One document matched: draft-ietf-6man-uri-zoneid-06.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- This is built from a template for a generic Internet Draft. Suggestions for
improvement welcome - write to Brian Carpenter, brian.e.carpenter @ gmail.com -->
<!-- This can be converted using the Web service at http://xml.resource.org/experimental.html
(which supports the latest, sometimes undocumented and under-tested, features.) -->
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!-- You need one entry like the following for each RFC referenced -->
<!ENTITY RFC2119 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml'>
<!ENTITY RFC2629 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2629.xml'>
<!ENTITY RFC3986 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3986.xml'>
<!ENTITY RFC4007 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4007.xml'>
<!ENTITY RFC5952 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.5952.xml'>
<!ENTITY RFC5234 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.5234.xml'>
<!ENTITY RFC3493 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3493.xml'>
<!ENTITY RFC4001 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4001.xml'>
<!-- You need one entry like the following for each I-D referenced -->
<!ENTITY DRAFT-fenner SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.fenner-literal-zone.xml">
]>
<?rfc toc="yes"?> <!-- You want a table of contents -->
<?rfc symrefs="yes"?> <!-- Use symbolic labels for references -->
<?rfc sortrefs="yes"?> <!-- This sorts the references -->
<?rfc iprnotified="no" ?> <!-- Change to "yes" if someone has disclosed IPR for the draft -->
<?rfc compact="yes"?>
<!-- This defines the specific filename and version number of your draft (and inserts the appropriate IETF boilerplate -->
<rfc ipr="trust200902" docName="draft-ietf-6man-uri-zoneid-06" category="std" updates="3986">
<front>
<title abbrev="IPv6 Zone ID in URI">Representing IPv6 Zone Identifiers in Address Literals and Uniform Resource Identifiers</title>
<author initials="B. E." surname="Carpenter" fullname="Brian Carpenter">
<organization abbrev="Univ. of Auckland"></organization>
<address>
<postal>
<street>Department of Computer Science</street>
<street>University of Auckland</street>
<street>PB 92019</street>
<city>Auckland</city>
<region></region>
<code>1142</code>
<country>New Zealand</country>
</postal>
<email>brian.e.carpenter@gmail.com</email>
</address>
</author>
<author initials="S." surname="Cheshire"
fullname="Stuart Cheshire">
<organization abbrev="Apple Inc.">
Apple Inc.
</organization>
<address>
<postal>
<street>1 Infinite Loop</street>
<city>Cupertino</city> <region>CA</region>
<code>95014</code>
<country>US</country>
</postal>
<email>cheshire@apple.com</email>
</address>
</author>
<author initials="R.M." surname="Hinden"
fullname="Robert M. Hinden">
<organization abbrev="Check Point">
Check Point Software Technologies, Inc.
</organization>
<address>
<postal>
<street>800 Bridge Parkway</street>
<city>Redwood City</city> <region>CA</region>
<code>94065</code>
<country>US</country>
</postal>
<email>bob.hinden@gmail.com</email>
</address>
</author>
<date day="7" month="December" year="2012" />
<area>Internet</area>
<workgroup>6MAN</workgroup>
<abstract>
<t>This document describes how the Zone Identifier of an IPv6 scoped address, as defined
in RFC 4007, can be represented in a literal IPv6 address and in a Uniform Resource Identifier
that includes such a literal address. It updates RFC 3986 accordingly.
</t>
</abstract>
</front>
<middle>
<section anchor="intro" title="Introduction">
<t>The Uniform Resource Identifier (URI) syntax <xref target="RFC3986"/> defined how a
literal IPv6 address can be represented in the "host" part of a URI.
A subsequent specification <xref target="RFC4007"/> extended
the text representation of limited-scope IPv6 addresses such that a zone identifier may be concatenated
to a literal address, for purposes described in that RFC. Zone identifiers are especially
useful in contexts where literal addresses are typically used, for example during fault diagnosis,
when it may be essential to specify which interface is used for sending to a link local address.
