Internet Draft                                            Sean B. Palmer
Document: draft-palmer-esl-uri-00.txt                     September 2001
Expires: March 1, 2002





                          The "esl" URI scheme


STATUS OF THIS MEMO

   This  document  is  an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents  of  the  Internet  Engineering
   Task  Force  (IETF),  its  areas,  and its working groups.  Note that
   other groups may  also  distribute  working  documents  as  Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at  any
   time.   It  is  inappropriate  to  use  Internet-Drafts  as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
        http://www.ietf.org/ietf/1id-abstracts.txt
   The list of Internet-Draft Shadow Directories can be accessed at
        http://www.ietf.org/shadow.html.

   This Internet-draft will expire on March 1, 2002.

   Copyright Notice Copyright (C) The Internet Society (2001). All
   Rights Reserved.

ABSTRACT

   This document defines the "esl" Uniform Resource Identifier (URI)
   scheme, as a generic identifier for entities who need to strictly 
   control its use.

1. INTRODUCTION

   "esl" URIs are designed to meet the requirement for easily creatable 
   persistent identifiers, that a) do not rely on a centralized 
   authority to delegate, and b) are digitally secure. The "esl" URI 
   scheme meets these requirements by outlining a digitally signed 
   compact identifier.




Palmer           Informational - Expires March 1, 2002          [Page 1]

Internet-Draft             The "esl" URI scheme           September 2001


2. THE "ESL" URI SCHEME

2.1 SYNTACTIC STRUCTURE

   Here is an ABNF for the "esl" URI scheme:-

      esl       =  scheme ":" hash ":" sig ":" label

      scheme    =  "esl"
      hash      =  1*alphanum                  ; from [RFC-2396]
      sig       =  1*sigchar
      label     =  8*labelchar
      sigchar   =  unreserved / escaped        ; from [RFC-2396]
      labelchar =  alphanum / "-"              ; from [RFC-2396]

   The <alphanum>, <unreserved>, and <escaped> components are imported 
   from [RFC-2396].

   Two examples of syntactically valid "esl" URIs are:-

   <esl:SHA1:iQA%2FAwUBO51bkD6DK6KYhyiEEQJLqwCfSv%2FiAHvC1REXEkOGEWf9pAB
    yCRwAni92%0D%0ABxgCJqNL4fvrLRlGFK5szDXf%0D%0A%3DckCE:someName>
   <esl:SHA1:iQA%2FAwUBO51boD6DK6KYhyiEEQKPaQCeI2qqsZp3mHquaBzZoHP9AOE6K
    8YAnRHD%0D%0A1Y8FM%2BOYCwQyPL4UqhHsO9Qj%0D%0A%3Dcj4c:2001-09-11-exam
    ple>

2.2 EQUALITY OF "ESL" URIS

   Two "esl" URIs are functionally equivalent when they use the same 
   label, and have been digitally signed using the same key.

3 HOW TO CREATE A "ESL" URI

   The process to create an "esl" URI is simple.

      1) Create an alphanumeric name (label) no less than 8 characters 
      in length that you have not used before in conjunction with your 
      digital signature.

      2) Digitally sign the label.

      3) Construct the "esl" from these three parts:-

         a) the hash (e.g. "SHA1")

         b) the digitally signed code, which MUST be %HH URI encoded 
         for any of the characters not found in the <unreserved> 
         component of [RFC-2396]. New lines MUST be encoded as "%0D%0A"




Palmer           Informational - Expires March 1, 2002          [Page 2]

Internet-Draft             The "esl" URI scheme           September 2001


         c) the label itself

   For example, let's say we want to create an "esl" URI from the label 
   "someName". First, we take that and digitally sign it, producing 
   the following example output:-

      -----BEGIN PGP SIGNED MESSAGE-----
      Hash: SHA1
      
      someName
      -----BEGIN PGP SIGNATURE-----
      
      iQA/AwUBO51bkD6DK6KYhyiEEQJLqwCfSv/iAHvC1REXEkOGEWf9pAByCRwAni92
      BxgCJqNL4fvrLRlGFK5szDXf
      =ckCE
      -----END PGP SIGNATURE-----

   Now, we take hash, %HH encoded signature, and label, and form:-

   <esl:SHA1:iQA%2FAwUBO51bkD6DK6KYhyiEEQJLqwCfSv%2FiAHvC1REXEkOGEWf9pAB
    yCRwAni92%0D%0ABxgCJqNL4fvrLRlGFK5szDXf%0D%0A%3DckCE:someName>

   Thus, the "esl" URI scheme is really just a method of putting a 
   digitally signed message unambiguously and fairly tersely into URI 
   space.

