rfc2048.txt 44KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181
  1. Network Working Group N. Freed
  2. Request for Comments: 2048 Innosoft
  3. BCP: 13 J. Klensin
  4. Obsoletes: 1521, 1522, 1590 MCI
  5. Category: Best Current Practice J. Postel
  6. ISI
  7. November 1996
  8. Multipurpose Internet Mail Extensions
  9. (MIME) Part Four:
  10. Registration Procedures
  11. Status of this Memo
  12. This document specifies an Internet Best Current Practices for the
  13. Internet Community, and requests discussion and suggestions for
  14. improvements. Distribution of this memo is unlimited.
  15. Abstract
  16. STD 11, RFC 822, defines a message representation protocol specifying
  17. considerable detail about US-ASCII message headers, and leaves the
  18. message content, or message body, as flat US-ASCII text. This set of
  19. documents, collectively called the Multipurpose Internet Mail
  20. Extensions, or MIME, redefines the format of messages to allow for
  21. (1) textual message bodies in character sets other than
  22. US-ASCII,
  23. (2) an extensible set of different formats for non-textual
  24. message bodies,
  25. (3) multi-part message bodies, and
  26. (4) textual header information in character sets other than
  27. US-ASCII.
  28. These documents are based on earlier work documented in RFC 934, STD
  29. 11, and RFC 1049, but extends and revises them. Because RFC 822 said
  30. so little about message bodies, these documents are largely
  31. orthogonal to (rather than a revision of) RFC 822.
  32. Freed, et. al. Best Current Practice [Page 1]
  33. RFC 2048 MIME Registration Procedures November 1996
  34. This fourth document, RFC 2048, specifies various IANA registration
  35. procedures for the following MIME facilities:
  36. (1) media types,
  37. (2) external body access types,
  38. (3) content-transfer-encodings.
  39. Registration of character sets for use in MIME is covered elsewhere
  40. and is no longer addressed by this document.
  41. These documents are revisions of RFCs 1521 and 1522, which themselves
  42. were revisions of RFCs 1341 and 1342. An appendix in RFC 2049
  43. describes differences and changes from previous versions.
  44. Table of Contents
  45. 1. Introduction ......................................... 3
  46. 2. Media Type Registration .............................. 4
  47. 2.1 Registration Trees and Subtype Names ................ 4
  48. 2.1.1 IETF Tree ......................................... 4
  49. 2.1.2 Vendor Tree ....................................... 4
  50. 2.1.3 Personal or Vanity Tree ........................... 5
  51. 2.1.4 Special `x.' Tree ................................. 5
  52. 2.1.5 Additional Registration Trees ..................... 6
  53. 2.2 Registration Requirements ........................... 6
  54. 2.2.1 Functionality Requirement ......................... 6
  55. 2.2.2 Naming Requirements ............................... 6
  56. 2.2.3 Parameter Requirements ............................ 7
  57. 2.2.4 Canonicalization and Format Requirements .......... 7
  58. 2.2.5 Interchange Recommendations ....................... 8
  59. 2.2.6 Security Requirements ............................. 8
  60. 2.2.7 Usage and Implementation Non-requirements ......... 9
  61. 2.2.8 Publication Requirements .......................... 10
  62. 2.2.9 Additional Information ............................ 10
  63. 2.3 Registration Procedure .............................. 11
  64. 2.3.1 Present the Media Type to the Community for Review 11
  65. 2.3.2 IESG Approval ..................................... 12
  66. 2.3.3 IANA Registration ................................. 12
  67. 2.4 Comments on Media Type Registrations ................ 12
  68. 2.5 Location of Registered Media Type List .............. 12
  69. 2.6 IANA Procedures for Registering Media Types ......... 12
  70. 2.7 Change Control ...................................... 13
  71. 2.8 Registration Template ............................... 14
  72. 3. External Body Access Types ........................... 14
  73. 3.1 Registration Requirements ........................... 15
  74. 3.1.1 Naming Requirements ............................... 15
  75. Freed, et. al. Best Current Practice [Page 2]
  76. RFC 2048 MIME Registration Procedures November 1996
  77. 3.1.2 Mechanism Specification Requirements .............. 15
  78. 3.1.3 Publication Requirements .......................... 15
  79. 3.1.4 Security Requirements ............................. 15
  80. 3.2 Registration Procedure .............................. 15
  81. 3.2.1 Present the Access Type to the Community .......... 16
  82. 3.2.2 Access Type Reviewer .............................. 16
  83. 3.2.3 IANA Registration ................................. 16
  84. 3.3 Location of Registered Access Type List ............. 16
  85. 3.4 IANA Procedures for Registering Access Types ........ 16
  86. 4. Transfer Encodings ................................... 17
  87. 4.1 Transfer Encoding Requirements ...................... 17
  88. 4.1.1 Naming Requirements ............................... 17
  89. 4.1.2 Algorithm Specification Requirements .............. 18
  90. 4.1.3 Input Domain Requirements ......................... 18
  91. 4.1.4 Output Range Requirements ......................... 18
  92. 4.1.5 Data Integrity and Generality Requirements ........ 18
  93. 4.1.6 New Functionality Requirements .................... 18
  94. 4.2 Transfer Encoding Definition Procedure .............. 19
  95. 4.3 IANA Procedures for Transfer Encoding Registration... 19
  96. 4.4 Location of Registered Transfer Encodings List ...... 19
  97. 5. Authors' Addresses ................................... 20
  98. A. Grandfathered Media Types ............................ 21
  99. 1. Introduction
  100. Recent Internet protocols have been carefully designed to be easily
  101. extensible in certain areas. In particular, MIME [RFC 2045] is an
  102. open-ended framework and can accommodate additional object types,
  103. character sets, and access methods without any changes to the basic
  104. protocol. A registration process is needed, however, to ensure that
  105. the set of such values is developed in an orderly, well-specified,
  106. and public manner.
