encoding considerations
>>    All "web+" schemes should use UTF-8 encodings were relevant.
>> Applications/protocols that use this URI scheme name
>>    Scheme-specific.
>> Interoperability considerations
>>    The scheme is expected to be used in the context of Web applications.
>> Security considerations
>>    Any Web page is able to register a handler for all "web+" schemes. As
>> such, these schemes must not be used for features intended to be core
>> platform features (e.g. network transfer protocols like HTTP or FTP).
>> Similarly, such schemes must not store confidential information in their
>> URLs, such as usernames, passwords, personal information, or confidential
>> project names.
>> Contact
>>    Ian Hickson <ian@hixie.ch>
>> Author/Change controller
>>    Ian Hickson <ian@hixie.ch>
>> References
>>    W3C
>
>
> I'm in the process of writing a Change Proposal asking for a removal of this
> feature. In the meantime, it would be useful if the WG came up with
> "official" feedback on overloading the scheme name.
>
> Best regards, Julian
>

Received on Saturday, 14 January 2012 14:12:21 UTC