TOC |
|
By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”
The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.
This Internet-Draft will expire on March 4, 2009.
This document specifies Metalink Documents, an XML-based download description format.
1.
Introduction
1.1.
Examples
1.2.
Namespace and Version
1.3.
Notational Conventions
2.
Metalink Documents
3.
Common Metalink Constructs
3.1.
Text Constructs
3.1.1.
Text
3.2.
Date Constructs
4.
Metalink Element Definitions
4.1.
Container Elements
4.1.1.
The "metalink:metalink" Element
4.1.2.
The "metalink:files" Element
4.1.3.
The "metalink:file" Element
4.1.4.
The "metalink:resources" Element
4.1.5.
The "metalink:verification" Element
4.1.6.
The "metalink:pieces" Element
4.2.
Metadata Elements
4.2.1.
The "metalink:copyright" Element
4.2.2.
The "metalink:description" Element
4.2.3.
The "metalink:generator" Element
4.2.4.
The "metalink:hash" Element
4.2.5.
The "metalink:identity" Element
4.2.6.
The "metalink:language" Element
4.2.7.
The "metalink:license" Element
4.2.8.
The "metalink:logo" Element
4.2.9.
The "metalink:origin" Element
4.2.10.
The "metalink:os" Element
4.2.11.
The "metalink:published" Element
4.2.12.
The "metalink:publisher" Element
4.2.13.
The "metalink:signature" Element
4.2.14.
The "metalink:size" Element
4.2.15.
The "metalink:type" Element
4.2.16.
The "metalink:updated" Element
4.2.17.
The "metalink:url" Element
4.2.18.
The "metalink:version" Element
5.
Securing Metalink Documents
5.1.
Digital Signatures
5.2.
Encryption
5.3.
Signing and Encrypting
6.
Extending Metalink
6.1.
Extensions from Non-Metalink Vocabularies
6.2.
Extensions to the Metalink Vocabulary
6.3.
Processing Foreign Markup
6.4.
Extension Elements
6.4.1.
Simple Extension Elements
6.4.2.
Structured Extension Elements
7.
IANA Considerations
8.
Security Considerations
8.1.
URIs
8.2.
IRIs
8.3.
Spoofing
8.4.
Encryption and Signing
9.
References
9.1.
Normative References
9.2.
Informative References
Appendix A.
Contributors
Appendix B.
RELAX NG Compact Schema
§
Index
§
Author's Address
§
Intellectual Property and Copyright Statements
TOC |
Metalink is an XML-based document format that describes a file or lists of files to be added to a download queue. Lists are composed of a number of files, each with an extensible set of attached metadata. For example, each file can have a description, checksum, and list of URIs that it is available from.
The primary use case that Metalink addresses is the description of downloadable content in a format so download agents can act intelligently and recover from common errors with little or no user interaction necessary. These errors can include multiple servers going down and data corrupted in transmission.
TOC |
A brief, single file Metalink Document:
<?xml version="1.0" encoding="UTF-8"?> <metalink version="3.0" xmlns="http://metalinker.org"> <files> <file name="example.ext"> <resources> <url>ftp://ftp.example.com/example.ext</url> <url>http://example.com/example.ext</url> <url type="bittorrent">http://example.com/example.ext.torrent </url> </resources> </file> </files> </metalink>
A more extensive, single file Metalink Document:
<?xml version="1.0" encoding="UTF-8"?> <metalink version="3.0" xmlns="http://metalinker.org"> <published>2008-05-15T12:23:23Z</published> <files> <file name="example.ext"> <identity>Example</identity> <version>1.0</version> <description>A description of the example file for download.</description> <verification> <hash type="md5">83b1a04f18d6782cfe0407edadac377f</hash> <hash type="sha1">80bc95fd391772fa61c91ed68567f0980bb45fd9 </hash> </verification> <resources> <url>ftp://ftp.example.com/example.ext</url> <url>http://example.com/example.ext</url> <url type="bittorrent">http://example.com/example.ext.torrent </url> </resources> </file> </files> </metalink>
TOC |
The XML Namespaces URI [REC‑xml‑names] (Hollander, D., Bray, T., Tobin, R., and A. Layman, “Namespaces in XML 1.0 (Second Edition),” August 2006.) for the XML data format described in this specification is:
http://www.metalinker.org/
For convenience, this data format may be referred to as "Metalink 3.0". This specification uses "Metalink" internally.
TOC |
This specification describes conformance of Metalink Documents. Additionally, it places some requirements on Metalink Processors.
This specification uses the namespace prefix "metalink:" for the Namespace URI identified in Section 1.2 (Namespace and Version), above. Note that the choice of namespace prefix is arbitrary and not semantically significant.
Metalink is specified using terms from the XML Infoset [REC‑xml‑infoset] (Cowan, J. and R. Tobin, “XML Information Set (Second Edition),” February 2004.). However, this specification uses a shorthand for two common terms: the phrase "Information Item" is omitted when naming Element Information Items and Attribute Information Items. Therefore, when this specification uses the term "element," it is referring to an Element Information Item in Infoset terms. Likewise, when it uses the term "attribute," it is referring to an Attribute Information Item.
