<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en"><head><title>Draft: Identity Schema Element Metadata: Basic Retrieval</title>
<meta http-equiv="Expires" content="Thu, 06 Sep 2007 18:06:19 +0000">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="description" content="Identity Schema Element Metadata: Basic Retrieval">
<meta name="keywords" content="identity, OpenID, InfoCard, SAML, RDF, schema, attribute">
<meta name="generator" content="xml2rfc v1.32 (http://xml.resource.org/)">
<style type='text/css'><!--
body {
font-family: verdana, charcoal, helvetica, arial, sans-serif;
font-size: small; color: #000; background-color: #FFF;
margin: 2em;
}
h1, h2, h3, h4, h5, h6 {
font-family: helvetica, monaco, "MS Sans Serif", arial, sans-serif;
font-weight: bold; font-style: normal;
}
h1 { color: #900; background-color: transparent; text-align: right; }
h3 { color: #333; background-color: transparent; }
td.RFCbug {
font-size: x-small; text-decoration: none;
width: 30px; height: 30px; padding-top: 2px;
text-align: justify; vertical-align: middle;
background-color: #000;
}
td.RFCbug span.RFC {
font-family: monaco, charcoal, geneva, "MS Sans Serif", helvetica, verdana, sans-serif;
font-weight: bold; color: #666;
}
td.RFCbug span.hotText {
font-family: charcoal, monaco, geneva, "MS Sans Serif", helvetica, verdana, sans-serif;
font-weight: normal; text-align: center; color: #FFF;
}
table.TOCbug { width: 30px; height: 15px; }
td.TOCbug {
text-align: center; width: 30px; height: 15px;
color: #FFF; background-color: #900;
}
td.TOCbug a {
font-family: monaco, charcoal, geneva, "MS Sans Serif", helvetica, sans-serif;
font-weight: bold; font-size: x-small; text-decoration: none;
color: #FFF; background-color: transparent;
}
td.header {
font-family: arial, helvetica, sans-serif; font-size: x-small;
vertical-align: top; width: 33%;
color: #FFF; background-color: #666;
}
td.author { font-weight: bold; font-size: x-small; margin-left: 4em; }
td.author-text { font-size: x-small; }
/* info code from SantaKlauss at http://www.madaboutstyle.com/tooltip2.html */
a.info {
/* This is the key. */
position: relative;
z-index: 24;
text-decoration: none;
}
a.info:hover {
z-index: 25;
color: #FFF; background-color: #900;
}
a.info span { display: none; }
a.info:hover span.info {
/* The span will display just on :hover state. */
display: block;
position: absolute;
font-size: smaller;
top: 2em; left: -5em; width: 15em;
padding: 2px; border: 1px solid #333;
color: #900; background-color: #EEE;
text-align: left;
}
a { font-weight: bold; }
a:link { color: #900; background-color: transparent; }
a:visited { color: #633; background-color: transparent; }
a:active { color: #633; background-color: transparent; }
p { margin-left: 2em; margin-right: 2em; }
p.copyright { font-size: x-small; }
p.toc { font-size: small; font-weight: bold; margin-left: 3em; }
table.toc { margin: 0 0 0 3em; padding: 0; border: 0; vertical-align: text-top; }
td.toc { font-size: small; font-weight: bold; vertical-align: text-top; }
ol.text { margin-left: 2em; margin-right: 2em; }
ul.text { margin-left: 2em; margin-right: 2em; }
li { margin-left: 3em; }
/* RFC-2629 <spanx>s and <artwork>s. */
em { font-style: italic; }
strong { font-weight: bold; }
dfn { font-weight: bold; font-style: normal; }
cite { font-weight: normal; font-style: normal; }
tt { color: #036; }
tt, pre, pre dfn, pre em, pre cite, pre span {
font-family: "Courier New", Courier, monospace; font-size: small;
}
pre {
text-align: left; padding: 4px;
color: #000; background-color: #CCC;
}
pre dfn { color: #900; }
pre em { color: #66F; background-color: #FFC; font-weight: normal; }
pre .key { color: #33C; font-weight: bold; }
pre .id { color: #900; }
pre .str { color: #000; background-color: #CFF; }
pre .val { color: #066; }
pre .rep { color: #909; }
pre .oth { color: #000; background-color: #FCF; }
pre .err { background-color: #FCC; }
/* RFC-2629 <texttable>s. */
table.all, table.full, table.headers, table.none {
font-size: small; text-align: center; border-width: 2px;
vertical-align: top; border-collapse: collapse;
}
table.all, table.full { border-style: solid; border-color: black; }
table.headers, table.none { border-style: none; }
th {
font-weight: bold; border-color: black;
border-width: 2px 2px 3px 2px;
}
table.all th, table.full th { border-style: solid; }
table.headers th { border-style: none none solid none; }
table.none th { border-style: none; }
table.all td {
border-style: solid; border-color: #333;
border-width: 1px 2px;
}
table.full td, table.headers td, table.none td { border-style: none; }
hr { height: 1px; }
hr.insert {
width: 80%; border-style: none; border-width: 0;
color: #CCC; background-color: #CCC;
}
--></style>
</head>
<body>
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<table summary="layout" width="66%" border="0" cellpadding="0" cellspacing="0"><tr><td><table summary="layout" width="100%" border="0" cellpadding="2" cellspacing="1">
<tr><td class="header">Draft</td><td class="header">M. Wahl</td></tr>
<tr><td class="header"> </td><td class="header">Informed Control Inc.</td></tr>
<tr><td class="header"> </td><td class="header">September 6, 2007</td></tr>
</table></td></tr></table>
<h1><br />Identity Schema Element Metadata: Basic Retrieval</h1>
<h3>Abstract</h3>
<p>
This document defines a procedure for retrieving metadata, expressed in RDF as RDF/XML or XHTML with RDFa, about an identity schema or schema element, by contacting the site named in the schema or schema element URI using HTTP or HTTPS.
