Network Working Group A. Newton
Request for Comments: 4991 VeriSign, Inc.
Category: Standards Track August 2007
Network Working Group A. Newton
Request for Comments: 4991 VeriSign, Inc.
Category: Standards Track August 2007
A Common Schema for Internet Registry Information Service Transfer Protocols
Internet注册表信息服务传输协议的通用模式
Status of This Memo
关于下段备忘
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The IETF Trust (2007).
版权所有(C)IETF信托基金(2007年)。
Abstract
摘要
This document describes an XML Schema for use by Internet Registry Information Service (IRIS) application transfer protocols that share common characteristics. It describes common information about the transfer protocol, such as version, supported extensions, and supported security mechanisms.
本文档描述了一个XML模式,供共享公共特征的Internet注册表信息服务(IRIS)应用程序传输协议使用。它描述了有关传输协议的常见信息,例如版本、支持的扩展和支持的安全机制。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Document Terminology . . . . . . . . . . . . . . . . . . . . . 2
3. Formal XML Syntax . . . . . . . . . . . . . . . . . . . . . . 3
4. Version Information . . . . . . . . . . . . . . . . . . . . . 6
5. Size Information . . . . . . . . . . . . . . . . . . . . . . . 7
6. Authentication Success Information . . . . . . . . . . . . . . 8
7. Authentication Failure Information . . . . . . . . . . . . . . 8
8. Other Information . . . . . . . . . . . . . . . . . . . . . . 9
9. Internationalization Considerations . . . . . . . . . . . . . 9
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
10.1. XML Namespace URN Registration . . . . . . . . . . . . . 10
11. Security Considerations . . . . . . . . . . . . . . . . . . . 10
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
12.1. Normative References . . . . . . . . . . . . . . . . . . 11
12.2. Informative References . . . . . . . . . . . . . . . . . 11
Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 12
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Document Terminology . . . . . . . . . . . . . . . . . . . . . 2
3. Formal XML Syntax . . . . . . . . . . . . . . . . . . . . . . 3
4. Version Information . . . . . . . . . . . . . . . . . . . . . 6
5. Size Information . . . . . . . . . . . . . . . . . . . . . . . 7
6. Authentication Success Information . . . . . . . . . . . . . . 8
7. Authentication Failure Information . . . . . . . . . . . . . . 8
8. Other Information . . . . . . . . . . . . . . . . . . . . . . 9
9. Internationalization Considerations . . . . . . . . . . . . . 9
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
10.1. XML Namespace URN Registration . . . . . . . . . . . . . 10
11. Security Considerations . . . . . . . . . . . . . . . . . . . 10
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
12.1. Normative References . . . . . . . . . . . . . . . . . . 11
12.2. Informative References . . . . . . . . . . . . . . . . . 11
Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 12
IRIS [8] has two transfer protocols, LWZ (lightweight using compression) [9] and XPC (XML pipelining with chunks) [10], that share common negotiation mechanisms. Both transfer protocols have a need for the server to provide rich status information to clients during protocol negotiation. In many cases, this status information would be too complex to describe using simple bit fields and length-specified octet sequences. This document defines an XML Schema for this rich status information and describes the usage of conformant XML for conveying this status information.
IRIS[8]有两个传输协议,LWZ(使用压缩的轻量级传输协议)[9]和XPC(使用块的XML管道传输协议)[10],它们共享公共协商机制。这两种传输协议都需要服务器在协议协商期间向客户端提供丰富的状态信息。在许多情况下,这种状态信息过于复杂,无法使用简单的位字段和指定长度的八位字节序列来描述。本文档为这些丰富的状态信息定义了一个XML模式,并描述了一致性XML用于传递这些状态信息的用法。
This document defines five types of information used in the negotiation of protocol capabilities: version, size, authentication success, authentication failure, and other information. The version information is used to negotiate the versions and extensions to the transfer protocol, the application operations protocol, and data models used by the application operations. Size information is used to indicate request and response size capabilities and errors. Authentication success and failure information is used to indicate the outcome of an authentication action. Other types of information may also be conveyed that is generally a result of an error but cannot be corrected through defined protocol behavior.