Some sections of this specification are illustrated with fragments of a non-normative RELAX NG Compact schema [RELAX‑NG] (Clark, J., “RELAX NG Compact Syntax,” December 2001.). However, the text of this specification provides the definition of conformance. A complete schema appears in Appendix B (RELAX NG Compact Schema).
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, [RFC2119] (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.), as scoped to those conformance targets.
TOC |
This specification describes Metalink Documents.
A Metalink Document describes a file or group of files, how to access them, and metadata that identifies them. Its root is the metalink:metalink (The "metalink:metalink" Element) element.
namespace metalink = "http://www.metalinker.org" start = metalinkMetalink
Metalink Documents are specified in terms of the XML Information Set, serialized as XML 1.0 [REC‑xml] (Yergeau, F., Paoli, J., Bray, T., Sperberg-McQueen, C., and E. Maler, “Extensible Markup Language (XML) 1.0 (Fourth Edition),” August 2006.) and identified with the "application/metalink+xml" media type. Metalink Documents MUST be well-formed XML. This specification does not define a DTD for Metalink Documents, and hence does not require them to be valid (in the sense used by XML).
Metalink allows the use of IRIs [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.). Every URI [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.) is also an IRI, so a URI may be used wherever below an IRI is named. There is one special consideration: when an IRI that is not also a URI is given for dereferencing, it MUST be mapped to a URI using the steps in Section 3.1 of [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.).
Any element defined by this specification MAY have an xml:base attribute [REC‑xmlbase] (Marsh, J., “XML Base,” June 2001.). When xml:base is used in an Metalink Document, it serves the function described in Section 5.1.1 of [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.), establishing the base URI (or IRI) for resolving any relative references found within the effective scope of the xml:base attribute.
Any element defined by this specification MAY have an xml:lang attribute, whose content indicates the natural language for the element and its descendents. The language context is only significant for elements and attributes declared to be "Language-Sensitive" by this specification. Requirements regarding the content and interpretation of xml:lang are specified in XML 1.0 (Yergeau, F., Paoli, J., Bray, T., Sperberg-McQueen, C., and E. Maler, “Extensible Markup Language (XML) 1.0 (Fourth Edition),” August 2006.) [REC‑xml], Section 2.12.
metalinkCommonAttributes = attribute xml:base { metalinkUri }?, attribute xml:lang { metalinkLanguageTag }?, undefinedAttribute*
Metalink is an extensible format. See Section 6 (Extending Metalink) of this document for a full description of how Metalink Documents can be extended.
TOC |
Many of Metalink's elements share a few common structures. This section defines those structures and their requirements for convenient reference by the appropriate element definitions.
When an element is identified as being a particular kind of construct, it inherits the corresponding requirements from that construct's definition in this section.
Note that there MUST NOT be any white space in a Date construct or in any IRI. Some XML-emitting implementations erroneously insert white space around values by default, and such implementations will emit invalid Metalink Documents.
TOC |
A Text construct contains human-readable text, usually in small quantities. The content of Text constructs is Language-Sensitive.
metalinkTextConstruct = metalinkCommonAttributes, text
TOC |
Example metalink:description (The "metalink:description" Element) with text content:
... <description> A description of the example file for download. </description> ...
The content of the Text construct MUST NOT contain child elements. Such text is intended to be presented to humans in a readable fashion. Thus, Metalink Processors MAY collapse white space (including line breaks) and display the text using typographic techniques such as justification and proportional fonts.
TOC |
A Date construct is an element whose content MUST conform to the "date-time" production in [RFC3339] (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” July 2002.). In addition, an uppercase "T" character MUST be used to separate date and time, and an uppercase "Z" character MUST be present in the absence of a numeric time zone offset.
metalinkDateConstruct = metalinkCommonAttributes, xsd:dateTime
Such date values happen to be compatible with the following specifications: [ISO.8601.1988] (International Organization for Standardization, “Data elements and interchange formats - Information interchange - Representation of dates and times,” June 1988.), [W3C.NOTE‑datetime‑19980827] (Wolf, M. and C. Wicksteed, “Date and Time Formats,” August 1998.), and [W3C.REC‑xmlschema‑2‑20041028] (Malhotra, A. and P. Biron, “XML Schema Part 2: Datatypes Second Edition,” October 2004.).
Example Date constructs:
<updated>2008-12-13T18:30:02Z</updated> <updated>2008-12-13T18:30:02.25Z</updated> <updated>2008-12-13T18:30:02+01:00</updated> <updated>2008-12-13T18:30:02.25+01:00</updated>
Date values SHOULD be as accurate as possible. For example, it would be generally inappropriate for a publishing system to apply the same timestamp to several entries that were published during the course of a single day.