</p><a name="toc"></a><br /><hr />
<h3>Table of Contents</h3>
<p class="toc">
<a href="#anchor1">1.</a>
Introduction<br />
<a href="#anchor2">2.</a>
Metadata Retrieval<br />
<a href="#anchor3">2.1.</a>
Building the HTTP Request<br />
<a href="#anchor4">2.2.</a>
Receiving the HTTP Response<br />
<a href="#anchor5">2.3.</a>
Parsing the Returned Document to RDF Triples<br />
<a href="#anchor6">2.3.1.</a>
Parsing application/rdf+xml<br />
<a href="#anchor7">2.3.2.</a>
Parsing application/xhtml+xml<br />
<a href="#anchor8">2.4.</a>
Predicates<br />
<a href="#anchor9">3.</a>
Example<br />
<a href="#anchor10">4.</a>
Security Considerations<br />
<a href="#rfc.references1">5.</a>
References<br />
<a href="#rfc.references1">5.1.</a>
Normative References<br />
<a href="#rfc.references2">5.2.</a>
Informative References<br />
<a href="#anchor13">Appendix A.</a>
Copyright<br />
<a href="#rfc.authors">§</a>
Author's Address<br />
</p>
<br clear="all" />
<a name="anchor1"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.1"></a><h3>1.
Introduction</h3>
<p>
This document defines a procedure by which a <em>retriever</em> can obtain a description of an identity attribute type, an identity claim type, or an identity schema, from a web site.
</p>
<p>
The procedure defined in this document is applicable for some <a class='info' href='#InfoCard.interop'>InfoCard<span> (</span><span class='info'>Microsoft, “A Technical Reference for InfoCard v1.0 on Windows,” August 2005.</span><span>)</span></a> [InfoCard.interop] claim types,
<a class='info' href='#OpenID.attribute-1.0'>OpenID AX<span> (</span><span class='info'>Hardt, D., Bufu, J., and J. Hoyt, “OpenID Attribute Exchange 1.0 - Draft 07,” August 2007.</span><span>)</span></a> [OpenID.attribute‑1.0] attribute types, and
<a class='info' href='#SAML'>SAML 2.0<span> (</span><span class='info'>, “Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0,” March 2005.</span><span>)</span></a> [SAML] attribute types.
</p>
<p>
The returned metadata of the identity schema or schema element is described using RDF (<a class='info' href='#RDF.Concepts'>Resource Description Framework<span> (</span><span class='info'>Klyne, G. and J. Carroll, “Resource Description Framework (RDF): Concepts and Abstract Syntax,” February 2004.</span><span>)</span></a> [RDF.Concepts]).
</p>
<p>
This document <em>does not</em> specify procedures for any of the scenarios in which:
</p>
<ul class="text">
<li>schema element identifiers are not URIs (e.g., retrieving metadata for an LDAP attribute type name is not defined in this document),
</li>
<li>schema element identifiers are of URI schemes other than HTTP or HTTPS (e.g., retrieving metadata for an attribute type named by a URN is not defined in this document),
</li>
<li>metadata is requested in formats other than RDF/XML or RDFa (e.g., retrieving metadata in XRDS is not defined in this document), or
</li>
<li>metadata is to be retrieved from a web site other than that named in the schema element URI.