   N.B. If you find it difficult to keep track of the labels that you 
   are using, it is a good idea to choose date stamped labels, such as 
   "2001-09-09-someLabel". This way, you only have to remember the 
   labels that you have created during that day.

4. SECURITY CONSIDERATIONS

   Make sure you comply to your country's regulations pertaining to 
   digital signatures.

5. FURTHER INFORMATION

   Further information about the "esl" URI scheme can be obtained 
   from http://purl.org/net/esl

REFERENCES

   [RFC2396]   T. Berners-Lee, R. Fielding, L. Masinter (1998). Uniform
               Resource Identifiers (URI): Generic Syntax.

AUTHOR'S PGP SIGNATURE





Palmer           Informational - Expires March 1, 2002          [Page 3]

Internet-Draft             The "usl" URI scheme           September 2001

   For verifying the "esl" URI examples in this document.

Holder: Sean B. Palmer <sean@mysterylights.com>
Key ID: 0x98872884
Fingerprint: 8FB7 89FA F57B A551 82A5 85E5 3E83 2BA2 9887 2884

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQGiBDub+WoRBADdRHjLFtkj7YU7jrA86TcU6BV+kHd2ALyxKyF3z1y/qOjZLoM+
CPazbiKwaeeYDu0Jw24TcPkmYSmtMYT/y3Kdui5tLlsz9oIJJ4G+J+DS/w3u/aom
VYaCLeo7Olaw7ztK7k3xnsO3MJQqjDC8ksFhzHK1068XT+dAkfx7JkY8PQCg/3ZF
zrxtBe//reIsEzVbH3Gnl9kEAIz5D7frbBcdOUoYR6BVg5OGKx2a/MyoCU+9Yd1u
EYUiHoXsmrNeWslFoPvGg0Dd8WgeH4JYBvkW0Jw6gtUlirjdBaDx4igoEy/CLu1V
zogCMfjVqBqEsE/vWLnLDZlsTzdQxE2V2zj4AM/IrZauWK+YpvXNdDigiUeOw+Lo
WegcBAC+mQhepNxmj6zlfF6YCoEDEmAfm0a6ESIH8u8Ofjv2cIRycjTiqA9REVvL
UYRZGA0DR4DfKxl5iWHvfKhl1KO2mkVrKUBRTNMvTDnQo6C+zV/SPdIcClvqCUds
SIMvV/VVAp+04kiKmKq9bBpKWmfoTYmbRb6xmEmh5W8T4LIpdrQnU2VhbiBCLiBQ
YWxtZXIgPHNlYW5AbXlzdGVyeWxpZ2h0cy5jb20+iQBLBBARAgALBQI7m/lqBAsD
AgEACgkQPoMropiHKISpnwCfRoxTofqirdpFIqMssur7xORMMCUAnj9ELPvT9s/1
lDjqWlJo74gnJCCBuQQNBDub+WoQEAD5GKB+WgZhekOQldwFbIeG7GHszUUfDtjg
o3nGydx6C6zkP+NGlLYwSlPXfAIWSIC1FeUpmamfB3TT/+OhxZYgTphluNgN7hBd
q7YXHFHYUMoiV0MpvpXoVis4eFwL2/hMTdXjqkbM+84X6CqdFGHjhKlP0YOEqHm2
74+nQ0YIxswdd1ckOErixPDojhNnl06SE2H22+slDhf99pj3yHx5sHIdOHX79sFz
xIMRJitDYMPj6NYK/aEoJguuqa6zZQ+iAFMBoHzWq6MSHvoPKs4fdIRPyvMX86RA
6dfSd7ZCLQI2wSbLaF6dfJgJCo1+Le3kXXn11JJPmxiO/CqnS3wy9kJXtwh/CBdy
orrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9
ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7
/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yI
sxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAY
EY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuqui
XsNV6z3WFwACAhAA9ZRTQbD6yKFpJyxQB+R09cw5h/K+0S6ViG38d2SSvqLgq6AD
4cz2aCQqPAG5I//0rC/DjuphLk2ghbf5dcVLmzM9Ve6Fsp0KaiGeEtbTUdj02XHr
/hxf+sZIAlMs1+7rtdGNjfhuw3yutF0psVZRyJOGfGJpFlwHZlN3O0EaDv4BDzM7
FZwlaxBsv9I3JWFiZEtKmvLruiWQmcnYdMvAAwVuEky8XJRJYvu7gkxrTxirA5Oj
XiULThi62Xbb9m1bpggNYEqJpiavpkNvO6d+00CTmkfS8XYHYgCWjMV0NoBhswNA
EXBx9qFNVr+FnHy87s6fPl16lTgZqIQ2pebn/VV3U2dl25HTfWoajdpH5UxjSjV9
WIs/hlOUpJOphjWkh9MADG8cvm62hRxhaxYwmfOeZ4Ibr3sQ868DmObdhLf55TYh
ly2zgRFpMWakl93hRxbz43ulubwxjKtBdvGTUIuiJ1getVeUqY/rUcmm3Zx56N+j
YL0MkcswRRJZWWwfmN59HQeeY3sIm9cImm2tJeHnfg2yMxnoPtN8ikbSL5Hw8Rmx
w93JM4rSNvYoYPrKv2mSfKUhK/ZIsW9yp8AUi9JiJEkONyreyz4QkPerYLLSMRqN
P1S4jphwNZ+iojBtUjJPJf3q6X3Ujo3t6ONU81CYc4CVxfMddiU+Ex5jkH2JAEYE
GBECAAYFAjub+WoACgkQPoMropiHKIR4BACdG2yVQkDvDMFHk4sP1pCJ2EsEXtYA
n1F4VBU2XYGgM2eFUCnigAjaPGLO
=4WOq
-----END PGP PUBLIC KEY BLOCK-----