TOC |
TOC |
TOC |
The "metalink:metalink" element is the document (i.e., top-level) element of a Metalink Document, acting as a container for metadata and data associated with the listed files. It contains one "metalink:files" element whose element children consist of metadata elements followed by one or more metalink:file (The "metalink:file" Element) child elements.
metalinkMetalink = element metalink:metalink { metalinkCommonAttributes, (metalinkPublished? & metalinkOrigin? & metalinkGenerator? & metalinkUpdated? & extensionElement*), metalinkFiles }
The following child elements are defined by this specification (note that the presence of some of these elements is required):
TOC |
Experience teaches that downloads providing textual content are in general more useful than those that do not. Some applications (one example is full-text indexers) require a minimum amount of text to function reliably and predictably. Metalink publishers should be aware of these issues. It is advisable that each metalink:file (The "metalink:file" Element) element contain a non-empty metalink:description (The "metalink:description" Element) element, a non-empty metalink:identity (The "metalink:identity" Element) element when that element is present, and a non-empty metalink:version (The "metalink:version" Element) element, and a non-empty metalink:publisher (The "metalink:publisher" Element) element. However, the absence of metalink:description (The "metalink:description" Element) is not an error, and Metalink Processors MUST NOT fail to function correctly as a consequence of such an absence.
TOC |
The "metalink:files" element acts as a container for metadata and data associated with the listed files. It contains one or more metalink:file (The "metalink:file" Element) child elements. Certain elements can be listed either under metalink:files (The "metalink:files" Element) or metalink:file (The "metalink:file" Element). If under metalink:files (The "metalink:files" Element), they apply to all files listed in each metalink:file (The "metalink:file" Element). If under metalink:file (The "metalink:file" Element), then they apply to just that specific file.
metalinkFiles = element metalink:files { metalinkCommonAttributes, (metalinkIdentity? & metalinkVersion? & metalinkDescription? & metalinkOS? & metalinkLogo? & metalinkLanguage? & metalinkPublisher? & metalinkCopyright? & metalinkLicense? & extensionElement*) metalinkFile }
The following child elements are defined by this specification (note that the presence of some of these elements is required):
TOC |
The "metalink:file (The "metalink:file" Element)" element represents an individual file, acting as a container for metadata and data associated with the file.
metalinkFile = element metalink:file { metalinkCommonAttributes, attribute name { metalinkTextConstruct }, (metalinkVerification? & metalinkIdentity? & metalinkVersion? & metalinkDescription? & metalinkSize? & metalinkOS? & metalinkLogo? & metalinkLanguage? & metalinkPublisher? & metalinkCopyright? & metalinkLicense? & extensionElement*) metalinkResources }
This specification assigns no significance to the order of metalink:file (The "metalink:file" Element) elements.
The following child elements are defined by this specification (note that it requires the presence of some of these elements):
TOC |
metalink:file (The "metalink:file" Element) elements MUST have a "name" attribute, which contains the filename of the file downloaded.
Directory information can also be contained in a "path/file" format only, as in:
<file name="debian-amd64/sarge/Contents-amd64.gz">
In this example, a subdirectory debian-amd64/sarge/ will be created and a file named Contents-amd64.gz will be created inside it. The path MUST be relative. The path MUST NOT begin with a "/", "./" or "../", contain "/../", or end with "/..". Metalink Processors MUST NOT allow directory traversal.
A Metalink Processor MAY alter the name of the subdirectory or file if they contain characters which are invalid in the destination filesystem.
TOC |
The "metalink:resources" element acts as a container for metadata and data associated with the listed files. It contains one or more metalink:url (The "metalink:url" Element) child elements.
metalinkResources = element metalink:resources { metalinkCommonAttributes, extensionElement* metalinkURL* }
This specification assigns no significance to the order of metalink:url (The "metalink:url" Element) elements. Significance is determined by the value of the "preference" attribute of the metalink:url (The "metalink:url" Element) elements.
The following child elements are defined by this specification (note that the presence of some of these elements is required):
TOC |
The "metalink:verification" element acts as a container for metadata and data associated with verifying the listed files. This information is in the form of checksums and digital signatures. Checksums are used to verify the integrity of a file or portion of a file to determine if the files have been transferred without any errors. Digital signatures verify that a file is from the entity that has signed it.
metalinkVerification = element metalink:verification { metalinkCommonAttributes, (metalinkHash* & metalinkPieces* & metalinkSignature & extensionElement*) }
The following child elements are defined by this specification (note that the presence of some of these elements is required):
TOC |
The "metalink:pieces (The "metalink:pieces" Element)" element is a Text construct that conveys a human-readable piece information for a file.
metalinkPieces = element metalink:pieces { attribute length { metalinkTextConstruct }, attribute type { "crc32" | "md4" | "md5" | "sha1" | "sha256" | "sha384" | "sha512" | "rmd160" | "tiger" }, hash+ }+,
TOC |
metalink:pieces (The "metalink:pieces" Element) elements MUST have a "type" attribute.
This document defines nine initial values for hash types. It may be useful to extend Metalink documents with new verification methods, so unknown types are allowed.
TOC |
metalink:pieces (The "metalink:pieces" Element) elements MUST have a "length" attribute, which is an integer that describes the length of the piece of the file in octets.