本文档定义了协议功能协商中使用的五种类型的信息:版本、大小、身份验证成功、身份验证失败和其他信息。版本信息用于协商传输协议、应用程序操作协议和应用程序操作使用的数据模型的版本和扩展。大小信息用于指示请求和响应大小功能和错误。身份验证成功和失败信息用于指示身份验证操作的结果。通常是错误的结果,但无法通过定义的协议行为纠正的其他类型的信息也可以被传送。
As an example, upon initiation of a connection, a server may send version information informing the client of the data models supported by the server and the security mechanisms supported by the server. The client may then respond appropriately. For example, the client may not recognize any of the data models supported by the server, and therefore close the connection. On the other hand, the client may recognize the data models and the security mechanisms and begin the procedure to initialize a security mechanism with the server before proceeding to query data according to a recognized data model.
例如,在启动连接时,服务器可以发送版本信息,通知客户端服务器支持的数据模型和服务器支持的安全机制。然后,客户可以做出适当的回应。例如,客户端可能无法识别服务器支持的任何数据模型,因此关闭连接。另一方面,客户端可以识别数据模型和安全机制,并在继续根据识别的数据模型查询数据之前,开始与服务器初始化安全机制的过程。
Both LWZ [9] and XPC [10] provide examples of the usage of the XML Schema defined in this document.
LWZ[9]和XPC[10]都提供了使用本文档中定义的XML模式的示例。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [6].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[6]中所述进行解释。
The following is the XML Schema used to define transfer protocol status information. See the following specifications: [2], [3], [4], [5]. Updates or changes to this schema require a document that UPDATES or OBSOLETES this document.
以下是用于定义传输协议状态信息的XML模式。请参阅以下规格:[2]、[3]、[4]、[5]。对此架构的更新或更改需要更新或废弃此文档的文档。
<?xml version="1.0"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:iristrans="urn:ietf:params:xml:ns:iris-transport"
targetNamespace="urn:ietf:params:xml:ns:iris-transport"
elementFormDefault="qualified" >
<?xml version="1.0"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:iristrans="urn:ietf:params:xml:ns:iris-transport"
targetNamespace="urn:ietf:params:xml:ns:iris-transport"
elementFormDefault="qualified" >
<annotation>
<documentation>
A schema for describing status information
for use by multiple transfer protocols.
</documentation>
</annotation>
<annotation>
<documentation>
A schema for describing status information
for use by multiple transfer protocols.
</documentation>
</annotation>
<element name="versions">
<complexType>
<sequence>
<element name="transferProtocol" maxOccurs="unbounded">
<complexType>
<sequence>
<element name="application" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<sequence>
<element name="dataModel" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<attribute name="protocolId" type="token"
use="required" />
<attribute name="extensionIds"
type="normalizedString" />
</complexType>
</element>
</sequence>
<attribute name="protocolId" type="token"
use="required" />
<attribute name="extensionIds"
type="normalizedString" />
</complexType>
</element>
</sequence>
<attribute name="protocolId" type="token" use="required"
<element name="versions">
<complexType>
<sequence>
<element name="transferProtocol" maxOccurs="unbounded">
<complexType>
<sequence>
<element name="application" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<sequence>
<element name="dataModel" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<attribute name="protocolId" type="token"
use="required" />
<attribute name="extensionIds"
type="normalizedString" />
</complexType>
</element>
</sequence>
<attribute name="protocolId" type="token"
use="required" />
<attribute name="extensionIds"
type="normalizedString" />
</complexType>
</element>
</sequence>
<attribute name="protocolId" type="token" use="required"
/>
<attribute name="extensionIds" type="normalizedString" />
<attribute name="authenticationIds"
type="normalizedString" />
<attribute name="responseSizeOctets"
type="positiveInteger" />
<attribute name="requestSizeOctets"
type="positiveInteger" />
</complexType>
</element>
</sequence>
</complexType>
</element>
/>
<attribute name="extensionIds" type="normalizedString" />
