Diff: rfc9652.original

	rfc9652.original	rfc9652.txt


	Building Blocks for HTTP APIs M. Nottingham	Internet Engineering Task Force (IETF) M. Nottingham
	Internet-Draft 1 April 2024	Request for Comments: 9652 September 2024
	Intended status: Standards Track	Category: Standards Track
	Expires: 3 October 2024	ISSN: 2070-1721

	The Link-Template HTTP Header Field	The Link-Template HTTP Header Field

	draft-ietf-httpapi-link-template-04

	Abstract	Abstract

	This specification defines the Link-Template HTTP header field,	This specification defines the Link-Template HTTP header field,
	providing a means for describing the structure of a link between two	providing a means for describing the structure of a link between two

	resources, so that new links can be generated.	resources so that new links can be generated.

	About This Document

	This note is to be removed before publishing as an RFC.

	The latest revision of this draft can be found at https://ietf-wg-
	httpapi.github.io/link-template/draft-ietf-httpapi-link-
	template.html. Status information for this document may be found at
	https://datatracker.ietf.org/doc/draft-ietf-httpapi-link-template/.

	Discussion of this document takes place on the Building Blocks for
	HTTP APIs Working Group mailing list (mailto:httpapi@ietf.org), which
	is archived at https://mailarchive.ietf.org/arch/browse/httpapi/.
	Subscribe at https://www.ietf.org/mailman/listinfo/httpapi/.

	Source for this draft and an issue tracker can be found at
	https://github.com/ietf-wg-httpapi/link-template.

	Status of This Memo	Status of This Memo


	This Internet-Draft is submitted in full conformance with the	This is an Internet Standards Track document.
	provisions of BCP 78 and BCP 79.

	Internet-Drafts are working documents of the Internet Engineering
	Task Force (IETF). Note that other groups may also distribute
	working documents as Internet-Drafts. The list of current Internet-
	Drafts is at https://datatracker.ietf.org/drafts/current/.


	Internet-Drafts are draft documents valid for a maximum of six months	This document is a product of the Internet Engineering Task Force
	and may be updated, replaced, or obsoleted by other documents at any	(IETF). It represents the consensus of the IETF community. It has
	time. It is inappropriate to use Internet-Drafts as reference	received public review and has been approved for publication by the
	material or to cite them other than as "work in progress."	Internet Engineering Steering Group (IESG). Further information on
		Internet Standards is available in Section 2 of RFC 7841.


	This Internet-Draft will expire on 3 October 2024.	Information about the current status of this document, any errata,
		and how to provide feedback on it may be obtained at
		https://www.rfc-editor.org/info/rfc9652.

	Copyright Notice	Copyright Notice

	Copyright (c) 2024 IETF Trust and the persons identified as the	Copyright (c) 2024 IETF Trust and the persons identified as the
	document authors. All rights reserved.	document authors. All rights reserved.

	This document is subject to BCP 78 and the IETF Trust's Legal	This document is subject to BCP 78 and the IETF Trust's Legal

	Provisions Relating to IETF Documents (https://trustee.ietf.org/	Provisions Relating to IETF Documents
	license-info) in effect on the date of publication of this document.	(https://trustee.ietf.org/license-info) in effect on the date of
	Please review these documents carefully, as they describe your rights	publication of this document. Please review these documents
	and restrictions with respect to this document. Code Components	carefully, as they describe your rights and restrictions with respect
	extracted from this document must include Revised BSD License text as	to this document. Code Components extracted from this document must
	described in Section 4.e of the Trust Legal Provisions and are	include Revised BSD License text as described in Section 4.e of the
	provided without warranty as described in the Revised BSD License.	Trust Legal Provisions and are provided without warranty as described
		in the Revised BSD License.