TOC |
TOC |
The "metalink:copyright (The "metalink:copyright" Element)" element is a Text construct that conveys a human-readable copyright for a file.
metalinkCopyright = element metalink:copyright { metalinkTextConstruct }
TOC |
The "metalink:description (The "metalink:description" Element)" element is a Text construct that conveys a human-readable description for a file.
metalinkDescription = element metalink:description { metalinkTextConstruct }
TOC |
The "metalink:generator (The "metalink:generator" Element)" element's content identifies the agent used to generate a Metalink Document, for debugging and other purposes.
metalinkGenerator = element metalink:generator { metalinkCommonAttributes, attribute uri { metalinkUri }?, attribute version { text }?, text }
The content of this element, when present, MUST be a string that is a human-readable name for the generating agent. Entities such as "&" and "<" represent their corresponding characters ("&" and "<" respectively), not markup.
The metalink:generator (The "metalink:generator" Element) element MAY have a "uri" attribute whose value MUST be an IRI reference [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.). When dereferenced, the resulting URI (mapped from an IRI, if necessary) SHOULD produce a representation that is relevant to that agent.
The metalink:generator (The "metalink:generator" Element) element MAY have a "version" attribute that indicates the version of the generating agent.
TOC |
The "metalink:hash (The "metalink:hash" Element)" element is a Text construct that conveys a human-readable hash for a file.
metalinkHash = element metalink:hash { attribute piece { xsd:integer }?, attribute type { "crc32" | "md4" | "md5" | "sha1" | "sha256" | "sha384" | "sha512" | "rmd160" | "tiger" }, text }
TOC |
metalink:hash (The "metalink:hash" Element) elements MUST have a "type" attribute or a "piece" attribute. metalink:hash (The "metalink:hash" Element) elements with a "type" attribute contain a hash of the whole file. metalink:hash (The "metalink:hash" Element) elements with a "piece" attribute contain a hash for that specific piece or chunk of the file. All hashes are in lowercase hexadecimal format.
When multiple hash types methods are provided, a Metalink Processor MAY verify using more than one of these hash types. Metalink Processors are encouraged to check all hash types given which they are able to process
This document defines nine initial values for hash types. It may be useful to extend Metalink documents with new verification methods, so unknown types are allowed.
TOC |
metalink:hash (The "metalink:hash" Element) elements MAY have a "piece" attribute, only when they are a sub element of metalink:pieces (The "metalink:pieces" Element). The value of "piece" starts at "0" and increases, depending on the "length" attribute of metalink:pieces (The "metalink:pieces" Element) and the size of the file.
TOC |
The "metalink:identity (The "metalink:identity" Element)" element is a Text construct that conveys a human-readable identity for a file. The identity of OpenOffice.org 3.0 would be "OpenOffice.org".
metalinkIdentity = element metalink:identity { metalinkTextConstruct }
TOC |
The "metalink:language (The "metalink:language" Element)" element is a Text construct that conveys a code for the language of a file, per [ISO639‑2] (International Organization for Standardization, “ISO 639-2:1998 - Codes for the representation of names of languages -- Part 2: Alpha-3 code - edition 1, 1998-11-01, 66 pages, prepared by a Joint Working Group of ISO TC46/SC4 and ISO TC37/SC2.,” 1998.).
metalinkLanguage = element metalink:language { metalinkTextConstruct }
TOC |
The "metalink:license (The "metalink:license" Element)" element is a Text construct that conveys a human-readable license name for a file.
metalinkLicense = element metalink:license { metalinkCommonAttributes, attribute uri { metalinkUri }?, attribute name { metalinkTextConstruct }?, }
The metalink:license (The "metalink:license" Element) element MAY have a "uri" attribute whose value MUST be an IRI reference [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.). When dereferenced, the resulting URI (mapped from an IRI, if necessary) SHOULD produce a representation that is relevant to that agent.
The metalink:license (The "metalink:license" Element) element MAY have a "name" attribute that indicates the name of the license.
TOC |
The "metalink:logo (The "metalink:logo" Element)" element's content is an IRI reference [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.) that identifies an image that provides visual identification for a file.
metalinkLogo = element metalink:logo { metalinkCommonAttributes, (metalinkUri) }
The image SHOULD have an aspect ratio of one (horizontal) to one (vertical) and SHOULD be suitable for presentation at a small size.
TOC |
The "metalink:origin (The "metalink:origin" Element)" element is an IRI where the Metalink Document was originally published. If metalink:type (The "metalink:type" Element) is "dynamic", then updated versions of the Metalink can be found at this IRI.
metalinkOrigin = element metalink:origin { metalinkCommonAttributes, (metalinkUri) }
TOC |
The "metalink:os (The "metalink:os" Element)" element is a Text construct that conveys a human-readable Operating System for a file.
metalinkOS = element metalink:os { metalinkTextConstruct }
TOC |
The "metalink:published (The "metalink:published" Element)" element is a Date construct indicating an instant in time associated with an event early in the life cycle of the entry.
metalinkPublished = element metalink:published { metalinkDateConstruct }
Typically, metalink:published (The "metalink:published" Element) will be associated with the initial creation or first availability of the resource.