It should be noted that zone identifiers have purely local meaning within the node where
they are defined, often being the same as IPv6 interface names. They are completely meaningless
for any other node. Today, they are only meaningful when attached to addresses with less
than global scope, but it is possible that other uses might be defined in the future. </t>
<t>RFC 4007 does not specify how zone identifiers are to be represented
in URIs. Practical experience has shown that this feature is useful, in particular when using a
web browser for debugging with link local addresses, but as it is undefined,
it is not implemented consistently in URI parsers or in browsers. </t>
<t>Some versions of some browsers accept the RFC 4007 syntax
for scoped IPv6 addresses embedded in URIs, i.e., they have been coded to
interpret the "%" sign according to RFC 4007 instead of RFC 3986. Clearly this
approach is very convenient for users, although it formally breaches
the syntax rules of RFC 3986. The present document defines an alternative
approach that respects and extends the rules of URI syntax, and IPv6 literals in general, to be consistent.
</t>
<t>Thus, this document updates <xref target="RFC3986"/> by adding syntax to allow a zone identifier
to be included in a literal IPv6 address within a URI. </t>
<!-- It also updates <xref target="RFC4007"/>,
in particular by adding a second allowed delimiter for zone identifiers. -->
<t>It should be noted that in other contexts than a user interface, a zone identifier is mapped into
a numeric zone index or interface number. The MIB textual convention InetZoneIndex <xref target="RFC4001"/> and the
socket interface <xref target="RFC3493"/> define this as a 32 bit unsigned integer. The mapping
between the human-readable zone identifier string and the numeric value is a host-specific
function that varies between operating systems. The present document is concerned only
with the human-readable string. </t>
<t>Several alternative solutions were considered while this document was developed. The Appendix
briefly describes the various options and their advantages and disadvantages. </t>
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in <xref target="RFC2119"/>.</t>
</section> <!-- intro -->
<section anchor="spec" title="Specification">
<t>According to RFC 4007, a zone identifier is attached to the textual representation of an IPv6
address by concatenating "%" followed by <zone_id>, where <zone_id> is a string identifying the zone of the address.
However, RFC 4007 gives no precise definition of the character set allowed in <zone_id>.
There are no rules or de facto standards for this. For example, the first Ethernet interface in a host
might be called %0, %1, %en1, %eth0, or whatever the implementer happened to choose.</t>
<t>In a URI, a literal IPv6 address is always embedded between "[" and "]".
This document specifies how a <zone_id> can be appended to the address.
Unfortunately "%" is always treated as an escape character in a URI, and according to
RFC 3986 it MUST therefore itself be percent-encoded in a URI, in the form "%25".
Thus, the scoped address fe80::a%en1 would appear in a URI as http://[fe80::a%25en1].
</t>
<t>A <zone_id> SHOULD contain only ASCII characters classified in RFC 3986
as "unreserved". This excludes characters such as "]" or even "%" which would complicate parsing.
However, the syntax below does allow such characters to be percent-encoded, for
compatibility with existing devices that use them. </t>
<t>If an operating system uses any other characters in zone or interface identifiers that are not in the
"unreserved" character set, they MUST be escaped with a "%" sign according to RFC 3986. </t>
<t>We now present the necessary formal syntax. </t>
<t>
In RFC 3986, the IPv6 literal format is formally defined in ABNF <xref target="RFC5234"/> by the following rule:
<figure><artwork>
IP-literal = "[" ( IPv6address / IPvFuture ) "]"
</artwork></figure>
</t>
<t>To provide support for a zone identifier,
the existing syntax of IPv6address is retained, and a zone identifier may be
added optionally to any literal address. This allows flexibility for unknown future
uses. The rule quoted above from RFC 3986 is replaced by three rules:
<figure><artwork>
IP-literal = "[" ( IPv6address / IPv6addrz / IPvFuture ) "]"
ZoneID = 1*( unreserved / pct-encoded )
IPv6addrz = IPv6address "%25" ZoneID
</artwork></figure></t>
<t>This syntax fills the gap that is described at the end of Section 11.7 of RFC 4007. </t>
<t>The rules in <xref target="RFC5952"/> SHOULD be applied in producing URIs. </t>
<t>RFC 3986 states that URIs have a global scope, but that in some cases their
interpretation depends on the end-user's context. URIs including a ZoneID are
to be interpreted only in the context of the host where they originate, since
the ZoneID is of local significance only. </t>
<t>RFC 4007 offers guidance on how the ZoneID affects interface/address selection
inside the IPv6 stack. Note that the behaviour of an IPv6 stack if passed a non-null
zone index for an address other than link-local is undefined. </t>
</section> <!-- spec -->
<section anchor="browsers" title="Web Browsers">
<t>This section discusses how web browsers might handle this syntax extension.