  107. This document defines registration procedures which use the Internet
  108. Assigned Numbers Authority (IANA) as a central registry for such
  109. values.
  110. Historical Note: The registration process for media types was
  111. initially defined in the context of the asynchronous Internet mail
  112. environment. In this mail environment there is a need to limit the
  113. number of possible media types to increase the likelihood of
  114. interoperability when the capabilities of the remote mail system are
  115. not known. As media types are used in new environments, where the
  116. proliferation of media types is not a hindrance to interoperability,
  117. the original procedure was excessively restrictive and had to be
  118. generalized.
  119. Freed, et. al. Best Current Practice [Page 3]
  120. RFC 2048 MIME Registration Procedures November 1996
  121. 2. Media Type Registration
  122. Registration of a new media type or types starts with the
  123. construction of a registration proposal. Registration may occur in
  124. several different registration trees, which have different
  125. requirements as discussed below. In general, the new registration
  126. proposal is circulated and reviewed in a fashion appropriate to the
  127. tree involved. The media type is then registered if the proposal is
  128. acceptable. The following sections describe the requirements and
  129. procedures used for each of the different registration trees.
  130. 2.1. Registration Trees and Subtype Names
  131. In order to increase the efficiency and flexibility of the
  132. registration process, different structures of subtype names may be
  133. registered to accomodate the different natural requirements for,
  134. e.g., a subtype that will be recommended for wide support and
  135. implementation by the Internet Community or a subtype that is used to
  136. move files associated with proprietary software. The following
  137. subsections define registration "trees", distinguished by the use of
  138. faceted names (e.g., names of the form "tree.subtree...type"). Note
  139. that some media types defined prior to this document do not conform
  140. to the naming conventions described below. See Appendix A for a
  141. discussion of them.
  142. 2.1.1. IETF Tree
  143. The IETF tree is intended for types of general interest to the
  144. Internet Community. Registration in the IETF tree requires approval
  145. by the IESG and publication of the media type registration as some
  146. form of RFC.
  147. Media types in the IETF tree are normally denoted by names that are
  148. not explicitly faceted, i.e., do not contain period (".", full stop)
  149. characters.
  150. The "owner" of a media type registration in the IETF tree is assumed
  151. to be the IETF itself. Modification or alteration of the
  152. specification requires the same level of processing (e.g. standards
  153. track) required for the initial registration.
  154. 2.1.2. Vendor Tree
  155. The vendor tree is used for media types associated with commercially
  156. available products. "Vendor" or "producer" are construed as
  157. equivalent and very broadly in this context.
  158. Freed, et. al. Best Current Practice [Page 4]
  159. RFC 2048 MIME Registration Procedures November 1996
  160. A registration may be placed in the vendor tree by anyone who has
  161. need to interchange files associated with the particular product.
  162. However, the registration formally belongs to the vendor or
  163. organization producing the software or file format. Changes to the
  164. specification will be made at their request, as discussed in
  165. subsequent sections.
  166. Registrations in the vendor tree will be distinguished by the leading
  167. facet "vnd.". That may be followed, at the discretion of the
  168. registration, by either a media type name from a well-known producer
  169. (e.g., "vnd.mudpie") or by an IANA-approved designation of the
  170. producer's name which is then followed by a media type or product
  171. designation (e.g., vnd.bigcompany.funnypictures).
  172. While public exposure and review of media types to be registered in
  173. the vendor tree is not required, using the ietf-types list for review
  174. is strongly encouraged to improve the quality of those
  175. specifications. Registrations in the vendor tree may be submitted
  176. directly to the IANA.