<attribute name="authenticationIds"
type="normalizedString" />
<attribute name="responseSizeOctets"
type="positiveInteger" />
<attribute name="requestSizeOctets"
type="positiveInteger" />
</complexType>
</element>
</sequence>
</complexType>
</element>
<element name="size">
<complexType>
<sequence>
<element name="request"
minOccurs="0"
type="iristrans:octetsType" />
<element name="response"
minOccurs="0"
type="iristrans:octetsType" />
</sequence>
</complexType>
</element>
<element name="size">
<complexType>
<sequence>
<element name="request"
minOccurs="0"
type="iristrans:octetsType" />
<element name="response"
minOccurs="0"
type="iristrans:octetsType" />
</sequence>
</complexType>
</element>
<complexType name="octetsType">
<choice>
<element name="exceedsMaximum">
<complexType/>
</element>
<element name="octets" type="positiveInteger" />
</choice>
</complexType>
<complexType name="octetsType">
<choice>
<element name="exceedsMaximum">
<complexType/>
</element>
<element name="octets" type="positiveInteger" />
</choice>
</complexType>
<element name="authenticationSuccess">
<complexType>
<sequence>
<element name="description" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<simpleContent>
<extension base="string">
<attribute name="language" type="language"
use="required"/>
</extension>
</simpleContent>
<element name="authenticationSuccess">
<complexType>
<sequence>
<element name="description" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<simpleContent>
<extension base="string">
<attribute name="language" type="language"
use="required"/>
</extension>
</simpleContent>
</complexType>
</element>
<element name="data" minOccurs="0" maxOccurs="1"
type="base64Binary"/>
</sequence>
</complexType>
</element>
</complexType>
</element>
<element name="data" minOccurs="0" maxOccurs="1"
type="base64Binary"/>
</sequence>
</complexType>
</element>
<element name="authenticationFailure">
<complexType>
<sequence>
<element name="description" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<simpleContent>
<extension base="string">
<attribute name="language" type="language"
use="required"/>
</extension>
</simpleContent>
</complexType>
</element>
</sequence>
</complexType>
</element>
<element name="authenticationFailure">
<complexType>
<sequence>
<element name="description" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<simpleContent>
<extension base="string">
<attribute name="language" type="language"
use="required"/>
</extension>
</simpleContent>
</complexType>
</element>
</sequence>
</complexType>
</element>
<element name="other">
<complexType>
<sequence>
<element name="description" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<simpleContent>
<extension base="string">
<attribute name="language" type="language"
use="required"/>
</extension>
</simpleContent>
</complexType>
</element>
</sequence>
<attribute type="token" name="type" use="required"/>
</complexType>
</element>
<element name="other">
<complexType>
<sequence>
<element name="description" minOccurs="0"
maxOccurs="unbounded">
<complexType>
<simpleContent>
<extension base="string">
<attribute name="language" type="language"
use="required"/>
</extension>
</simpleContent>
</complexType>
</element>
</sequence>
<attribute type="token" name="type" use="required"/>
</complexType>
</element>
</schema>
</schema>
The <versions> element is used to describe version information about the transfer protocol, the application protocol, and data models used by the application protocol.
<versions>元素用于描述有关传输协议、应用协议和应用协议使用的数据模型的版本信息。
The <versions> element has one or more <transferProtocol> child elements. <transferProtocol> elements have zero or more <application> child elements. And <application> elements have zero or more <dataModel> elements. Each of these element types has a 'protocolId' attribute identifying the protocol they represent and an optional 'extensionIds' attribute identifying the protocol extensions they support.