TOC |
The "metalink:publisher (The "metalink:publisher" Element)" element indicates a group or other entity which has published the file.
metalinkPublisher = element metalink:publisher { metalinkCommonAttributes, attribute uri { metalinkUri }?, attribute name { metalinkTextConstruct }?, }
The metalink:publisher (The "metalink:publisher" Element) element MAY have a "uri" attribute whose value MUST be an IRI reference [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.). When dereferenced, the resulting URI (mapped from an IRI, if necessary) SHOULD produce a representation that is relevant to that agent.
The metalink:publisher (The "metalink:publisher" Element) element MAY have a "name" attribute that indicates the name of the publisher.
TOC |
The "metalink:signature (The "metalink:signature" Element)" element is a Text construct that conveys a digital signature for a file.
metalinkSignature = element metalink:signature { attribute type { "pgp" }, metalinkTextConstruct }
TOC |
metalink:signature (The "metalink:signature" Element) elements MUST have a "type" attribute. The inital value of "type" is the string that is non-empty and matches "pgp". It may be useful to extend Metalink documents with new types of digital signatures, so unknown types are allowed.
TOC |
The "metalink:size (The "metalink:size" Element)" element indicates the length of the linked content in octets; it is a hint about the content length of the representation returned when the IRI is mapped to a URI and dereferenced. Note that the "metalink:size (The "metalink:size" Element)" element MUST override the actual content length of the representation as reported by the underlying protocol, i.e. files with different sizes should be discarded.
metalinkSize = element metalink:size { metalinkTextConstruct }
TOC |
The "metalink:type (The "metalink:type" Element)" element is a Text construct that describes whether the IRI from "metalink:origin (The "metalink:origin" Element)" a Metalink will contain dynamic updated Metalinks or static content that is not updated.
metalinkType = element metalink:type { "static" | "dynamic" }
TOC |
The "metalink:updated (The "metalink:updated" Element)" element is a Date construct indicating the most recent instant in time when a Metalink was modified in a way the publisher considers significant. Therefore, not all modifications necessarily result in a changed metalink:updated (The "metalink:updated" Element) value.
metalinkUpdated = element metalink:updated { metalinkDateConstruct }
Publishers MAY change the value of this element over time.
TOC |
The "metalink:url (The "metalink:url" Element)" element contains the IRI of a file. All IRIs should lead to identical files, except in the case of type "bittorrent" where the IRI should lead to a .torrent file.
metalinkURL = element metalink:url { metalinkCommonAttributes, attribute location { xsd:string { minLength = "2" maxLength="2"} }?, attribute preference { xsd:integer }?, attribute type { "ftp" | "ftps" | "http" | "https" | "rsync" | "bittorrent" | "magnet" | "ed2k" }?, metalinkUri }+
TOC |
metalink:url (The "metalink:url" Element) elements MAY have a preference attribute, whose value MUST be a number from 1 to 100 for priority, with 100 used first and 1 used last. Multiple metalink:url (The "metalink:url" Element) elements can have the same preference, i.e. ten mirrors could have preference="100". A Metalink Processor MAY download different segments of a file from more than one IRI simultaneously, and when doing so SHOULD first use the highest priority IRIs and then use lower ones.
When one or more metalink:url (The "metalink:url" Element) elements have a preference attribute value of "100", other metalink:url (The "metalink:url" Element) elements SHOULD NOT be used, unless these cannot be processed (e.g. are "bittorrent" etc, and this is not supported by the Metalink Processor, or the servers are down).
Any metalink:url (The "metalink:url" Element) elements with a preference attribute value of "1" SHOULD NOT be used unless all other metalink:url (The "metalink:url" Element) elements cannot be processed (e.g. are "bittorrent" etc and this is not supported by the Metalink Processor, or the servers are down).
TOC |
metalink:url (The "metalink:url" Element) elements MAY have a "type" attribute that indicates the IRI type, except in the case of BitTorrent, where the value "bittorrent" is required. The "type" attribute overrides any file extension sniffing specified above.
Metalink Processors that do not support a specified type of resource MUST ignore that resource.
This document defines eight initial values for IRI types:
TOC |
metalink:url (The "metalink:url" Element) elements MAY have a "location" attribute, which is a [ISO3166] (International Organization for Standardization, “ISO 3166:1988 (E/F) - Codes for the representation of names of countries - The International Organization for Standardization, 3rd edition, 1988-08-15.,” 1988.) alpha-2 two letter country code for the geographical location of the physical server an IRI is used to access.
TOC |
The "metalink:version (The "metalink:version" Element)" element is a Text construct that conveys a human-readable version for a file. The version of OpenOffice.org 3.0 would be "3.0".
metalinkVersion = element metalink:version { metalinkTextConstruct }
TOC |
Because Metalink is an XML-based format, existing XML security mechanisms can be used to secure its content.
Producers of Metalinks may have sound reasons for signing and/or encrypting otherwise-unprotected content. For example, a merchant might digitally sign a Metalink that lists a file download to verify its origin. Other merchants may wish to sign and encypt Metalinks that list digital songs that have been purchased. Of course, many other examples exist as well.
The algorithm requirements in this section pertain to the Metalink Processor. They require that a recipient, at a minimum, be able to handle messages that use the specified cryptographic algorithms. These requirements do not limit the algorithms that the sender can choose.