  177. 2.1.3. Personal or Vanity Tree
  178. Registrations for media types created experimentally or as part of
  179. products that are not distributed commercially may be registered in
  180. the personal or vanity tree. The registrations are distinguished by
  181. the leading facet "prs.".
  182. The owner of "personal" registrations and associated specifications
  183. is the person or entity making the registration, or one to whom
  184. responsibility has been transferred as described below.
  185. While public exposure and review of media types to be registered in
  186. the personal tree is not required, using the ietf-types list for
  187. review is strongly encouraged to improve the quality of those
  188. specifications. Registrations in the personl tree may be submitted
  189. directly to the IANA.
  190. 2.1.4. Special `x.' Tree
  191. For convenience and symmetry with this registration scheme, media
  192. type names with "x." as the first facet may be used for the same
  193. purposes for which names starting in "x-" are normally used. These
  194. types are unregistered, experimental, and should be used only with
  195. the active agreement of the parties exchanging them.
  196. Freed, et. al. Best Current Practice [Page 5]
  197. RFC 2048 MIME Registration Procedures November 1996
  198. However, with the simplified registration procedures described above
  199. for vendor and personal trees, it should rarely, if ever, be
  200. necessary to use unregistered experimental types, and as such use of
  201. both "x-" and "x." forms is discouraged.
  202. 2.1.5. Additional Registration Trees
  203. From time to time and as required by the community, the IANA may,
  204. with the advice and consent of the IESG, create new top-level
  205. registration trees. It is explicitly assumed that these trees may be
  206. created for external registration and management by well-known
  207. permanent bodies, such as scientific societies for media types
  208. specific to the sciences they cover. In general, the quality of
  209. review of specifications for one of these additional registration
  210. trees is expected to be equivalent to that which IETF would give to
  211. registrations in its own tree. Establishment of these new trees will
  212. be announced through RFC publication approved by the IESG.
  213. 2.2. Registration Requirements
  214. Media type registration proposals are all expected to conform to
  215. various requirements laid out in the following sections. Note that
  216. requirement specifics sometimes vary depending on the registration
  217. tree, again as detailed in the following sections.
  218. 2.2.1. Functionality Requirement
  219. Media types must function as an actual media format: Registration of
  220. things that are better thought of as a transfer encoding, as a
  221. character set, or as a collection of separate entities of another
  222. type, is not allowed. For example, although applications exist to
  223. decode the base64 transfer encoding [RFC 2045], base64 cannot be
  224. registered as a media type.
  225. This requirement applies regardless of the registration tree
  226. involved.
  227. 2.2.2. Naming Requirements
  228. All registered media types must be assigned MIME type and subtype
  229. names. The combination of these names then serves to uniquely
  230. identify the media type and the format of the subtype name identifies
  231. the registration tree.
  232. The choice of top-level type name must take the nature of media type
  233. involved into account. For example, media normally used for
  234. representing still images should be a subtype of the image content
  235. type, whereas media capable of representing audio information belongs
  236. Freed, et. al. Best Current Practice [Page 6]
  237. RFC 2048 MIME Registration Procedures November 1996
  238. under the audio content type. See RFC 2046 for additional information
  239. on the basic set of top-level types and their characteristics.
  240. New subtypes of top-level types must conform to the restrictions of
  241. the top-level type, if any. For example, all subtypes of the
  242. multipart content type must use the same encapsulation syntax.
  243. In some cases a new media type may not "fit" under any currently
  244. defined top-level content type. Such cases are expected to be quite
  245. rare. However, if such a case arises a new top-level type can be
  246. defined to accommodate it. Such a definition must be done via
  247. standards-track RFC; no other mechanism can be used to define
  248. additional top-level content types.
  249. These requirements apply regardless of the registration tree
  250. involved.
  251. 2.2.3. Parameter Requirements
  252. Media types may elect to use one or more MIME content type
  253. parameters, or some parameters may be automatically made available to
  254. the media type by virtue of being a subtype of a content type that
  255. defines a set of parameters applicable to any of its subtypes. In
  256. either case, the names, values, and meanings of any parameters must
  257. be fully specified when a media type is registered in the IETF tree,
  258. and should be specified as completely as possible when media types
  259. are registered in the vendor or personal trees.
  260. New parameters must not be defined as a way to introduce new
  261. functionality in types registered in the IETF tree, although new
  262. parameters may be added to convey additional information that does
  263. not otherwise change existing functionality. An example of this
  264. would be a "revision" parameter to indicate a revision level of an
  265. external specification such as JPEG. Similar behavior is encouraged
  266. for media types registered in the vendor or personal trees but is not
  267. required.
  268. 2.2.4. Canonicalization and Format Requirements
  269. All registered media types must employ a single, canonical data
  270. format, regardless of registration tree.
  271. A precise and openly available specification of the format of each
  272. media type is required for all types registered in the IETF tree and
  273. must at a minimum be referenced by, if it isn't actually included in,
  274. the media type registration proposal itself.