<versions>元素有一个或多个子元素<transferProtocol><transferProtocol>元素具有零个或多个子元素。并且<application>元素具有零个或多个<dataModel>元素。每个元素类型都有一个“protocolId”属性,标识它们所表示的协议,还有一个可选的“extensionIds”属性,标识它们支持的协议扩展。
During capabilities negotiation, it is expected that both sides of the negotiation recognize the 'protocolId' value of the <transferProtocol> element and at least one of the <application> and <dataModel> elements. If the negotiation produces a situation where this is not possible, an error SHOULD be given and communication ended. It is not expected that each side must recognize the 'extensionIds' values, and unrecognized 'extensionIds' values MUST be ignored.
在能力协商期间,预计协商双方都会识别<transferProtocol>元素的“protocolId”值以及<application>和<dataModel>元素中的至少一个。如果协商产生不可能的情况,则应给出错误并结束通信。不希望每一方都必须识别“extensionId”值,并且必须忽略未识别的“extensionId”值。
Additionally, the <transferProtocol> element has optional 'authenticationIds', 'responseSizeOctets', and 'requestSizeOctets' attributes. The 'authenticationIds' attribute identifies authentication mechanisms supported by the associated transfer protocol. The 'responseSizeOctets' attribute describes the maximum response size in octets the server will give. The 'requestSizeOctets' attribute describes the maximum request size in octets the server will accept.
此外,<transferProtocol>元素具有可选的“AuthenticationId”、“responseSizeOctets”和“requestSizeOctets”属性。“AuthenticationId”属性标识关联传输协议支持的身份验证机制。“responseSizeOctets”属性描述服务器将给出的最大响应大小(以八位字节为单位)。“requestSizeOctets”属性描述服务器将接受的最大请求大小(以八位字节为单位)。
The protocol, extension, and authentication mechanism identifiers are of no specific type, and this document defines none. Specifications using this XML Schema MUST define the identifiers for use with the <versions> element and its children.
协议、扩展和身份验证机制标识符不属于特定类型,本文档不定义任何类型。使用此XML模式的规范必须定义用于<versions>元素及其子元素的标识符。
The meaning of octets for the transfer of data is counted in different ways for different transfer protocols. Some transfer protocols need only to specify the octets of the data being transferred, while other transfer protocols need to account for additional octets used to transfer the data. Specifications using this XML Schema MUST describe how these octet counts are calculated.
对于不同的传输协议,八位字节对于数据传输的意义以不同的方式计算。一些传输协议只需要指定正在传输的数据的八位字节,而其他传输协议需要考虑用于传输数据的其他八位字节。使用此XML模式的规范必须描述如何计算这些八位字节计数。
The following is example XML describing version information.
下面是描述版本信息的示例XML。
<versions xmlns="urn:ietf:params:xml:ns:iris-transport">
<transferProtocol protocolId="iris.lwz"
authenticationIds="PLAIN EXTERNAL">
<application protocolId="urn:ietf:params:xml:ns:iris1"
extensionIds="http://example.com/SIMPLEBAG">
<dataModel protocolId="urn:ietf:params:xml:ns:dchk1"/>
<dataModel protocolId="urn:ietf:params:xml:ns:dreg1"/>
</application>
</transferProtocol>
</versions>
<versions xmlns="urn:ietf:params:xml:ns:iris-transport">
<transferProtocol protocolId="iris.lwz"
authenticationIds="PLAIN EXTERNAL">
<application protocolId="urn:ietf:params:xml:ns:iris1"
extensionIds="http://example.com/SIMPLEBAG">
<dataModel protocolId="urn:ietf:params:xml:ns:dchk1"/>
<dataModel protocolId="urn:ietf:params:xml:ns:dreg1"/>
</application>
</transferProtocol>
</versions>
Version Information Example
版本信息示例
The <size> element provides a means for a server to communicate to a client that a given request has exceeded a negotiated size (<request>) or that a response to a given request will exceed a negotiated size (<response>).
<size>元素为服务器提供了一种与客户端通信的方法,即给定请求已超过协商大小(<request>),或者对给定请求的响应将超过协商大小(<response>)。
A server may indicate one of two size conditions by specifying the following child elements:
服务器可以通过指定以下子元素来指示两种大小条件之一:
<exceedsMaximum> - this child element simply indicates that the size exceeded the negotiated size.
