RE: URI scheme uniqueness from Julian Reschke on 2003-08-05 (w3c-dist-auth@w3.org from July to September 2003)

From: Julian Reschke <julian.reschke@gmx.de>
Date: Tue, 5 Aug 2003 20:24:12 +0200
To: <w3c-dist-auth@w3.org>
Cc: <hardie@qualcomm.com>, "Lisa Dusseault" <lisa@xythos.com>
Message-ID: <JIEGINCHMLABHJBIGKBCOEEJIBAA.julian.reschke@gmx.de>

Ted,

actually I think it is the *main* issue (well, I did raise the issue after
all :-)

URI syntax is defined by RFC2396. URIs consist of the scheme name and a
scheme-dependant part. Different URI schemes have different characterestics
re: uniquenes, for instance

- file: would be bad,
- http: can be used as long as the owner of the domain ensures that the path
components are built in a unique way,
- opaquelocktoken: or urn:uuid (draft) are *designed* to accomplish this.

The point however is that unless a URI scheme is registered, *anybody* can
come up with URIs in the same scheme, and there's no *reliable* way to avoid
collision of URIs. Of course, using a registered scheme doesn't guarantee
uniqueness either, but at least it provides a chance to blame one of the two
sources of the duplicate URI for not complying to the syntax and semantics
that have been defined for the URI scheme.

Julian

--
<green/>bytes GmbH -- http://www.greenbytes.de -- tel:+492512807760

> -----Original Message-----
> From: hardie@qualcomm.com [mailto:hardie@qualcomm.com]
> Sent: Tuesday, August 05, 2003 6:10 PM
> To: Julian Reschke; Lisa Dusseault
> Subject: RE: URI scheme uniqueness
>
>
> >So *how* do you produce a guaranteed-to-be-unique URI without using a
> >registered scheme? I think this is simply impossible.
> >
> >Julian
>
> I think this is a side issue to the current discussion, so I've
> removed the list;
> if you disagree, feel free to forward back to the list.
>
> First, note that I said "that conforms to the URI syntax" rather
> than is a URI.
> There is a long philosophical discussion we could have about whether
> or not something which conforms to the syntax automatically is a URI, but
> please let's not.  (Frankly, I put it that way to avoid that discussion.)
>
> Second, there are a number of minting algorithms which are designed to
> provide uniqueness, either by reuse of cryptographic functions  or by
> associating authority and time functions with a specific minter.  One
> proposal for moving forward with draft-kindberg-tag-uri, for example,
> is to shift the draft to describing a minting algorithm for re-use by much
> more restricted-function URIs.
> 				regards,
> 					Ted Hardie
>

Received on Tuesday, 5 August 2003 14:24:31 UTC