  275. Freed, et. al. Best Current Practice [Page 7]
  276. RFC 2048 MIME Registration Procedures November 1996
  277. The specifications of format and processing particulars may or may
  278. not be publically available for media types registered in the vendor
  279. tree, and such registration proposals are explicitly permitted to
  280. include only a specification of which software and version produce or
  281. process such media types. References to or inclusion of format
  282. specifications in registration proposals is encouraged but not
  283. required.
  284. Format specifications are still required for registration in the
  285. personal tree, but may be either published as RFCs or otherwise
  286. deposited with IANA. The deposited specifications will meet the same
  287. criteria as those required to register a well-known TCP port and, in
  288. particular, need not be made public.
  289. Some media types involve the use of patented technology. The
  290. registration of media types involving patented technology is
  291. specifically permitted. However, the restrictions set forth in RFC
  292. 1602 on the use of patented technology in standards-track protocols
  293. must be respected when the specification of a media type is part of a
  294. standards-track protocol.
  295. 2.2.5. Interchange Recommendations
  296. Media types should, whenever possible, interoperate across as many
  297. systems and applications as possible. However, some media types will
  298. inevitably have problems interoperating across different platforms.
  299. Problems with different versions, byte ordering, and specifics of
  300. gateway handling can and will arise.
  301. Universal interoperability of media types is not required, but known
  302. interoperability issues should be identified whenever possible.
  303. Publication of a media type does not require an exhaustive review of
  304. interoperability, and the interoperability considerations section is
  305. subject to continuing evaluation.
  306. These recommendations apply regardless of the registration tree
  307. involved.
  308. 2.2.6. Security Requirements
  309. An analysis of security issues is required for for all types
  310. registered in the IETF Tree. (This is in accordance with the basic
  311. requirements for all IETF protocols.) A similar analysis for media
  312. types registered in the vendor or personal trees is encouraged but
  313. not required. However, regardless of what security analysis has or
  314. has not been done, all descriptions of security issues must be as
  315. accurate as possible regardless of registration tree. In particular,
  316. a statement that there are "no security issues associated with this
  317. Freed, et. al. Best Current Practice [Page 8]
  318. RFC 2048 MIME Registration Procedures November 1996
  319. type" must not be confused with "the security issues associates with
  320. this type have not been assessed".
  321. There is absolutely no requirement that media types registered in any
  322. tree be secure or completely free from risks. Nevertheless, all
  323. known security risks must be identified in the registration of a
  324. media type, again regardless of registration tree.
  325. The security considerations section of all registrations is subject
  326. to continuing evaluation and modification, and in particular may be
  327. extended by use of the "comments on media types" mechanism described
  328. in subsequent sections.
  329. Some of the issues that should be looked at in a security analysis of
  330. a media type are:
  331. (1) Complex media types may include provisions for
  332. directives that institute actions on a recipient's
  333. files or other resources. In many cases provision is
  334. made for originators to specify arbitrary actions in an
  335. unrestricted fashion which may then have devastating
  336. effects. See the registration of the
  337. application/postscript media type in RFC 2046 for
  338. an example of such directives and how to handle them.
  339. (2) Complex media types may include provisions for
  340. directives that institute actions which, while not
  341. directly harmful to the recipient, may result in
  342. disclosure of information that either facilitates a
  343. subsequent attack or else violates a recipient's
  344. privacy in some way. Again, the registration of the
  345. application/postscript media type illustrates how such
  346. directives can be handled.
  347. (3) A media type might be targeted for applications that
  348. require some sort of security assurance but not provide
  349. the necessary security mechanisms themselves. For
  350. example, a media type could be defined for storage of
  351. confidential medical information which in turn requires
  352. an external confidentiality service.
  353. 2.2.7. Usage and Implementation Non-requirements
  354. In the asynchronous mail environment, where information on the
  355. capabilities of the remote mail agent is frequently not available to
  356. the sender, maximum interoperability is attained by restricting the
  357. number of media types used to those "common" formats expected to be
  358. widely implemented. This was asserted in the past as a reason to
  359. Freed, et. al. Best Current Practice [Page 9]
  360. RFC 2048 MIME Registration Procedures November 1996
  361. limit the number of possible media types and resulted in a
  362. registration process with a significant hurdle and delay for those
  363. registering media types.
  364. However, the need for "common" media types does not require limiting
  365. the registration of new media types. If a limited set of media types
  366. is recommended for a particular application, that should be asserted
  367. by a separate applicability statement specific for the application
  368. and/or environment.
  369. As such, universal support and implementation of a media type is NOT
  370. a requirement for registration. If, however, a media type is
  371. explicitly intended for limited use, this should be noted in its
  372. registration.