TOC |
The root of a Metalink Document (i.e., metalink:metalink (The "metalink:metalink" Element) MAY have an Enveloped Signature, as described by XML-Signature and Syntax Processing (Solo, D., Reagle, J., and D. Eastlake, “XML-Signature Syntax and Processing,” February 2002.) [REC‑xmldsig‑core].
Metalink Processors MUST NOT reject an Metalink Document containing such a signature because they are not capable of verifying it; they MUST continue processing and MAY inform the user of their failure to validate the signature.
In other words, the presence of an element with the namespace URI "http://www.w3.org/2000/09/xmldsig#" and a local name of "Signature" as a child of the document element MUST NOT cause an Metalink Processor to fail merely because of its presence.
Other elements in an Metalink Document MUST NOT be signed unless their definitions explicitly specify such a capability.
Section 6.5.1 of [REC‑xmldsig‑core] (Solo, D., Reagle, J., and D. Eastlake, “XML-Signature Syntax and Processing,” February 2002.) requires support for Canonical XML [REC‑xml‑c14n] (Boyer, J., “Canonical XML Version 1.0,” March 2001.). However, many implementers do not use it because signed XML documents enclosed in other XML documents have their signatures broken. Thus, Metalink Processors that verify signed Metalink Documents MUST be able to canonicalize with the exclusive XML canonicalization method identified by the URI "http://www.w3.org/2001/10/xml-exc-c14n#", as specified in Exclusive XML Canonicalization [REC‑xml‑exc‑c14n] (Eastlake, D., Boyer, J., and J. Reagle, “Exclusive XML Canonicalization Version 1.0,” July 2002.).
Section 4.4.2 of [REC‑xmldsig‑core] (Solo, D., Reagle, J., and D. Eastlake, “XML-Signature Syntax and Processing,” February 2002.) requires support for DSA signatures and recommends support for RSA signatures. However, because of the much greater popularity in the market of RSA versus DSA, Metalink Processors that verify signed Metalink Documents MUST be able to verify RSA signatures, but do not need be able to verify DSA signatures. Due to security issues that can arise if the keying material for message authentication code (MAC) authentication is not handled properly, Metalink Documents SHOULD NOT use MACs for signatures.
TOC |
The root of a Metalink Document (i.e., metalink:metalink (The "metalink:metalink" Element) in a Metalink Document MAY be encrypted, using the mechanisms described by XML Encryption Syntax and Processing (Eastlake, D. and J. Reagle, “XML Encryption Syntax and Processing,” December 2002.) [REC‑xmlenc‑core].
Section 5.1 of [REC‑xmlenc‑core] (Eastlake, D. and J. Reagle, “XML Encryption Syntax and Processing,” December 2002.) requires support of TripleDES, AES-128, and AES-256. Metalink Processors that decrypt Metalink Documents MUST be able to decrypt with AES-128 in Cipher Block Chaining (CBC) mode.
Encryption based on [REC‑xmlenc‑core] (Eastlake, D. and J. Reagle, “XML Encryption Syntax and Processing,” December 2002.) does not ensure integrity of the original document. There are known cryptographic attacks where someone who cannot decrypt a message can still change bits in a way where part or all the decrypted message makes sense but has a different meaning. Thus, Metalink Processors that decrypt Metalink Documents SHOULD check the integrity of the decrypted document by verifying the hash in the signature (if any) in the document, or by verifying a hash of the document within the document (if any).
TOC |
When an Metalink Document is to be both signed and encrypted, it is generally a good idea to first sign the document, then encrypt the signed document. This provides integrity to the base document while encrypting all the information, including the identity of the entity that signed the document. Note that, if MACs are used for authentication, the order MUST be that the document is signed and then encrypted, and not the other way around.
TOC |
TOC |
This specification describes Metalink's XML markup vocabulary. Markup from other vocabularies ("foreign markup") can be used in an Metalink Document.
TOC |
The Metalink namespace is reserved for future forward-compatible revisions of Metalink. Future versions of this specification could add new elements and attributes to the Metalink markup vocabulary. Software written to conform to this version of the specification will not be able to process such markup correctly and, in fact, will not be able to distinguish it from markup error. For the purposes of this discussion, unrecognized markup from the Metalink vocabulary will be considered "foreign markup".
TOC |
Metalink Processors that encounter foreign markup in a location that is legal according to this specification MUST NOT stop processing or signal an error. It might be the case that the Metalink Processor is able to process the foreign markup correctly and does so. Otherwise, such markup is termed "unknown foreign markup".
When unknown foreign markup is encountered as a child of metalink:file (The "metalink:file" Element), metalink:metalink (The "metalink:metalink" Element), Metalink Processors MAY bypass the markup and any textual content and MUST NOT change their behavior as a result of the markup's presence.
When unknown foreign markup is encountered in a Text Construct, software SHOULD ignore the markup and process any text content of foreign elements as though the surrounding markup were not present.
TOC |
Metalink allows foreign markup anywhere in an Metalink document, except where it is explicitly forbidden. Child elements of metalink:file (The "metalink:file" Element) and metalink:metalink (The "metalink:metalink" Element) are considered Metadata elements and are described below. Child elements of Person constructs are considered to apply to the construct. The role of other foreign markup is undefined by this specification.