Unfortunately there is no formal distinction between the syntax allowed
in a browser's input dialogue box and the syntax allowed in URIs. For this
reason, no normative statements are made in this section. </t>
<t>Due to the lack of defined syntax, web browsers have been
inconsistent in providing for ZoneIDs. Many have no support, but there
are examples of ad hoc support. For example, some versions of Firefox allowed the
use of a ZoneID preceded by an unescaped "%" character, but
this was removed for consistency with RFC 3986. As another example, some
versions of Internet Explorer allow use of a ZoneID preceded by a "%"
character escaped as "%25", still beyond the syntax allowed by RFC 3986. This
syntax extension is in fact used internally in the Windows operating system and some
of its APIs. </t>
<t>It is desirable for all browsers to recognise a ZoneID preceded by an escaped "%".
In the spirit of "be liberal with what you accept", we also suggest that URI parsers accept bare
"%" signs when possible (i.e., a "%" not followed by two valid and meaningful hexadecimal characters).
This would make it possible for a user to copy and paste a string such as
"fe80::a%en1" from the output of a "ping" command and have it work.
On the other hand, "%ee1" would need to be manually escaped as "fe80::a%25ee1"
to avoid any risk of misinterpretation. </t>
<t>Such bare "%" signs are for user interface convenience, and need to be
turned into properly escaped characters (where "%25" encodes "%")
before the URI is used in any protocol or HTML document. However, URIs including
a ZoneID have no meaning outside the originating node. It would therefore
be highly desirable for a browser to remove the ZoneID from a URI before including
that URI in an HTTP request.
</t>
<t>The normal diagnostic usage for the ZoneID syntax will cause it to be entered in the browser's
input dialogue box. Thus, URIs including a ZoneID are unlikely to be encountered in
HTML documents. However, if they do (for example, in a diagnostic script coded in HTML)
it would be appropriate to treat them exactly as above. </t>
</section> <!-- browsers -->
<section anchor="security" title="Security Considerations">
<t>The security considerations of <xref target="RFC3986"/> and <xref target="RFC4007"/> apply.
In particular, this URI format creates a specific pathway by which a deceitful zone
index might be communicated, as mentioned in the final security consideration of RFC 4007.
It is emphasised that the format is intended only for debugging purposes, but of course
this intention does not prevent misuse. </t>
<t>To limit this risk, implementations MUST NOT allow use of this format except for
well-defined usages such as sending to link local addresses under prefix fe80::/10.
At the time of writing, this is the only well-defined usage known. </t>
<t>An HTTP client, proxy or other intermediary MUST remove any ZoneID attached to an outgoing URI, as it only has
local significance at the sending host. </t>
</section> <!-- security -->
<section anchor="iana" title="IANA Considerations">
<t>This document requests no action by IANA. </t>
</section> <!-- iana -->
<section anchor="ack" title="Acknowledgements">
<t>
The lack of this format was first pointed out by Margaret Wasserman some years ago,
and more recently by Kerry Lynn. A previous draft document by Martin Duerst and Bill
Fenner <xref target="I-D.fenner-literal-zone"/> discussed this topic but was not finalised. </t>
<t>Valuable comments and contributions were made by
Karl Auer,
Carsten Bormann,
Benoit Claise,
Stephen Farrell,
Brian Haberman,
Ted Hardie,
Tatuya Jinmei,
Yves Lafon,
Barry Leiba,
Radia Perlman,
Tom Petch,
Tomoyuki Sahara,
Juergen Schoenwaelder,
Dave Thaler,
Martin Thomson,
and
Ole Troan.