  373. 2.2.8. Publication Requirements
  374. Proposals for media types registered in the IETF tree must be
  375. published as RFCs. RFC publication of vendor and personal media type
  376. proposals is encouraged but not required. In all cases IANA will
  377. retain copies of all media type proposals and "publish" them as part
  378. of the media types registration tree itself.
  379. Other than in the IETF tree, the registration of a data type does not
  380. imply endorsement, approval, or recommendation by IANA or IETF or
  381. even certification that the specification is adequate. To become
  382. Internet Standards, protocol, data objects, or whatever must go
  383. through the IETF standards process. This is too difficult and too
  384. lengthy a process for the convenient registration of media types.
  385. The IETF tree exists for media types that do require require a
  386. substantive review and approval process with the vendor and personal
  387. trees exist for those that do not. It is expected that applicability
  388. statements for particular applications will be published from time to
  389. time that recommend implementation of, and support for, media types
  390. that have proven particularly useful in those contexts.
  391. As discussed above, registration of a top-level type requires
  392. standards-track processing and, hence, RFC publication.
  393. 2.2.9. Additional Information
  394. Various sorts of optional information may be included in the
  395. specification of a media type if it is available:
  396. (1) Magic number(s) (length, octet values). Magic numbers
  397. are byte sequences that are always present and thus can
  398. be used to identify entities as being of a given media
  399. Freed, et. al. Best Current Practice [Page 10]
  400. RFC 2048 MIME Registration Procedures November 1996
  401. type.
  402. (2) File extension(s) commonly used on one or more
  403. platforms to indicate that some file containing a given
  404. type of media.
  405. (3) Macintosh File Type code(s) (4 octets) used to label
  406. files containing a given type of media.
  407. Such information is often quite useful to implementors and if
  408. available should be provided.
  409. 2.3. Registration Procedure
  410. The following procedure has been implemented by the IANA for review
  411. and approval of new media types. This is not a formal standards
  412. process, but rather an administrative procedure intended to allow
  413. community comment and sanity checking without excessive time delay.
  414. For registration in the IETF tree, the normal IETF processes should
  415. be followed, treating posting of an internet-draft and announcement
  416. on the ietf-types list (as described in the next subsection) as a
  417. first step. For registrations in the vendor or personal tree, the
  418. initial review step described below may be omitted and the type
  419. registered directly by submitting the template and an explanation
  420. directly to IANA (at iana@iana.org). However, authors of vendor or
  421. personal media type specifications are encouraged to seek community
  422. review and comment whenever that is feasible.
  423. 2.3.1. Present the Media Type to the Community for Review
  424. Send a proposed media type registration to the "ietf-types@iana.org"
  425. mailing list for a two week review period. This mailing list has
  426. been established for the purpose of reviewing proposed media and
  427. access types. Proposed media types are not formally registered and
  428. must not be used; the "x-" prefix specified in RFC 2045 can be used
  429. until registration is complete.
  430. The intent of the public posting is to solicit comments and feedback
  431. on the choice of type/subtype name, the unambiguity of the references
  432. with respect to versions and external profiling information, and a
  433. review of any interoperability or security considerations. The
  434. submitter may submit a revised registration, or withdraw the
  435. registration completely, at any time.
  436. Freed, et. al. Best Current Practice [Page 11]
  437. RFC 2048 MIME Registration Procedures November 1996
  438. 2.3.2. IESG Approval
  439. Media types registered in the IETF tree must be submitted to the IESG
  440. for approval.
  441. 2.3.3. IANA Registration
  442. Provided that the media type meets the requirements for media types
  443. and has obtained approval that is necessary, the author may submit
  444. the registration request to the IANA, which will register the media
  445. type and make the media type registration available to the community.
  446. 2.4. Comments on Media Type Registrations
  447. Comments on registered media types may be submitted by members of the
  448. community to IANA. These comments will be passed on to the "owner"
  449. of the media type if possible. Submitters of comments may request
  450. that their comment be attached to the media type registration itself,
  451. and if IANA approves of this the comment will be made accessible in
  452. conjunction with the type registration itself.
  453. 2.5. Location of Registered Media Type List
  454. Media type registrations will be posted in the anonymous FTP
  455. directory "ftp://ftp.isi.edu/in-notes/iana/assignments/media-types/"
  456. and all registered media types will be listed in the periodically
  457. issued "Assigned Numbers" RFC [currently STD 2, RFC 1700]. The media
  458. type description and other supporting material may also be published
  459. as an Informational RFC by sending it to "rfc-editor@isi.edu" (please
  460. follow the instructions to RFC authors [RFC-1543]).
  461. 2.6. IANA Procedures for Registering Media Types
  462. The IANA will only register media types in the IETF tree in response
  463. to a communication from the IESG stating that a given registration
  464. has been approved. Vendor and personal types will be registered by
  465. the IANA automatically and without any formal review as long as the
  466. following minimal conditions are met:
  467. (1) Media types must function as an actual media format.