	Table of Contents	Table of Contents


	1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2	1. Introduction
	1.1. Notational Conventions . . . . . . . . . . . . . . . . . 2	1.1. Notational Conventions
	2. The Link-Template Header Field . . . . . . . . . . . . . . . 3	2. The Link-Template Header Field
	2.1. The 'var-base' parameter . . . . . . . . . . . . . . . . 4	2.1. The 'var-base' Parameter
	3. Security Considerations . . . . . . . . . . . . . . . . . . . 4	3. Security Considerations
	4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5	4. IANA Considerations
	5. Normative References . . . . . . . . . . . . . . . . . . . . 5	5. Normative References
	Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6	Author's Address

	1. Introduction	1. Introduction

	[URI-TEMPLATE] defines a syntax for templates that, when expanded	[URI-TEMPLATE] defines a syntax for templates that, when expanded
	using a set of variables, results in a URI [URI].	using a set of variables, results in a URI [URI].

	This specification defines a HTTP header field [HTTP] for conveying	This specification defines a HTTP header field [HTTP] for conveying
	templates for links in the headers of a HTTP message. It is	templates for links in the headers of a HTTP message. It is
	complimentary to the Link header field defined in Section 3 of	complimentary to the Link header field defined in Section 3 of
	[WEB-LINKING], which carries links directly.	[WEB-LINKING], which carries links directly.

	1.1. Notational Conventions	1.1. Notational Conventions

	The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",	The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
	"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and	"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
	"OPTIONAL" in this document are to be interpreted as described in	"OPTIONAL" in this document are to be interpreted as described in
	BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all	BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
	capitals, as shown here.	capitals, as shown here.

	This specification uses the following terms from [STRUCTURED-FIELDS]:	This specification uses the following terms from [STRUCTURED-FIELDS]:

	List, String, Display String, Parameter.	List, String, Display String, and Parameter.

	2. The Link-Template Header Field	2. The Link-Template Header Field

	The Link-Template header field is a Structured Field	The Link-Template header field is a Structured Field
	[STRUCTURED-FIELDS] that serializes one or more links into HTTP	[STRUCTURED-FIELDS] that serializes one or more links into HTTP
	message metadata. It is semantically equivalent to the Link header	message metadata. It is semantically equivalent to the Link header
	field defined in Section 3 of [WEB-LINKING], except that the link	field defined in Section 3 of [WEB-LINKING], except that the link
	target and link anchor can contain URI Templates [URI-TEMPLATE].	target and link anchor can contain URI Templates [URI-TEMPLATE].


	Its value is a List of Strings. Each String is a URI Template, and	The Link-template header field's value is a List of Strings (see
	Parameters on it carry associated metadata.	[STRUCTURED-FIELDS]). Each String contains a URI Template and can
		have Parameters that carry metadata associated with that template.

	For example:	For example:

	Link-Template: "/{username}"; rel="item"	Link-Template: "/{username}"; rel="item"

	indicates that a resource with the relation type "item" for a given	indicates that a resource with the relation type "item" for a given
	"username" can be found by expanding the "username" variable into the	"username" can be found by expanding the "username" variable into the
	template given.	template given.


	The link target (as defined in Section 2 of [WEB-LINKING]) is the	The link target (see Section 2 of [WEB-LINKING]) is determined by
	result of expanding the URI Template [URI-TEMPLATE] (being converted	expanding the template and converting it to an absolute URI (if
	to an absolute URI after expansion, if necessary).	necessary).

	The link context and link relation type for the link (as defined in	The link context and link relation type for the link (as defined in

	Section 2 of [WEB-LINKING]) are conveyed using the "anchor" and "rel"	Section 2 of [WEB-LINKING]) are conveyed using the 'anchor' and 'rel'
	Parameters, as they are for the Link header field in Section 3 of	Parameters, as they are for the Link header field in Section 3 of
	[WEB-LINKING]. Their values MUST be Strings.	[WEB-LINKING]. Their values MUST be Strings.


	However, the "anchor" Parameter MAY contain a URI Template. For	However, the 'anchor' Parameter MAY contain a URI Template. For
	example:	example:

	Link-Template: "/books/{book_id}/author";	Link-Template: "/books/{book_id}/author";
	rel="author"; anchor="#{book_id}"	rel="author"; anchor="#{book_id}"

	Here, the link to the author for a particular book in a list of books	Here, the link to the author for a particular book in a list of books
	can be found by following the link template.	can be found by following the link template.