<exceedsMaximum>-此子元素仅表示大小超出了协商的大小。
<octets> - this child element indicates that the size exceeded the negotiated size and conveys the number of octets that is the maximum for a request if the parent element is a <request> element or the number of octets needed to provide the response if the parent element is a <response> element.
<octets>-此子元素表示大小超过协商大小,如果父元素是<request>元素,则表示请求的最大八进制数;如果父元素是<response>元素,则表示提供响应所需的八进制数。
The meaning of octets for the transfer of data is counted in different ways for different transfer protocols. Some transfer protocols need only to specify the octets of the data being transferred, while other transfer protocols need to account for additional octets used to transfer the data. Specifications using this XML Schema MUST describe how these octet counts are calculated.
对于不同的传输协议,八位字节对于数据传输的意义以不同的方式计算。一些传输协议只需要指定正在传输的数据的八位字节,而其他传输协议需要考虑用于传输数据的其他八位字节。使用此XML模式的规范必须描述如何计算这些八位字节计数。
The following is example XML describing size information.
下面是描述大小信息的示例XML。
<size xmlns="urn:ietf:params:xml:ns:iris-transport">
<response>
<octets>1211</octets>
</response>
</size>
<size xmlns="urn:ietf:params:xml:ns:iris-transport">
<response>
<octets>1211</octets>
</response>
</size>
Size Information Example
大小信息示例
The <authenticationSuccess> element indicates that a client has successfully authenticated to a server. Along with this indication, it can provide text that may be presented to a user with regard to this successful authentication using child <description> elements.
<authenticationSuccess>元素表示客户端已成功通过服务器身份验证。除了此指示之外,它还可以提供文本,该文本可以使用child<description>元素向用户呈现关于此成功身份验证的文本。
Each <description> element MUST have a 'language' attribute describing the language of the content of the <description> element. Clients are not expected to concatenate multiple descriptions; therefore, servers MUST NOT provide multiple <description> elements with the same language descriptor.
每个<description>元素必须有一个描述<description>元素内容语言的“language”属性。不希望客户端连接多个描述;因此,服务器不能提供具有相同语言描述符的多个<description>元素。
Finally, additional security data may be sent back with the authentication success message using the <data> element. The content of this element is of the base64Binary simple type.
最后,可以使用<data>元素将附加的安全数据与认证成功消息一起发送回来。此元素的内容是base64Binary简单类型。
The following is example XML describing authentication success information.
下面是描述身份验证成功信息的示例XML。
<authenticationSuccess
xmlns="urn:ietf:params:xml:ns:iris-transport">
<description language="en">
user 'bob' authenticates via password
</description>
</authenticationSuccess>
<authenticationSuccess
xmlns="urn:ietf:params:xml:ns:iris-transport">
<description language="en">
user 'bob' authenticates via password
</description>
</authenticationSuccess>
Authentication Success Example
身份验证成功示例
The <authenticationFailure> element indicates that a client has failed to properly authenticate to a server. Along with this indication, it can provide text that may be presented to a user with regard to this authentication failure using child <description> elements.
<authenticationFailure>元素表示客户端未能正确地向服务器进行身份验证。除了此指示之外,它还可以使用child<description>元素提供关于此身份验证失败的文本。
Each <description> element MUST have a 'language' attribute describing the language of the content of the <description> element. Clients are not expected to concatenate multiple descriptions; therefore, servers MUST NOT provide multiple <description> elements with the same language descriptor.
每个<description>元素必须有一个描述<description>元素内容语言的“language”属性。不希望客户端连接多个描述;因此,服务器不能提供具有相同语言描述符的多个<description>元素。
The following is example XML describing authentication failure information.