  468. In particular, character sets and transfer encodings
  469. may not be registered as media types.
  470. (2) All media types must have properly formed type and
  471. subtype names. All type names must be defined by a
  472. standards-track RFC. All subtype names must be unique,
  473. must conform to the MIME grammar for such names, and
  474. must contain the proper tree prefix.
  475. Freed, et. al. Best Current Practice [Page 12]
  476. RFC 2048 MIME Registration Procedures November 1996
  477. (3) Types registered in the personal tree must either
  478. provide a format specification or a pointer to one.
  479. (4) Any security considerations given must not be obviously
  480. bogus. (It is neither possible nor necessary for the
  481. IANA to conduct a comprehensive security review of
  482. media type registrations. Nevertheless, IANA has the
  483. authority to identify obviously incompetent material
  484. and exclude it.)
  485. 2.7. Change Control
  486. Once a media type has been published by IANA, the author may request
  487. a change to its definition. The descriptions of the different
  488. registration trees above designate the "owners" of each type of
  489. registration. The change request follows the same procedure as the
  490. registration request:
  491. (1) Publish the revised template on the ietf-types list.
  492. (2) Leave at least two weeks for comments.
  493. (3) Publish using IANA after formal review if required.
  494. Changes should be requested only when there are serious omission or
  495. errors in the published specification. When review is required, a
  496. change request may be denied if it renders entities that were valid
  497. under the previous definition invalid under the new definition.
  498. The owner of a content type may pass responsibility for the content
  499. type to another person or agency by informing IANA and the ietf-types
  500. list; this can be done without discussion or review.
  501. The IESG may reassign responsibility for a media type. The most
  502. common case of this will be to enable changes to be made to types
  503. where the author of the registration has died, moved out of contact
  504. or is otherwise unable to make changes that are important to the
  505. community.
  506. Media type registrations may not be deleted; media types which are no
  507. longer believed appropriate for use can be declared OBSOLETE by a
  508. change to their "intended use" field; such media types will be
  509. clearly marked in the lists published by IANA.
  510. Freed, et. al. Best Current Practice [Page 13]
  511. RFC 2048 MIME Registration Procedures November 1996
  512. 2.8. Registration Template
  513. To: ietf-types@iana.org
  514. Subject: Registration of MIME media type XXX/YYY
  515. MIME media type name:
  516. MIME subtype name:
  517. Required parameters:
  518. Optional parameters:
  519. Encoding considerations:
  520. Security considerations:
  521. Interoperability considerations:
  522. Published specification:
  523. Applications which use this media type:
  524. Additional information:
  525. Magic number(s):
  526. File extension(s):
  527. Macintosh File Type Code(s):
  528. Person & email address to contact for further information:
  529. Intended usage:
  530. (One of COMMON, LIMITED USE or OBSOLETE)
  531. Author/Change controller:
  532. (Any other information that the author deems interesting may be
  533. added below this line.)
  534. 3. External Body Access Types
  535. RFC 2046 defines the message/external-body media type, whereby a MIME
  536. entity can act as pointer to the actual body data in lieu of
  537. including the data directly in the entity body. Each
  538. message/external-body reference specifies an access type, which
  539. determines the mechanism used to retrieve the actual body data. RFC
  540. 2046 defines an initial set of access types, but allows for the
  541. Freed, et. al. Best Current Practice [Page 14]
  542. RFC 2048 MIME Registration Procedures November 1996
  543. registration of additional access types to accommodate new retrieval
  544. mechanisms.
  545. 3.1. Registration Requirements
  546. New access type specifications must conform to a number of
  547. requirements as described below.
  548. 3.1.1. Naming Requirements
  549. Each access type must have a unique name. This name appears in the
  550. access-type parameter in the message/external-body content-type
  551. header field, and must conform to MIME content type parameter syntax.
  552. 3.1.2. Mechanism Specification Requirements
  553. All of the protocols, transports, and procedures used by a given
  554. access type must be described, either in the specification of the
  555. access type itself or in some other publicly available specification,
  556. in sufficient detail for the access type to be implemented by any
  557. competent implementor. Use of secret and/or proprietary methods in
  558. access types are expressly prohibited. The restrictions imposed by
  559. RFC 1602 on the standardization of patented algorithms must be
  560. respected as well.
  561. 3.1.3. Publication Requirements
  562. All access types must be described by an RFC. The RFC may be
  563. informational rather than standards-track, although standard-track
  564. review and approval are encouraged for all access types.
