W3C home > Mailing lists > Public > www-tag@w3.org > December 2009

RE: [widgets] Authorities will never have authority?

From: Larry Masinter <masinter@adobe.com>
Date: Mon, 21 Dec 2009 18:48:56 -0800
To: Jonathan Rees <jar@creativecommons.org>, "www-tag@w3.org" <www-tag@w3.org>
Message-ID: <C68CB012D9182D408CED7B884F441D4D308DEA@nambxv01a.corp.adobe.com>
The only value for authority that doesn't mean
anything in future versions is to leave the authority
out completely. It was pretty clear that previously, 
the 'authority' component was planned for cross-package
references, and taken out because of security concerns.

So I think if you want to "future proof" the possibility of
including an 'authority' or 'query components' in widget:
URIs, you could do something like

The URI syntax is


but possibly note that future versions might add an
authority component and a query component.

"Those who create widget URIs must not include an
 'authority' or 'query' component. Those who validate
 URIs must reject, not match, treat as invalid,
 any URI which contains an authority or a query."

 "However, implementations which validate widget URIs
  may note that future versions of this specification
  are planned which add these fields, so may wish to

(Not discussing the "widget:" vs "thismessage:" question
because the new (but not yet demonstrated) utility
in "widget:" might have something to do with "authority")


-----Original Message-----
From: www-tag-request@w3.org [mailto:www-tag-request@w3.org] On Behalf Of Jonathan Rees
Sent: Monday, December 21, 2009 3:12 PM
To: www-tag@w3.org
Subject: Fwd: [widgets] Authorities will never have authority?

FYI. Summary: making the concern over 'authority' field and spec
versioning more explicit. No answer yet.


---------- Forwarded message ----------
From: Jonathan Rees <jar@creativecommons.org>
Date: Thu, Dec 17, 2009 at 8:43 AM
Subject: [widgets] Authorities will never have authority?
To: "public-webapps@w3.org" <public-webapps@w3.org>

Sorry, I missed the followup on Larry's email

- can someone tell me where this is tracked?

Specifically I want to check that the 'authority' component is
adequately futureproofed. "Devoid of semantics" could mean devoid in
this and future versions, i.e. it's a comment field. In this case it
would be better to call it "comment" rather than "authority".  If
instead you mean devoid in this version, but some revision of the spec
gives some meaning, then you have to provide at least one value that a
widget: URI minter can put in that field that will never, in the
future, be taken to mean something that's not meant.

Sorry for the post-LC comment, but probably a simple change of wording
can clarify this to those who will be implementing the spec.


On Sat, Oct 10, 2009 at 12:44 PM, Larry Masinter <masinter@adobe.com> wrote:
> Re the widget: scheme
> http://lists.w3.org/Archives/Public/public-webapps/2009OctDec/0115.html

> http://www.w3.org/TR/2009/WD-widgets-uri-20091008/

> (bcc www-tag since original call was; there's an AWWW suggestion
> buried in here somewhere, though)
> http://www.w3.org/TR/webarch/#URI-scheme points to RFC 2617, which has been
> replaced by RFC 4395. I think WebArch should be updated to recommend that
> W3C recommendations must use "permanent" schemes and not "provisional" ones.
> RFC 4395 requires that permanent scheme definitions be "Well-defined". Leaving in syntactic components and declaring them "out of scope"  is leaving them undefined.
> Suggestion: Remove 'authority' from the syntax, and any sections that
>  refer to them; disallow query components
> Alternate Suggestion: define the meaning of "authority" and query components.
> Section 4.4 Step 2 makes normative reference:
> http://www.w3.org/TR/widgets/#rule-for-finding-a-file-within-a-widget-

> The algorithm there seems to be lacking a clear definition of "matches"
> which deals reasonably with the issues surrounding matching and equivalence
> for Unicode strings, or the handling of character sets in IRIs which are
> not represented in UTF8.
> Suggestion (Editorial): Move the definition of the mapping algorithm
> into the URI scheme registration document so that its definition can
> be reviewed for completeness.
> Suggestion (Technical): Define exactly and precisely what "match" means
> and make it clear what the appropriate response or error conditions are
> if there is more than one file that "match"es.
> 3) ** Reuse URI schemes **
> http://www.w3.org/TR/webarch/#URI-scheme includes   "Good practice: Reuse URI schemes"
> "A specification SHOULD reuse an existing URI scheme (rather than create a new one) when it provides the desired properties of identifiers and their relation to resources."
> The draft suggests there are many other schemes (with merit) already proposed, but that these existing efforts, "rather than identify packaged resources from the outside, widget URIs identify them only on the inside of a package, irrespective of that package's own location.", but this seems to indicate that the requirements for "widget" URIs are weaker, not stronger.
> Suggestion: Supply use cases where reuse of existing schemes (including "thismessage:/") do not provide the desired properties of identifiers and their relation to resources.
> Alternate Suggestion: Withdraw registration of "widget:" and reference existing scheme.
> Alternate Suggestion: Provide guidelines so that "widget:" can be used for other applications
>  that need a way of referencing components within ZIP packages; rename "widget:" to use
>  a scheme name that is appropriate for this broader application.
> AWWW Suggestion: add guideline: "Make New URI Schemes Reusable If You Can't Reuse URI schemes".
> "In fact, it is possible that both this scheme and another defined to access Zip archive content would be used jointly, with little or no overlap in functionality."
> Without any other context, this is incomprehensible.
> Suggestion: remove sentence.
> "Throughout this specification, wherever the term URI [URI] is used, it can be replaced interchangeably with the term IRI [RFC3987]. All widget URIs are IRIs, but the term URI is more common and was therefore preferred for readability."
> Seriously, do we need a W3C Guideline or Finding to cover "DO NOT REDEFINE TERMS"?
> There's glory for you! (see http://www.sabian.org/Alice/lgchap06.htm ).
> Suggestion: Use "IRI" since that's what is meant.
> "Note that assigning semantics or interpretation to the query or fragment components is outside the scope of this specification. The ways in which they are used depends on the content types that they are applied to, or what executable script decides to do with them."
> The wording might be taken to mean that a URI scheme registration normally *does* assign semantics or interpretation to the fragment components.
> Suggestion: drop this note.
> "Widgets 1.0: Widget URIs" the "1.0" might imply some kind of versioning, but there is no versioning of URI schemes.
> Suggestion: retitle "Widget URIs"
> Are "A, B, C and D" appendices? Normative?
> Suggestion: remove A ("Usage as Origin") either remove B ("Requirements") or edit it to be comprehensible to someone not familiar with the widgets specification, make C ("Acknowledgements") and D ("References") into normal document sections.
> A: "Usage as Origin"
> This information applies to the notion of origin calculation which is itself incomplete, and introduces an unnecessary normative dependency.
> Suggestion: Drop this section (if needed for widgets, put it somewhere
> else)

Received on Tuesday, 22 December 2009 02:49:58 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:56:31 UTC