</li>
</ul><p>
</p>
<p>The following namespace prefixes are used in this document:
</p>
<blockquote class="text">
<p><tt>xml</tt>: for the XML <tt>xml:base</tt> and <tt>xml:lang</tt> attributes
</p>
<p><tt>rdf</tt>: as defined in the <a class='info' href='#RDF.SyntaxGrammar'>RDF syntax specification<span> (</span><span class='info'>Beckett, D., “RDF/XML Syntax Specification (Revised),” February 2004.</span><span>)</span></a> [RDF.SyntaxGrammar]: <tt>http://www.w3.org/1999/02/22-rdf-syntax-ns#</tt>
</p>
<p><tt>rdfs</tt>: as defined in the <a class='info' href='#RDF.Schema'>RDF schema<span> (</span><span class='info'>Brickley, D. and R. Guha, “RDF Vocabulary Description Language 1.0: RDF Schema,” February 2004.</span><span>)</span></a> [RDF.Schema] specification: <tt>http://www.w3.org/2000/01/rdf-schema#</tt>
</p>
<p><tt>owl</tt>: as defined in the <a class='info' href='#OWL.reference'>OWL<span> (</span><span class='info'>, “OWL Web Ontology Language Reference,” February 2004.</span><span>)</span></a> [OWL.reference] specification: <tt>http://www.w3.org/2002/07/owl#</tt>
</p>
<p><tt>dc</tt>: as defined in the <a class='info' href='#DC.es'>Dublin Core<span> (</span><span class='info'>, “Dublin Core Metadata Element Set, Version 1.1,” December 2006.</span><span>)</span></a> [DC.es] specification: <tt>http://purl.org/dc/elements/1.1/</tt>
</p>
<p><tt>higgins</tt>: as defined in the <a class='info' href='#Higgins.Ontology'>Higgins ontology<span> (</span><span class='info'>, “Higgins Ontology,” .</span><span>)</span></a> [Higgins.Ontology] specification: <tt>http://www.eclipse.org/higgins/ontologies/2006/higgins.owl#</tt>
</p>
<p><tt>ex</tt>: an example schema ontology, <tt>http://www.example.om/schema.rdf#</tt>
</p>
</blockquote>
<p>
The key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in
<a class='info' href='#RFC2119'>RFC 2119<span> (</span><span class='info'>Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.</span><span>)</span></a> [RFC2119].
</p>
<p>Please send comments to the identity schemas WG mailing list at <tt>idschemas@idcommons.net</tt>.
</p>
<a name="anchor2"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.2"></a><h3>2.
Metadata Retrieval</h3>
<p>The input to the metadata retrieval procedure is a single Uniform Resource Identifier (the input URI), as defined in <a class='info' href='#RFC3986'>RFC 3986<span> (</span><span class='info'>Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.</span><span>)</span></a> [RFC3986], which is typically used by an application as an identifier for an attribute type or claim type.
</p>
<p>This document assumes the input URI has one of the two URI schemes <tt>http</tt> or <tt>https</tt>. Other schemes are not currently supported by this mechanism, but might be addressed in future revisions of this document, or in companion documents.
</p>
<a name="anchor3"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.2.1"></a><h3>2.1.
Building the HTTP Request</h3>
<p>When the input URI is of the <tt>http</tt> scheme, a retriever SHOULD send a GET request using the HTTP/1.1 protocol, as described in the HTTP <a class='info' href='#RFC2616'>RFC 2616<span> (</span><span class='info'>, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.</span><span>)</span></a> [RFC2616].
</p>
<p>
If the URI is of the <tt>https</tt> scheme, then a retriever SHOULD send a GET request using the HTTP/1.1 protocol layered atop SSL or TLS, as described in the HTTPS specification <a class='info' href='#RFC2818'>RFC 2818<span> (</span><span class='info'>Rescorla, “HTTP Over TLS,” May 2000.</span><span>)</span></a> [RFC2818]. A retriever MUST implement the requirements on choice of transport layer security mechanisms specified in section 3 of the <a class='info' href='#WSI.BasicSecurityProfile'>WS-I Basic Security Profile<span> (</span><span class='info'>, “Basic Security Profile Version 1.0,” March 2007.</span><span>)</span></a> [WSI.BasicSecurityProfile].
</p>
<p>
Alternatively, in place of sending a a retriever that has cached a copy of a document retrieved from that base URI (the URI without a fragment) MAY first send a HEAD request, to determine if the document has changed.
</p>
<p>In the header of a GET or HEAD request, a retriever MUST include an "<tt>Accept</tt>" request header with one or both of the media types "<tt>application/rdf+xml</tt>" as defined in <a class='info' href='#RFC3870'>RFC 3870<span> (</span><span class='info'>Swartz, “application/rdf+xml Media Type Registration,” September 2004.</span><span>)</span></a> [RFC3870] or the media type "<tt>application/xhtml+xml</tt>" as defined in <a class='info' href='#W3C.XhtmlMediaTypes'>XHTML Media Types<span> (</span><span class='info'>W3C, “XHTML Media Types,” August 2002.</span><span>)</span></a> [W3C.XhtmlMediaTypes]. A retriever SHOULD support both <tt>application/rdf+xml</tt> (RDF/XML) and <tt>application/xhtml+xml</tt> (XHTML with RDFa). The retriever MAY specify other media types besides those.