  565. 3.1.4. Security Requirements
  566. Any known security issues that arise from the use of the access type
  567. must be completely and fully described. It is not required that the
  568. access type be secure or that it be free from risks, but that the
  569. known risks be identified. Publication of a new access type does not
  570. require an exhaustive security review, and the security
  571. considerations section is subject to continuing evaluation.
  572. Additional security considerations should be addressed by publishing
  573. revised versions of the access type specification.
  574. 3.2. Registration Procedure
  575. Registration of a new access type starts with the construction of a
  576. draft of an RFC.
  577. Freed, et. al. Best Current Practice [Page 15]
  578. RFC 2048 MIME Registration Procedures November 1996
  579. 3.2.1. Present the Access Type to the Community
  580. Send a proposed access type specification to the "ietf-
  581. types@iana.org" mailing list for a two week review period. This
  582. mailing list has been established for the purpose of reviewing
  583. proposed access and media types. Proposed access types are not
  584. formally registered and must not be used.
  585. The intent of the public posting is to solicit comments and feedback
  586. on the access type specification and a review of any security
  587. considerations.
  588. 3.2.2. Access Type Reviewer
  589. When the two week period has passed, the access type reviewer, who is
  590. appointed by the IETF Applications Area Director, either forwards the
  591. request to iana@isi.edu, or rejects it because of significant
  592. objections raised on the list.
  593. Decisions made by the reviewer must be posted to the ietf-types
  594. mailing list within 14 days. Decisions made by the reviewer may be
  595. appealed to the IESG.
  596. 3.2.3. IANA Registration
  597. Provided that the access type has either passed review or has been
  598. successfully appealed to the IESG, the IANA will register the access
  599. type and make the registration available to the community. The
  600. specification of the access type must also be published as an RFC.
  601. Informational RFCs are published by sending them to "rfc-
  602. editor@isi.edu" (please follow the instructions to RFC authors [RFC-
  603. 1543]).
  604. 3.3. Location of Registered Access Type List
  605. Access type registrations will be posted in the anonymous FTP
  606. directory "ftp://ftp.isi.edu/in-notes/iana/assignments/access-types/"
  607. and all registered access types will be listed in the periodically
  608. issued "Assigned Numbers" RFC [currently RFC-1700].
  609. 3.4. IANA Procedures for Registering Access Types
  610. The identity of the access type reviewer is communicated to the IANA
  611. by the IESG. The IANA then only acts in response to access type
  612. definitions that either are approved by the access type reviewer and
  613. forwarded by the reviewer to the IANA for registration, or in
  614. response to a communication from the IESG that an access type
  615. definition appeal has overturned the access type reviewer's ruling.
  616. Freed, et. al. Best Current Practice [Page 16]
  617. RFC 2048 MIME Registration Procedures November 1996
  618. 4. Transfer Encodings
  619. Transfer encodings are tranformations applied to MIME media types
  620. after conversion to the media type's canonical form. Transfer
  621. encodings are used for several purposes:
  622. (1) Many transports, especially message transports, can
  623. only handle data consisting of relatively short lines
  624. of text. There can also be severe restrictions on what
  625. characters can be used in these lines of text -- some
  626. transports are restricted to a small subset of US-ASCII
  627. and others cannot handle certain character sequences.
  628. Transfer encodings are used to transform binary data
  629. into textual form that can survive such transports.
  630. Examples of this sort of transfer encoding include the
  631. base64 and quoted-printable transfer encodings defined
  632. in RFC 2045.
  633. (2) Image, audio, video, and even application entities are
  634. sometimes quite large. Compression algorithms are often
  635. quite effective in reducing the size of large entities.
  636. Transfer encodings can be used to apply general-purpose
  637. non-lossy compression algorithms to MIME entities.
  638. (3) Transport encodings can be defined as a means of
  639. representing existing encoding formats in a MIME
  640. context.
  641. IMPORTANT: The standardization of a large numbers of different
  642. transfer encodings is seen as a significant barrier to widespread
  643. interoperability and is expressely discouraged. Nevertheless, the
  644. following procedure has been defined to provide a means of defining
  645. additional transfer encodings, should standardization actually be
  646. justified.
  647. 4.1. Transfer Encoding Requirements
  648. Transfer encoding specifications must conform to a number of
  649. requirements as described below.
  650. 4.1.1. Naming Requirements
  651. Each transfer encoding must have a unique name. This name appears in
  652. the Content-Transfer-Encoding header field and must conform to the
  653. syntax of that field.
  654. Freed, et. al. Best Current Practice [Page 17]
  655. RFC 2048 MIME Registration Procedures November 1996
  656. 4.1.2. Algorithm Specification Requirements
  657. All of the algorithms used in a transfer encoding (e.g. conversion
  658. to printable form, compression) must be described in their entirety
  659. in the transfer encoding specification. Use of secret and/or
  660. proprietary algorithms in standardized transfer encodings are
  661. expressly prohibited. The restrictions imposed by RFC 1602 on the
  662. standardization of patented algorithms must be respected as well.