TOC |
A Simple Extension element MUST NOT have any attributes or child elements. The element MAY contain character data or be empty. Simple Extension elements are not Language-Sensitive.
simpleExtensionElement = element * - metalink:* { text }
The element can be interpreted as a simple property (or name/value pair) of the parent element that encloses it. The pair consisting of the namespace-URI of the element and the local name of the element can be interpreted as the name of the property. The character data content of the element can be interpreted as the value of the property. If the element is empty, then the property value can be interpreted as an empty string.
TOC |
The root element of a Structured Extension element MUST have at least one attribute or child element. It MAY have attributes, it MAY contain well-formed XML content (including character data), or it MAY be empty. Structured Extension elements are Language-Sensitive.
structuredExtensionElement = element * - metalink:* { (attribute * { text }+, (text|anyElement)*) | (attribute * { text }*, (text?, anyElement+, (text|anyElement)*)) }
The structure of a Structured Extension element, including the order of its child elements, could be significant.
This specification does not provide an interpretation of a Structured Extension element. The syntax of the XML contained in the element (and an interpretation of how the element relates to its containing element) is defined by the specification of the Metalink extension.
TOC |
A Metalink Document, when serialized as XML 1.0, can be identified with the following media type:
- MIME media type name:
- application
- MIME subtype name:
- metalink+xml
- Mandatory parameters:
- None.
- Optional parameters:
- "charset":
- This parameter has semantics identical to the charset parameter of the "application/xml" media type as specified in [RFC3023] (Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” January 2001.).
- Encoding considerations:
- Identical to those of "application/xml" as described in [RFC3023] (Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” January 2001.), Section 3.2.
- Security considerations:
- As defined in this specification.
- In addition, as this media type uses the "+xml" convention, it shares the same security considerations as described in [RFC3023] (Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” January 2001.), Section 10.
- Interoperability considerations:
- There are no known interoperability issues.
- Published specification:
- This specification.
- Applications that use this media type:
- No known applications currently use this media type.
Additional information:
- Magic number(s):
- As specified for "application/xml" in [RFC3023] (Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” January 2001.), Section 3.2.
- File extension:
- .metalink
- Fragment identifiers:
- As specified for "application/xml" in [RFC3023] (Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” January 2001.), Section 5.
- Base URI:
- As specified in [RFC3023] (Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” January 2001.), Section 6.
- Macintosh File Type code:
- TEXT
- Person and email address to contact for further information:
- Anthony Bryan <anthonybryan@gmail.com>
- Intended usage:
- COMMON
- Author/Change controller:
- IESG
TOC |
Publishers are encouraged to offer Metalink documents via authenticated HTTP under TLS. Publishers are also encouraged to include digital signatures of the files within the Metalink Documents if they are available.
TOC |
Metalink Processors handle URIs. See Section 7 of [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.).
TOC |
Metalink Processors handle IRIs. See Section 8 of [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.).
TOC |
Metalink Processors should be aware of the potential for spoofing attacks where the attacker publishes Metalinks with false information. Malicious publishers might create Metalink Documents containing inaccurate information anywhere in the document. At best, this could deceive unaware downloaders that they are downloading a malicious or worthless file. At worst, malicious publishers could attempt a distributed denial of service attack by inserting unrelated IRIs into Metalink Documents.
TOC |
Metalink Documents can be encrypted and signed using [REC‑xmlenc‑core] (Eastlake, D. and J. Reagle, “XML Encryption Syntax and Processing,” December 2002.) and [REC‑xmldsig‑core] (Solo, D., Reagle, J., and D. Eastlake, “XML-Signature Syntax and Processing,” February 2002.), respectively, and are subject to the security considerations implied by their use.
Digital signatures provide authentication, message integrity, and non-repudiation with proof of origin. Encryption provides data confidentiality.