下面是描述身份验证失败信息的XML示例。
<authenticationFailure
xmlns="urn:ietf:params:xml:ns:iris-transport">
<description language="en">
please consult your admin if you have forgotten your password
</description>
</authenticationFailure>
<authenticationFailure
xmlns="urn:ietf:params:xml:ns:iris-transport">
<description language="en">
please consult your admin if you have forgotten your password
</description>
</authenticationFailure>
Authentication Failure Example
身份验证失败示例
The <other> element conveys status information that may require interpretation by a human to be meaningful. This element has a required 'type' attribute, which contains an identifier regarding the nature of the information. This document does not define any identifiers for use in this attribute, but the intent is that these identifiers are well-known so that clients may take different classes of action based on the content of this attribute. Therefore, specifications making use of this XML Schema MUST define these identifiers.
<other>元素传递的状态信息可能需要人的解释才能有意义。此元素具有必需的“type”属性,该属性包含有关信息性质的标识符。本文档未定义用于此属性的任何标识符,但目的是这些标识符是众所周知的,以便客户端可以根据此属性的内容采取不同的操作类别。因此,使用此XML模式的规范必须定义这些标识符。
The <other> element may have zero or more <description> elements. Each <description> element MUST have a 'language' attribute describing the language of the content of the <description> element. Servers may use these child elements to convey textual information to clients regarding the class (or type) of status information being specified by the <other> element. Clients are not expected to concatenate multiple descriptions; therefore, servers MUST NOT provide multiple <description> elements with the same language descriptor.
<other>元素可以有零个或多个<description>元素。每个<description>元素必须有一个描述<description>元素内容语言的“language”属性。服务器可以使用这些子元素向客户端传递有关<other>元素指定的状态信息的类(或类型)的文本信息。不希望客户端连接多个描述;因此,服务器不能提供具有相同语言描述符的多个<description>元素。
The following is example XML describing other information.
下面是描述其他信息的示例XML。
<other xmlns="urn:ietf:params:xml:ns:iris-transport" type="system">
<description language="en">unavailable, come back
later</description>
</other>
<other xmlns="urn:ietf:params:xml:ns:iris-transport" type="system">
<description language="en">unavailable, come back
later</description>
</other>
Other Information Example
其他信息示例
XML processors are obliged to recognize both UTF-8 and UTF-16 [1] encodings. XML provides for mechanisms to identify and use other character encodings. Application transfer protocols MUST define which additional character encodings, if any, are to be allowed in the use of the XML defined in this document.
XML处理器必须同时识别UTF-8和UTF-16[1]编码。XML提供了识别和使用其他字符编码的机制。应用程序传输协议必须定义在使用本文档中定义的XML时允许使用哪些附加字符编码(如果有)。
This document makes use of the XML namespace and schema registry specified in XML_URN [7]. Accordingly, the following registrations have been made by IANA:
本文档使用XML_URN[7]中指定的XML名称空间和模式注册表。因此,IANA进行了以下注册:
o XML Namespace URN/URI:
o XML名称空间URN/URI:
* urn:ietf:params:xml:ns:iris-transport
* urn:ietf:params:xml:ns:iris传输
o Contact:
o 联系人:
* Andrew Newton <andy@hxr.us>
* 安德鲁·牛顿<andy@hxr.us>
o XML:
o XML:
* None
* 没有一个
o XML Schema URN/URI:
o XML架构URN/URI:
* urn:ietf:params:xml:schema:iris-transport
* urn:ietf:params:xml:schema:iris传输
o Contact:
o 联系人:
* Andrew Newton <andy@hxr.us>
* 安德鲁·牛顿<andy@hxr.us>
o XML:
o XML:
* The XML Schema specified in Section 3
* 第3节中指定的XML模式
Transfer protocols using XML conformant to the XML Schema in this document and offering security properties such as authentication and confidentiality SHOULD offer an initial message from the server to the client using the <versions> element. This <versions> element SHOULD contain all relevant authentication identifiers in its 'authenticationId' attribute. The purpose of providing this initial message is to help thwart downgrade attacks.