  663. 4.1.3. Input Domain Requirements
  664. All transfer encodings must be applicable to an arbitrary sequence of
  665. octets of any length. Dependence on particular input forms is not
  666. allowed.
  667. It should be noted that the 7bit and 8bit encodings do not conform to
  668. this requirement. Aside from the undesireability of having
  669. specialized encodings, the intent here is to forbid the addition of
  670. additional encodings along the lines of 7bit and 8bit.
  671. 4.1.4. Output Range Requirements
  672. There is no requirement that a particular tranfer encoding produce a
  673. particular form of encoded output. However, the output format for
  674. each transfer encoding must be fully and completely documented. In
  675. particular, each specification must clearly state whether the output
  676. format always lies within the confines of 7bit data, 8bit data, or is
  677. simply pure binary data.
  678. 4.1.5. Data Integrity and Generality Requirements
  679. All transfer encodings must be fully invertible on any platform; it
  680. must be possible for anyone to recover the original data by
  681. performing the corresponding decoding operation. Note that this
  682. requirement effectively excludes all forms of lossy compression as
  683. well as all forms of encryption from use as a transfer encoding.
  684. 4.1.6. New Functionality Requirements
  685. All transfer encodings must provide some sort of new functionality.
  686. Some degree of functionality overlap with previously defined transfer
  687. encodings is acceptable, but any new transfer encoding must also
  688. offer something no other transfer encoding provides.
  689. Freed, et. al. Best Current Practice [Page 18]
  690. RFC 2048 MIME Registration Procedures November 1996
  691. 4.2. Transfer Encoding Definition Procedure
  692. Definition of a new transfer encoding starts with the construction of
  693. a draft of a standards-track RFC. The RFC must define the transfer
  694. encoding precisely and completely, and must also provide substantial
  695. justification for defining and standardizing a new transfer encoding.
  696. This specification must then be presented to the IESG for
  697. consideration. The IESG can
  698. (1) reject the specification outright as being
  699. inappropriate for standardization,
  700. (2) approve the formation of an IETF working group to work
  701. on the specification in accordance with IETF
  702. procedures, or,
  703. (3) accept the specification as-is and put it directly on
  704. the standards track.
  705. Transfer encoding specifications on the standards track follow normal
  706. IETF rules for standards track documents. A transfer encoding is
  707. considered to be defined and available for use once it is on the
  708. standards track.
  709. 4.3. IANA Procedures for Transfer Encoding Registration
  710. There is no need for a special procedure for registering Transfer
  711. Encodings with the IANA. All legitimate transfer encoding
  712. registrations must appear as a standards-track RFC, so it is the
  713. IESG's responsibility to notify the IANA when a new transfer encoding
  714. has been approved.
  715. 4.4. Location of Registered Transfer Encodings List
  716. Transfer encoding registrations will be posted in the anonymous FTP
  717. directory "ftp://ftp.isi.edu/in-notes/iana/assignments/transfer-
  718. encodings/" and all registered transfer encodings will be listed in
  719. the periodically issued "Assigned Numbers" RFC [currently RFC-1700].
  720. Freed, et. al. Best Current Practice [Page 19]
  721. RFC 2048 MIME Registration Procedures November 1996
  722. 5. Authors' Addresses
  723. For more information, the authors of this document are best
  724. contacted via Internet mail:
  725. Ned Freed
  726. Innosoft International, Inc.
  727. 1050 East Garvey Avenue South
  728. West Covina, CA 91790
  729. USA
  730. Phone: +1 818 919 3600
  731. Fax: +1 818 919 3614
  732. EMail: ned@innosoft.com
  733. John Klensin
  734. MCI
  735. 2100 Reston Parkway
  736. Reston, VA 22091
  737. Phone: +1 703 715-7361
  738. Fax: +1 703 715-7436
  739. EMail: klensin@mci.net
  740. Jon Postel
  741. USC/Information Sciences Institute
  742. 4676 Admiralty Way
  743. Marina del Rey, CA 90292
  744. USA
  745. Phone: +1 310 822 1511
  746. Fax: +1 310 823 6714
  747. EMail: Postel@ISI.EDU
  748. Freed, et. al. Best Current Practice [Page 20]
  749. RFC 2048 MIME Registration Procedures November 1996
  750. Appendix A -- Grandfathered Media Types
  751. A number of media types, registered prior to 1996, would, if
  752. registered under the guidelines in this document, be placed into
  753. either the vendor or personal trees. Reregistration of those types
  754. to reflect the appropriate trees is encouraged, but not required.
  755. Ownership and change control principles outlined in this document
  756. apply to those types as if they had been registered in the trees
  757. described above.
  758. Freed, et. al. Best Current Practice [Page 21]