</t>
<t>Brian Carpenter was a visitor at the Computer Laboratory, Cambridge University during part of this work. </t>
<t>This document was produced using the xml2rfc tool
<xref target="RFC2629"/>.</t>
</section> <!-- ack -->
<section anchor ="changes" title="Change log [RFC Editor: Please remove]">
<t>draft-ietf-6man-uri-zoneid-06: responding to IETF Last Call and IESG comments, 2012-12-07. </t>
<t>draft-ietf-6man-uri-zoneid-05: tuned ABNF, clarified RFC 4007 text, 2012-11-06. </t>
<t>draft-ietf-6man-uri-zoneid-04: additional author, 2012-09-21. </t>
<t>draft-ietf-6man-uri-zoneid-03: reverted to percent-encoded model following WGLC, 2012-09-10. </t>
<t>draft-ietf-6man-uri-zoneid-02: additional WG comments, 2012-07-11. </t>
<t>draft-ietf-6man-uri-zoneid-01: use "-" instead of %25, listed alternatives in Appendix, according to
WG debate, added suggestion for browser developers, 2012-05-29. </t>
<t>draft-ietf-6man-uri-zoneid-00: adopted by WG, fixed syntax to allow for % encoded characters, 2012-02-17. </t>
<t>draft-carpenter-6man-uri-zoneid-01: chose Option 2, removed 15 character limit, added explanation of
ID/number mapping and other clarifications, 2012-02-08.</t>
<t>draft-carpenter-6man-uri-zoneid-00: original version, 2011-12-07.</t>
</section> <!-- changes -->
</middle>
<back>
<references title="Normative References">
&RFC3986;
&RFC4007;
&RFC5952;
&RFC2119;
&RFC5234;
</references>
<references title="Informative References">
&RFC2629;
&RFC3493;
&RFC4001;
&DRAFT-fenner;
<reference anchor="chrome" target="http://support.google.com/chrome/bin/answer.py?answer=95440">
<front>
<title>Use the address bar (omnibox)</title>
<author initials="" surname="Google" fullname="Google"/>
<date year="2012"/>
</front>
</reference>
</references>
<section anchor="AppendixA" title="Options Considered">
<t>The syntax defined above allows a ZoneID to be added to any
IPv6 address. The 6man WG discussed and rejected an alternative in which
the existing syntax of IPv6address would be extended by an option
to add the ZoneID only for the case of link-local addresses. It
was felt that the present solution offers more flexibility for
future uses and is more straightforward to implement.
</t>
<t>The various syntax options considered are now briefly described.</t>
<t><list style="numbers">
<t>Leave the problem unsolved.
<vspace blankLines="1" />
This would mean that per-interface diagnostics would still have to be performed using ping or ping6:
<vspace blankLines="1" />
ping fe80::a%en1
<vspace blankLines="1" />
Advantage: works today.
<vspace blankLines="1" />
Disadvantage: less convenient than using a browser.
<vspace blankLines="1" />
</t>
<t>Simply using the percent character.
<vspace blankLines="1" />
http://[fe80::a%en1]
<vspace blankLines="1" />
Advantage: allows use of browser, allows cut and paste.
<vspace blankLines="1" />
Disadvantage: invalid syntax under RFC 3986; not acceptable to URI community.
<vspace blankLines="1" />
</t>
<t>Escaping the escape character as allowed by RFC 3986:
<vspace blankLines="1" />
http://[fe80::a%25en1]
<vspace blankLines="1" />
Advantage: allows use of browser, consistent with general URI syntax.
<vspace blankLines="1" />
Disadvantage: somewhat ugly and confusing, doesn't allow simple cut and paste.
<vspace blankLines="1" />
This is the option chosen for standardization.
<vspace blankLines="1" />
</t>
<t>Alternative separator
<vspace blankLines="1" />
http://[fe80::a-en1]
<vspace blankLines="1" />
Advantage: allows use of browser, simple syntax
<vspace blankLines="1" />
Disadvantage: Requires all IPv6 address literal parsers and
generators to be updated in order to allow simple cut and paste; inconsistent
with existing tools and practice.
<vspace blankLines="1" />
Note: the initial proposal for this choice was to use an underscore
as the separator, but it was noted that this becomes effectively invisible when
a user interface automatically underlines URLs.
<vspace blankLines="1" />
</t>
<t>With the "IPvFuture" syntax left open in RFC 3986:
<vspace blankLines="1" />
http://[v6.fe80::a_en1]
<vspace blankLines="1" />
Advantage: allows use of browser.
<vspace blankLines="1" />
Disadvantage: ugly and redundant, doesn't allow simple cut and paste.
</t>
</list></t>
</section>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 20:47:07 |