使用符合本文档中XML模式的XML并提供身份验证和机密性等安全属性的传输协议应使用<versions>元素从服务器向客户端提供初始消息。此<versions>元素的“authenticationId”属性中应包含所有相关的身份验证标识符。提供此初始消息的目的是帮助阻止降级攻击。
[1] The Unicode Consortium, "The Unicode Standard, Version 3", ISBN 0-201-61633-5, 2000, <The Unicode Standard, Version 3>.
[1] Unicode联盟,“Unicode标准,第3版”,ISBN 0-201-61633-52000,<Unicode标准,第3版>。
[2] World Wide Web Consortium, "Extensible Markup Language (XML) 1.0", W3C XML, February 1998, <http://www.w3.org/TR/1998/REC-xml-19980210>.
[2] 万维网联盟,“可扩展标记语言(XML)1.0”,W3C XML,1998年2月<http://www.w3.org/TR/1998/REC-xml-19980210>.
[3] World Wide Web Consortium, "Namespaces in XML", W3C XML Namespaces, January 1999, <http://www.w3.org/TR/1999/REC-xml-names-19990114>.
[3] 万维网联盟,“XML中的名称空间”,W3C XML名称空间,1999年1月<http://www.w3.org/TR/1999/REC-xml-names-19990114>.
[4] World Wide Web Consortium, "XML Schema Part 2: Datatypes", W3C XML Schema, October 2004, <http://www.w3.org/TR/xmlschema-2/>.
[4] 万维网联盟,“XML模式第2部分:数据类型”,W3C XML模式,2004年10月<http://www.w3.org/TR/xmlschema-2/>.
[5] World Wide Web Consortium, "XML Schema Part 1: Structures", W3C XML Schema, October 2004, <http://www.w3.org/TR/xmlschema-1/>.
[5] 万维网联盟,“XML模式第1部分:结构”,W3C XML模式,2004年10月<http://www.w3.org/TR/xmlschema-1/>.
[6] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, BCP 14, March 1997.
[6] Bradner,S.,“RFC中用于表示需求水平的关键词”,RFC 2119,BCP 14,1997年3月。
[7] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, January 2004.
[7] Mealling,M.,“IETF XML注册表”,BCP 81,RFC 3688,2004年1月。
[8] Newton, A. and M. Sanz, "IRIS: The Internet Registry Information Service (IRIS) Core Protocol", RFC 3981, January 2005.
[8] Newton,A.和M.Sanz,“IRIS:互联网注册信息服务(IRIS)核心协议”,RFC 3981,2005年1月。
[9] Newton, A., "A Lightweight UDP Transfer Protocol for the Internet Registry Information Service", RFC 4993, August 2007.
[9] Newton,A.,“互联网注册信息服务的轻量级UDP传输协议”,RFC 4993,2007年8月。
[10] Newton, A., "XML Pipelining with Chunks for the Internet Registry Information Service", RFC 4992, August 2007.
[10] Newton,A.,“Internet注册表信息服务的XML块流水线”,RFC 4992,2007年8月。
Substantive contributions to this document have been provided by the members of the IETF's CRISP Working Group, especially Robert Martin-Legene, Milena Caires, and David Blacka.
IETF CRISP工作组成员,特别是Robert Martin Legene、Milena Caires和David Black,对本文件做出了实质性贡献。
Author's Address
作者地址
Andrew L. Newton VeriSign, Inc. 21345 Ridgetop Circle Sterling, VA 20166 USA
Andrew L.Newton VeriSign,Inc.美国弗吉尼亚州斯特林Ridgetop Circle 21345,邮编20166
Phone: +1 703 948 3382
EMail: andy@hxr.us
URI: http://www.verisignlabs.com/
Phone: +1 703 948 3382
EMail: andy@hxr.us
URI: http://www.verisignlabs.com/
Full Copyright Statement
完整版权声明
Copyright (C) The IETF Trust (2007).
版权所有(C)IETF信托基金(2007年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息以“原样”为基础提供,贡献者、他/她所代表或赞助的组织(如有)、互联网协会、IETF信托基金和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。