</p>
<p>Note that URI fragments are not sent to the web server.
</p>
<a name="anchor4"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.2.2"></a><h3>2.2.
Receiving the HTTP Response</h3>
<p>
If the HTTP response status code is in the redirection (3XX) range, then a retriever SHOULD follow the redirection to locate the document. A retriever SHOULD NOT rewrite the input URI based on this redirection.
</p>
<p>
If the HTTP response status code is in the error (4XX or 5XX) ranges, then a retriever SHOULD abort the procedure: no metadata is available from the web site in RDF.
</p>
<p>
Otherwise, a retriever MUST check that the media type returned in the Content-Type header of the response has a suffix "<tt>+xml</tt>". If the media type does not have the suffix "<tt>+xml</tt>", then the retriever SHOULD abort the procedure, as no metadata is available from the web site in RDF/XML or RDFa. (This is to prevent an RDF parser from attempting to parse a <tt>text/html</tt> document, which would typically result in error messages.)
</p>
<p>
A retriever MUST permit the returned XML content to be encoded in either the UTF-8 <a class='info' href='#RFC3629'>RFC 3629<span> (</span><span class='info'>Yergeau, F., “UTF-8, a transformation format of ISO 10646,” November 2003.</span><span>)</span></a> [RFC3629] or UTF-16 <a class='info' href='#RFC2781'>RFC 2781<span> (</span><span class='info'>Hoffman, P. and F. Yergeau, “UTF-16, an encoding of ISO 10646,” February 2000.</span><span>)</span></a> [RFC2781] charset encodings, and MUST allow the returned content to have an ISO 10646 Byte Order Mark at the beginning of the content. (This is encouraged by the <a class='info' href='#WSI.BasicProfile'>WS-I Basic Profile<span> (</span><span class='info'>, “Basic Profile Version 1.2,” March 2007.</span><span>)</span></a> [WSI.BasicProfile] requirements R4001 and R1010).
</p>
<p>A retriever MUST allow an XML signature to be present. It is a local policy choice whether the retriever requires a signature to be present, or how the retriever obtains the certificate path necessary to validate the signature.
</p>
<a name="anchor5"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.2.3"></a><h3>2.3.
Parsing the Returned Document to RDF Triples</h3>
<p>An RDF-based XML document can be converted into a collection of RDF triples. Each RDF triple has a subject, a predicate URI and an object.
</p>
<p>
The metadata of the schema or schema element (e.g., the attribute or claim type) of interest is provided by the set of RDF triples from the document in which the <tt>subject</tt> of the RDF triple is the input URI of the schema or schema element. There might be RDF triples for other subjects present in the returned document.
</p>
<p>If a fragment was part of the input URI, then the RDF triples that provide the metadata for the schema element are those in which the subject of the RDF triples match the input URI.
</p>
<p>The following two sections cover how a retriever parses a document returned in the Content-Type <tt>application/rdf+xml</tt> (RDF/XML) and a document returned in the Content-Type <tt>application/xhtml+xml</tt> (XHTML with RDFa).
</p>
<a name="anchor6"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.2.3.1"></a><h3>2.3.1.
Parsing application/rdf+xml</h3>
<p>A document with a Content-Type of <tt>application/rdf+xml</tt> is to be parsed as RDF/XML. A retriever MUST start parsing the section of the XML document which is contained by an element <tt>RDF</tt> in the XML namespace "<tt>http://www.w3.org/1999/02/22-rdf-syntax-ns#</tt>". A retriever MUST allow that other namespaces be present. If there is no <tt>RDF</tt> element present, then the retriever SHOULD abort the procedure.
</p>
<p>The subject of RDF triples is specified using the <tt>rdf:about</tt> and <tt>rdf:ID</tt> XML attributes of the elements of the returned document. A retriever MUST parse any <tt>xml:base</tt>, <tt>rdf:ID</tt> and <tt>rdf:about</tt> XML attributes of the elements in the returned XML document, as described in sections 2.14 and 2.17 of the <a class='info' href='#RDF.SyntaxGrammar'>RDF/XML Syntax Specification<span> (</span><span class='info'>Beckett, D., “RDF/XML Syntax Specification (Revised),” February 2004.</span><span>)</span></a> [RDF.SyntaxGrammar]. This is typically handled by a RDF parser software component of the retriever.