	This specification defines additional semantics for the "var-base"	This specification defines additional semantics for the 'var-base'
	Parameter on templated links; see below.	Parameter on templated links; see Section 2.1.

	The link's target attributes (as defined in Section 2.2 of	The link's target attributes (as defined in Section 2.2 of
	[WEB-LINKING]) are conveyed using other Parameters, in a manner	[WEB-LINKING]) are conveyed using other Parameters, in a manner
	similar to the Link header field. These Parameter values MUST be	similar to the Link header field. These Parameter values MUST be
	Strings, unless they contain non-ASCII characters, in which case they	Strings, unless they contain non-ASCII characters, in which case they
	MUST be Display Strings. Note that some target attribute names will	MUST be Display Strings. Note that some target attribute names will

	not serialise as Structured Field Parameter keys (see Section 3.1.2	not serialize as Structured Field Parameter keys (see Section 3.1.2
	of [STRUCTURED-FIELDS]).	of [STRUCTURED-FIELDS]).

	For example:	For example:

	Link-Template: "/author"; rel="author";	Link-Template: "/author"; rel="author";
	title=%"Bj%c3%b6rn J%c3%a4rnsida"	title=%"Bj%c3%b6rn J%c3%a4rnsida"

	Implementations MUST support all levels of template defined by	Implementations MUST support all levels of template defined by

	[URI-TEMPLATE] in the link String and the anchor Parameter.	[URI-TEMPLATE] in the link String and the 'anchor' Parameter.


	2.1. The 'var-base' parameter	2.1. The 'var-base' Parameter


	When a templated link has a 'var-base' parameter, its value conveys a	When a templated link has a 'var-base' Parameter, its value conveys a
	URI-reference that is used as a base URI for the variable names in	URI-reference that is used as a base URI for the variable names in

	the URI template. This allows template variables to be globally	the URI Template. This allows template variables to be globally
	identified, rather than specific to the context of use.	identified, rather than specific to the context of use.

	Dereferencing the URI for a particular variable might lead to more	Dereferencing the URI for a particular variable might lead to more
	information about the syntax or semantics of that variable;	information about the syntax or semantics of that variable;
	specification of particular formats for this information is out of	specification of particular formats for this information is out of
	scope for this document.	scope for this document.

	To determine the URI for a given variable, the value given is used as	To determine the URI for a given variable, the value given is used as
	a base URI in reference resolution (as specified in [URI]). If the	a base URI in reference resolution (as specified in [URI]). If the
	resulting URI is still relative, the context of the link is used as	resulting URI is still relative, the context of the link is used as

	skipping to change at page 4, line 51 ¶	skipping to change at line 171 ¶
	If the current context of the message that the header appears within	If the current context of the message that the header appears within
	is "https://example.org/", the same information could be conveyed by	is "https://example.org/", the same information could be conveyed by
	this header field:	this header field:

	Link-Template: "/widgets/{widget_id}";	Link-Template: "/widgets/{widget_id}";
	rel="https://example.org/rel/widget";	rel="https://example.org/rel/widget";
	var-base="/vars/"	var-base="/vars/"

	3. Security Considerations	3. Security Considerations


	The security consideration for the Link header field in [WEB-LINKING]	The security considerations for the Link header field in
	and those for URI Templates [URI-TEMPLATE] both apply.	[WEB-LINKING] and those for URI Templates [URI-TEMPLATE] apply.

	Target attributes that are conveyed via Display Strings can be	Target attributes that are conveyed via Display Strings can be
	vulnerable to a wide variety of attacks. See [UNICODE-SECURITY] for	vulnerable to a wide variety of attacks. See [UNICODE-SECURITY] for
	advice regarding their handling. Specific advice is not given by	advice regarding their handling. Specific advice is not given by

	this specification, since there are a variety of potential use cases	this specification since there are a variety of potential use cases
	for such attributes.	for such attributes.

	4. IANA Considerations	4. IANA Considerations


	This specification enters the "Link-Template" into the Hypertext	This specification enters the "Link-Template" field name into the
	Transfer Protocol (HTTP) Field Name Registry.	"Hypertext Transfer Protocol (HTTP) Field Name Registry".