PROCESSING SCRIPTS

   The following script is a Python CGI to convert an "esl" URI into 




Palmer           Informational - Expires March 1, 2002          [Page 4]

Internet-Draft             The "esl" URI scheme           September 2001

   a PGP message which can be verified.

import sys
import cgi
import string
import re
import urllib

class Esl:
   """An esl URI."""
   def __init__(self, esl):
      self.esl = esl
      self.hash = ''
      self.sig = ''
      self.name = ''
      self.sigparse = ''

   def parse(self):
      """Parses an esl using a RegExp into the component parts."""
      eslreg = r'esl:([^:]+):([^:]+):(.*)'
      for m in re.compile(eslreg, re.S).findall(self.esl):
         self.hash = m[0]
         self.sig = string.replace(urllib.unquote(m[1]),'\r','')
         self.name = m[2]

   def output(self):
      print 'Content-Type: text/plain\n'
      print '-----BEGIN PGP SIGNED MESSAGE-----'
      print 'Hash: '+self.hash+'\n'
      print self.name
      print '-----BEGIN PGP SIGNATURE-----\n'
      print self.sig
      print '-----END PGP SIGNATURE-----'

def parse(form):
   esl = Esl(form['esl'].value)
   esl.parse()
   esl.output()

def doform():
   form = cgi.FieldStorage()
   form_ok = 0
   if form.has_key('esl'):
      parse(form)
   else:




Palmer           Informational - Expires March 1, 2002          [Page 5]

Internet-Draft             The "esl" URI scheme           September 2001

      print 'Content-Type: text/html\n'
      print '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">'
      print '<head><title>"esl" URI Form</title></head><body>'
      print '<h1>Enter Esl URI</h1>'
      print '<form method="get">esl: <input type="text" name="esl" />'
      print '<input type="submit" value="submit" /></form>'
      print '</body></html>'

def run():
   sys.argv.append('')
   if sys.argv[1]:
      esl = Esl(str(sys.argv[1]))
      esl.convert()
      esl.output()
   else: doform()

if __name__ == '__main__':
   run()



































Palmer           Informational - Expires March 1, 2002          [Page 6]