</p>
<p>The retriever MUST allow the subject to be expressed using any of the rdf:about or rdf:ID conventions. For example, if the input URI is <tt>http://www.example.com/schema.rdf#first</tt>, and the returned document has a base URI of <tt>http://www.example.com/schema.rdf</tt>, then all four of the following elements in that document describe the same schema element:
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
<rdf:Description rdf:about="http://www.example.com/schema.rdf#first"> ... </rdf:Description>
</pre></div><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
<rdf:Description rdf:about="#first"> ... </rdf:Description>
</pre></div><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
<rdf:Description rdf:ID="first"> ... </rdf:Description>
</pre></div><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
<owl:ObjectProperty rdf:ID="first"> ... </owl:ObjectProperty>
</pre></div>
<p>A fragment is case sensitive. The following <tt>rdf:Description</tt> does NOT describe that same schema element:
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
<rdf:Description rdf:ID="First"> ... </rdf:Description>
</pre></div>
<a name="anchor7"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.2.3.2"></a><h3>2.3.2.
Parsing application/xhtml+xml</h3>
<p>A document with a Content-Type of <tt>application/xhtml+xml</tt> is to be parsed as XHTML containing <a class='info' href='#RDFa.Primer'>RDFa<span> (</span><span class='info'>Adida, B. and M. Birbeck, “RDFa Primer 1.0: Embedding RDF in XHTML; W3C Editors' Draft,” September 2007.</span><span>)</span></a> [RDFa.Primer] markup.
</p>
<p>A retriever MUST parse any <tt>xml:base</tt>, <tt>xml:lang</tt>, <tt>lang</tt>, <tt>xmlns</tt>, <tt>about</tt>, <tt>rel</tt>, <tt>rev</tt>, <tt>property</tt>, <tt>href</tt>, <tt>resource</tt>, <tt>src</tt>, <tt>datatype</tt>, <tt>content</tt> and <tt>instanceof</tt> XML attributes of the elements in the returned XML document, as described in sections 2.3 and 3.1 of the <a class='info' href='#RDFa.Syntax'>RDFa Syntax<span> (</span><span class='info'>Birbeck, M., Pemberton, S., Adida, B., and S. McCarron, “RDFa Syntax: A collection of attributes for layering RDF on XML languages; W3C Editors' Draft,” September 2007.</span><span>)</span></a> [RDFa.Syntax].
</p>
<p>The subject of RDF triples in RDFa is typically specified using the <tt>about</tt> attributes of the elements of the returned document. A retriever MUST also recognize the <tt>xml:base</tt> and <tt>rev</tt> XML attributes, as these can affect how the subject is specified.
</p>
<a name="anchor8"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.2.4"></a><h3>2.4.
Predicates</h3>
<p>
A retriever SHOULD recognize the predicates listed in the documents <a class='info' href='#Schema.Existing'>Identity Schema Element Metadata: Using Existing Ontologies<span> (</span><span class='info'>Wahl, M., “Identity Schema Element Metadata: Using Existing Ontologies,” September 2007.</span><span>)</span></a> [Schema.Existing] and <a class='info' href='#Schema.New'>Identity Schema Element Metadata: New Ontology<span> (</span><span class='info'>Wahl, M., “Identity Schema Element Metadata: New Ontology,” September 2007.</span><span>)</span></a> [Schema.New].
</p>
<p>For example, a retriever SHOULD use the value or values of the RDF triples with predicate <tt>rdfs:label</tt> as a short plain text description of the schema or schema element, and the value or values of the RDF triples with predicate <tt>rdfs:comment</tt> as a long plain text description of the schema or schema element. (There may be multiple RDF triples for a given predicate URI, with different <tt>xml:lang</tt> or <tt>lang</tt> values).
</p>
<a name="anchor9"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.3"></a><h3>3.