	* Field Name: Link-Template


	* Status: permanent	+===============+===========+===============+
		\| Field Name \| Status \| Reference \|
		+===============+===========+===============+
		\| Link-Template \| Permanent \| This document \|
		+---------------+-----------+---------------+


	* Specification document: [this document]	Table 1

	5. Normative References	5. Normative References

	[HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,	[HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
	Ed., "HTTP Semantics", STD 97, RFC 9110,	Ed., "HTTP Semantics", STD 97, RFC 9110,
	DOI 10.17487/RFC9110, June 2022,	DOI 10.17487/RFC9110, June 2022,

	<https://www.rfc-editor.org/rfc/rfc9110>.	<https://www.rfc-editor.org/info/rfc9110>.

	[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate	[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
	Requirement Levels", BCP 14, RFC 2119,	Requirement Levels", BCP 14, RFC 2119,
	DOI 10.17487/RFC2119, March 1997,	DOI 10.17487/RFC2119, March 1997,

	<https://www.rfc-editor.org/rfc/rfc2119>.	<https://www.rfc-editor.org/info/rfc2119>.

	[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC	[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
	2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,	2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,

	May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.	May 2017, <https://www.rfc-editor.org/info/rfc8174>.

	[STRUCTURED-FIELDS]	[STRUCTURED-FIELDS]

	Nottingham, M. and P. Kamp, "Structured Field Values for	Nottingham, M. and P-H. Kamp, "Structured Field Values for
	HTTP", Work in Progress, Internet-Draft, draft-ietf-	HTTP", RFC 9651, DOI 10.17487/RFC9651, September 2024,
	httpbis-sfbis-05, 23 January 2024,	<https://www.rfc-editor.org/info/rfc9651>.
	<https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-
	sfbis-05>.

	[UNICODE-SECURITY]	[UNICODE-SECURITY]
	Davis, M. and M. Suignard, "Unicode Security	Davis, M. and M. Suignard, "Unicode Security
	Considerations", Unicode Technical Report #16, 19	Considerations", Unicode Technical Report #16, 19

	September 2014, <http://www.unicode.org/reports/tr36/>.	September 2014, <https://www.unicode.org/reports/tr36/>.
		Latest version available at
		<https://www.unicode.org/reports/tr36/>.

	[URI] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform	[URI] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
	Resource Identifier (URI): Generic Syntax", STD 66,	Resource Identifier (URI): Generic Syntax", STD 66,
	RFC 3986, DOI 10.17487/RFC3986, January 2005,	RFC 3986, DOI 10.17487/RFC3986, January 2005,

	<https://www.rfc-editor.org/rfc/rfc3986>.	<https://www.rfc-editor.org/info/rfc3986>.

	[URI-TEMPLATE]	[URI-TEMPLATE]
	Gregorio, J., Fielding, R., Hadley, M., Nottingham, M.,	Gregorio, J., Fielding, R., Hadley, M., Nottingham, M.,
	and D. Orchard, "URI Template", RFC 6570,	and D. Orchard, "URI Template", RFC 6570,
	DOI 10.17487/RFC6570, March 2012,	DOI 10.17487/RFC6570, March 2012,

	<https://www.rfc-editor.org/rfc/rfc6570>.	<https://www.rfc-editor.org/info/rfc6570>.

	[WEB-LINKING]	[WEB-LINKING]
	Nottingham, M., "Web Linking", RFC 8288,	Nottingham, M., "Web Linking", RFC 8288,
	DOI 10.17487/RFC8288, October 2017,	DOI 10.17487/RFC8288, October 2017,

	<https://www.rfc-editor.org/rfc/rfc8288>.	<https://www.rfc-editor.org/info/rfc8288>.

	Author's Address	Author's Address

	Mark Nottingham	Mark Nottingham
	Prahran	Prahran
	Australia	Australia
	Email: mnot@mnot.net	Email: mnot@mnot.net
	URI: https://www.mnot.net/	URI: https://www.mnot.net/

End of changes. 32 change blocks.
	86 lines changed or deleted	69 lines changed or added
This html diff was produced by rfcdiff 1.48.