Example</h3>
<p>For example, if the input URI for a schema element is <tt>http://www.example.com/schema.rdf#age</tt>, then the retriever would send a GET request to the HTTP port of <tt>www.example.com</tt>:
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
GET /schema.rdf HTTP/1.1
Host: www.example.com
Accept: application/rdf+xml, application/xhtml+xml
</pre></div>
<p>If the file is stored in RDF/XML, the web server returns (where <tt>nnn</tt> in the second line of the header is the length of the XML file in bytes),
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
HTTP/1.1 200 OK
Content-Length: nnn
Content-Type: application/rdf+xml
<?xml version="1.0"?>
<rdf:RDF xml:base="http://www.example/com/schema.rdf"
xmlns:ex="http://www.example.com/schema.rdf#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"
xmlns:owl="http://www.w3.org/2002/07/owl#"
xmlns:higgins="http://www.eclipse.org/higgins/ontologies/2006/higgins.owl#">
<owl:Ontology rdf:about="">
<rdfs:label>Example schema containing one attribute type.</rdfs:label>
</owl:Ontology>
<rdf:Description rdf:ID="age">
<rdfs:label>Age</rdfs:label>
<rdfs:label xml:lang="de">Alter</rdfs:label>
<rdfs:label xml:lang="fr">&#xC2;ge</rdfs:label>
<rdfs:comment>How old a person is (in years)</rdfs:comment>
<rdf:type>
<rdf:Description rdf:about="http://www.w3.org/2002/07/owl#ObjectProperty"/>
</rdf:type>
<rdfs:subPropertyOf>
<rdf:Description rdf:about="http://www.eclipse.org/higgins/ontologies/2006/higgins#attribute"/>
</rdfs:subPropertyOf>
</rdf:Description>
</rdf:RDF>
</pre></div>
<p>If the file is stored in RDFa, the web server returns (where <tt>nnn</tt> in the second line of the header is the length of the XML file in bytes),
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
HTTP/1.1 200 OK
Content-Length: nnn
Content-Type: application/xhtml+xml
<?xml version="1.0"?>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#">
<head about="">
<title property="rdfs:label">Example schema containing one attribute type.</title>
<link rel="rdf:type" href="http://www.w3.org/2002/07/owl#Ontology" />
</head>
<body>
<ul about="#age">
<li><span property="rdfs:label">Age</span></li>
<li><span property="rdfs:label" lang="de">Alter</span> (German)</li>
<li><span property="rdfs:label" lang="fr">&#xC2;ge</span> (French)</li>
<li>Comment: <span property="rdfs:comment">How old a person is (in years)</span></li>
<li>This is an <a rel="rdf:type" href="http://www.w3.org/2002/07/owl#ObjectProperty">OWL ObjectProperty</a>.</li>
<li>This is a sub-property of a
<a rel="rdfs:subPropertyOf" href="http://www.eclipse.org/higgins/ontologies/2006/higgins#attribute">Higgins attribute</a>.</li>
</ul>
</body>
</html>
</pre></div>
<p>For both the RDF/XML and RDFa document formats, the document base URI is <tt>http://www.example.com/schema.rdf</tt>, and the document contains the following RDF triples for the requested <tt>http://www.example.com/schema.rdf#age</tt> attribute type:
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
ex:age rdfs:label "Age"
ex:age rdfs:label "Alter" (in locale for language "de")
ex:age rdfs:label "Âge" (in locale for language "fr")
ex:age rdfs:comment "How old a person is (in years)"
ex:age rdf:type owl:ObjectProperty
ex:age rdfs:subPropertyOf higgins:attribute
</pre></div>
<a name="anchor10"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.4"></a><h3>4.
Security Considerations</h3>
<p>As with other scenarios for HTTP-based clients, retrievers SHOULD implement a local policy on contacting URIs received from unfamiliar sources. For example, an attacker might use claim types of URIs that have side effects.
</p>
<p>
It is anticipated that the majority of Internet-facing services which provide a schema retrieval service will be providing publically-vislble schema. The protection against disclosure of private schema definitions, through authentication and access control checks, is outside of the scope of this document.
</p>
<p>
When not using the HTTPS transport protocol, there is a possibility for the XML documents to be modified while in transit. There is also a possibility for an alternative XML document to be provided to the retriever by an attacker in place of the intended XML document, if the attacker can spoof the identity of the contacted web site.
</p>
<p>
Security considerations for RDF in XML are included in section 6 of <a class='info' href='#RFC3870'>RFC 3870<span> (</span><span class='info'>Swartz, “application/rdf+xml Media Type Registration,” September 2004.</span><span>)</span></a> [RFC3870], for XML media types in general are included in section 10 of <a class='info' href='#RFC3023'>RFC 3023<span> (</span><span class='info'>Murata, M., St.Laurent, S., and D. Kohn, “XML Media Types,” January 2001.</span><span>)</span></a> [RFC3023], and for media types which trigger directives on the receiver are included in section 2.2.6 of <a class='info' href='#RFC2048'>RFC 2048<span> (</span><span class='info'>Freed, N., Klensin, J., and J. Postel, “Multipurpose Internet Mail Exceptions (MIME) Part Four: Registration Procedures,” November 1996.</span><span>)</span></a> [RFC2048]. .
</p>
<p>Security considerations for directory schema are also included in section 5 of <a class='info' href='#RFC4519'>LDAPv3 Schema for User Applications<span> (</span><span class='info'>Sciberras, A., “Lightweight Directory Access Protocol (LDAP): Schema for User Applications,” June 2006.</span><span>)</span></a> [RFC4519].
</p>
<a name="rfc.references"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.5"></a><h3>5.
References</h3>
<a name="rfc.references1"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<h3>5.1. Normative References</h3>
<table width="99%" border="0">
<tr><td class="author-text" valign="top"><a name="DC.es">[DC.es]</a></td>
<td class="author-text">“<a href="http://dublincore.org/documents/dces/">Dublin Core Metadata Element Set, Version 1.1</a>,” December 2006.</td></tr>
<tr><td class="author-text" valign="top"><a name="Higgins.Ontology">[Higgins.Ontology]</a></td>
<td class="author-text">“Higgins Ontology” (<a href="http://wiki.eclipse.org/Higgins_Ontology">HTML</a>, <a href="http://www.eclipse.org/higgins/ontologies/2006/higgins.owl">OWL</a>).</td></tr>
<tr><td class="author-text" valign="top"><a name="OWL.reference">[OWL.reference]</a></td>
<td class="author-text">“<a href="http://www.w3.org/TR/owl-ref/">OWL Web Ontology Language Reference</a>,” February 2004.</td></tr>
<tr><td class="author-text" valign="top"><a name="RDF.Concepts">[RDF.Concepts]</a></td>
<td class="author-text">Klyne, G. and J. Carroll, “<a href="http://www.w3.org/TR/2004/REC-rdf-concepts-20040210/">Resource Description Framework (RDF): Concepts and Abstract Syntax</a>,” February 2004.</td></tr>
<tr><td class="author-text" valign="top"><a name="RDF.Schema">[RDF.Schema]</a></td>
<td class="author-text">Brickley, D. and R. Guha, “<a href="http://www.w3.org/TR/rdf-schema/">RDF Vocabulary Description Language 1.0: RDF Schema</a>,” February 2004.</td></tr>
<tr><td class="author-text" valign="top"><a name="RDF.SyntaxGrammar">[RDF.SyntaxGrammar]</a></td>
<td class="author-text">Beckett, D., “<a href="http://www.w3.org/TR/rdf-syntax-grammar/">RDF/XML Syntax Specification (Revised)</a>,” February 2004.</td></tr>
<tr><td class="author-text" valign="top"><a name="RDFa.Primer">[RDFa.Primer]</a></td>
<td class="author-text">Adida, B. and M. Birbeck, “<a href="http://www.w3.org/2006/07/SWD/RDFa/primer/">RDFa Primer 1.0: Embedding RDF in XHTML; W3C Editors' Draft</a>,” September 2007.</td></tr>
<tr><td class="author-text" valign="top"><a name="RDFa.Syntax">[RDFa.Syntax]</a></td>
<td class="author-text">Birbeck, M., Pemberton, S., Adida, B., and S. McCarron, “<a href="http://www.w3.org/MarkUp/2007/ED-rdfa-syntax-20070906/">RDFa Syntax: A collection of attributes for layering RDF on XML languages; W3C Editors' Draft</a>,” September 2007.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC2119">[RFC2119]</a></td>
<td class="author-text"><a href="mailto:sob@harvard.edu">Bradner, S.</a>, “<a href="ftp://ftp.isi.edu/in-notes/rfc2119.txt">Key words for use in RFCs to Indicate Requirement Levels</a>,” BCP 14, RFC 2119, March 1997 (<a href="ftp://ftp.isi.edu/in-notes/rfc2119.txt">TXT</a>, <a href="http://xml.resource.org/public/rfc/html/rfc2119.html">HTML</a>, <a href="http://xml.resource.org/public/rfc/xml/rfc2119.xml">XML</a>).</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC2616">[RFC2616]</a></td>
<td class="author-text">“<a href="ftp://ftp.isi.edu/in-notes/rfc2616.txt">Hypertext Transfer Protocol -- HTTP/1.1</a>,” RFC 2616, June 1999.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC2781">[RFC2781]</a></td>
<td class="author-text">Hoffman, P. and F. Yergeau, “<a href="http://www.ietf.org/rfc/rfc2781">UTF-16, an encoding of ISO 10646</a>,” RFC 2781, February 2000.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC2818">[RFC2818]</a></td>
<td class="author-text">Rescorla, “<a href="ftp://ftp.isi.edu/in-notes/rfc2818.txt">HTTP Over TLS</a>,” RFC 2818, May 2000.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC3023">[RFC3023]</a></td>
<td class="author-text">Murata, M., St.Laurent, S., and D. Kohn, “<a href="http://www.ietf.org/rfc/rfc3023.txt">XML Media Types</a>,” January 2001.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC3629">[RFC3629]</a></td>
<td class="author-text">Yergeau, F., “<a href="ftp://ftp.isi.edu/in-notes/rfc3629.txt">UTF-8, a transformation format of ISO 10646</a>,” STD 63, RFC 3629, November 2003.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC3870">[RFC3870]</a></td>
<td class="author-text">Swartz, “<a href="ftp://ftp.isi.edu/in-notes/rfc3870.txt">application/rdf+xml Media Type Registration</a>,” RFC 3870, September 2004.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC3986">[RFC3986]</a></td>
<td class="author-text">Berners-Lee, T., Fielding, R., and L. Masinter, “<a href="ftp://ftp.isi.edu/in-notes/rfc3986.txt">Uniform Resource Identifier (URI): Generic Syntax</a>,” RFC 3986, January 2005.</td></tr>
<tr><td class="author-text" valign="top"><a name="Schema.Existing">[Schema.Existing]</a></td>
<td class="author-text">Wahl, M., “Identity Schema Element Metadata: Using Existing Ontologies,” September 2007.</td></tr>
<tr><td class="author-text" valign="top"><a name="Schema.New">[Schema.New]</a></td>
<td class="author-text">Wahl, M., “Identity Schema Element Metadata: New Ontology,” September 2007.</td></tr>
<tr><td class="author-text" valign="top"><a name="W3C.XhtmlMediaTypes">[W3C.XhtmlMediaTypes]</a></td>
<td class="author-text">W3C, “<a href="http://www.w3.org/TR/xhtml-media-types/">XHTML Media Types</a>,” August 2002.</td></tr>
<tr><td class="author-text" valign="top"><a name="WSI.BasicSecurityProfile">[WSI.BasicSecurityProfile]</a></td>
<td class="author-text">“<a href="http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0.html">Basic Security Profile Version 1.0</a>,” March 2007.</td></tr>
</table>
<a name="rfc.references2"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<h3>5.2. Informative References</h3>
<table width="99%" border="0">
<tr><td class="author-text" valign="top"><a name="InfoCard.interop">[InfoCard.interop]</a></td>
<td class="author-text">Microsoft, “<a href="http://download.microsoft.com/download/5/4/0/54091e0b-464c-4961-a934-d47f91b66228/infocard-techref-beta2-published.pdf">A Technical Reference for InfoCard v1.0 on Windows</a>,” August 2005.</td></tr>
<tr><td class="author-text" valign="top"><a name="OpenID.attribute-1.0">[OpenID.attribute-1.0]</a></td>
<td class="author-text">Hardt, D., Bufu, J., and J. Hoyt, “<a href="http://openid.net/specs/openid-attribute-exchange-1_0-07.html">OpenID Attribute Exchange 1.0 - Draft 07</a>,” August 2007.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC2048">[RFC2048]</a></td>
<td class="author-text">Freed, N., Klensin, J., and J. Postel, “<a href="ftp://ftp.isi.edu/in-notes/rfc2048.txt">Multipurpose Internet Mail Exceptions (MIME) Part Four: Registration Procedures</a>,” RFC 2048, November 1996.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC4519">[RFC4519]</a></td>
<td class="author-text">Sciberras, A., “<a href="ftp://ftp.isi.edu/in-notes/rfc4519.txt">Lightweight Directory Access Protocol (LDAP): Schema for User Applications</a>,” RFC 4519, June 2006.</td></tr>
<tr><td class="author-text" valign="top"><a name="SAML">[SAML]</a></td>
<td class="author-text">“<a href="http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf">Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0</a>,” March 2005.</td></tr>
<tr><td class="author-text" valign="top"><a name="WSI.BasicProfile">[WSI.BasicProfile]</a></td>
<td class="author-text">“<a href="http://www.ws-i.org/Profiles/BasicProfile-1.2.html">Basic Profile Version 1.2</a>,” March 2007.</td></tr>
</table>
<a name="anchor13"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.A"></a><h3>Appendix A.
Copyright</h3>
<p>
Copyright (C) Informed Control Inc. (2007).
</p>
<p>
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, AND THE ORGANIZATION HE/SHE REPRESENTS
DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO
ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE
ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR
A PARTICULAR PURPOSE.
</p>
<a name="rfc.authors"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<h3>Author's Address</h3>
<table width="99%" border="0" cellpadding="0" cellspacing="0">
<tr><td class="author-text"> </td>
<td class="author-text">Mark Wahl</td></tr>
<tr><td class="author-text"> </td>
<td class="author-text">Informed Control Inc.</td></tr>
<tr><td class="author-text"> </td>
<td class="author-text">PO Box 90626</td></tr>
<tr><td class="author-text"> </td>
<td class="author-text">Austin, TX 78709</td></tr>
<tr><td class="author-text"> </td>
<td class="author-text">US</td></tr>
<tr><td class="author" align="right">Email: </td>
<td class="author-text"><a href="mailto:mark.wahl@informed-control.com">mark.wahl@informed-control.com</a></td></tr>
</table>
</body></html>