TOC |
TOC |
[BITTORRENT] | Cohen, B., “The BitTorrent Protocol Specification,” BITTORRENT 11031, February 2008. |
[ISO3166] | International Organization for Standardization, “ISO 3166:1988 (E/F) - Codes for the representation of names of countries - The International Organization for Standardization, 3rd edition, 1988-08-15.,” ISO Standard 3166, 1988. |
[ISO639-2] | International Organization for Standardization, “ISO 639-2:1998 - Codes for the representation of names of languages -- Part 2: Alpha-3 code - edition 1, 1998-11-01, 66 pages, prepared by a Joint Working Group of ISO TC46/SC4 and ISO TC37/SC2.,” ISO Standard 639-2, 1998. |
[REC-xml] | Yergeau, F., Paoli, J., Bray, T., Sperberg-McQueen, C., and E. Maler, “Extensible Markup Language (XML) 1.0 (Fourth Edition),” World Wide Web Consortium Recommendation REC-xml-20060816, August 2006. |
[REC-xml-c14n] | Boyer, J., “Canonical XML Version 1.0,” W3C REC REC-xml-c14n-20010315, March 2001. |
[REC-xml-exc-c14n] | Eastlake, D., Boyer, J., and J. Reagle, “Exclusive XML Canonicalization Version 1.0,” W3C REC REC-xml-exc-c14n-20020718, July 2002. |
[REC-xml-infoset] | Cowan, J. and R. Tobin, “XML Information Set (Second Edition),” World Wide Web Consortium Recommendation REC-xml-infoset-20040204, February 2004. |
[REC-xml-names] | Hollander, D., Bray, T., Tobin, R., and A. Layman, “Namespaces in XML 1.0 (Second Edition),” World Wide Web Consortium Recommendation REC-xml-names-20060816, August 2006. |
[REC-xmlbase] | Marsh, J., “XML Base,” W3C REC W3C.REC-xmlbase-20010627, June 2001. |
[REC-xmldsig-core] | Solo, D., Reagle, J., and D. Eastlake, “XML-Signature Syntax and Processing,” World Wide Web Consortium Recommendation REC-xmldsig-core-20020212, February 2002. |
[REC-xmlenc-core] | Eastlake, D. and J. Reagle, “XML Encryption Syntax and Processing,” World Wide Web Consortium Recommendation REC-xmlenc-core-20021210, December 2002. |
[RFC1320] | Rivest, R., “The MD4 Message-Digest Algorithm,” RFC 1320, April 1992. |
[RFC1321] | Rivest, R., “The MD5 Message-Digest Algorithm,” RFC 1321, April 1992. |
[RFC2119] | Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” BCP 14, RFC 2119, March 1997. |
[RFC2616] | Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” RFC 2616, June 1999. |
[RFC2818] | Rescorla, E., “HTTP Over TLS,” RFC 2818, May 2000. |
[RFC3023] | Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” RFC 3023, January 2001. |
[RFC3174] | Eastlake, D. and P. Jones, “US Secure Hash Algorithm 1 (SHA1),” RFC 3174, September 2001. |
[RFC3339] | Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” RFC 3339, July 2002. |
[RFC3986] | Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” STD 66, RFC 3986, January 2005. |
[RFC3987] | Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” RFC 3987, January 2005. |
[RFC4217] | Ford-Hutchinson, P., “Securing FTP with TLS,” RFC 4217, October 2005. |
[RFC4634] | Eastlake, D. and P. Jones, “US Secure Hash Algorithms (SHA and HMAC-SHA),” RFC 4634, July 2006. |
[RFC959] | Postel, J. and J. Reynolds, “FILE TRANSFER PROTOCOL (FTP),” RFC 959, October 1985. |
[RIPE] | Dobbertin, H., Bosselaers, A., and B. Preneel, “RIPEMD-160: A Strengthened Version of RIPEMD,” RIPE RIPE, April 1996. |
TOC |
[ISO.8601.1988] | International Organization for Standardization, “Data elements and interchange formats - Information interchange - Representation of dates and times,” ISO Standard 8601, June 1988. |
[RELAX-NG] | Clark, J., “RELAX NG Compact Syntax,” December 2001. |
[RFC4287] | Nottingham, M. and R. Sayre, “The Atom Syndication Format,” RFC 4287, December 2005. |
[W3C.NOTE-datetime-19980827] | Wolf, M. and C. Wicksteed, “Date and Time Formats,” W3C NOTE NOTE-datetime-19980827, August 1998. |
[W3C.REC-xmlschema-2-20041028] | Malhotra, A. and P. Biron, “XML Schema Part 2: Datatypes Second Edition,” W3C REC REC-xmlschema-2-20041028, October 2004. |
TOC |
The layout and content of this document relies heavily on work pioneered in the Atom Syndication Format as specified in [RFC4287] (Nottingham, M. and R. Sayre, “The Atom Syndication Format,” December 2005.).
The following people contributed to preliminary versions of this document: Paul Burkhead, Kristian Weston, Darius Liktorius, Michael Burford, Giorgio Maone, Manuel Subredu, Tatsuhiro Tsujikawa, A. Bram Neijt, Max Velasques, Manolo Valdes, Urs Wolfer, Frederick Cheung, Nils Maier, Hampus Wessman, Neil McNab, Hayden Legendre, Danny Ayers, Nick Dominguez, Rene Leonhardt, Per Oyvind Karlsen, Gary Zellerbach, James Clark, Tim Bray, Dan Brickley, Daniel Stenberg, Peter Poeml, Matt Domsch, and Ian Macfarlane. The content and concepts within are a product of the Metalink community.
The Metalink community has dozens of very active contributors who proposed ideas and wording for this document, including:
Nicolas Alvarez, Patrick Ruckstuhl, Mike Wells, Sebastien Willemijns, Micah Cowan, Dan Fandrich, Francis Giannaros, Yazsoft, Lukas Appelhans, KGet developers, FDM Team, Orbit Team, Arne Babenhauserheide, Mathias Berchtold, Xienzhenyu and TheWorld Browser Team, Xi Software, Bridget and Ethan Fletcher, Ruben Kerkhof, Agostino Russo, Gervase Markham, Salvatore and Robin Musumeci, Steve and Rachel Eshelman, Lucas and Rachel Hewett, Ryan and Darren Cronin, Dave Winquist, Bob Denison, Wes Shelton, Kees Cook, Josh Colbert, Steve Kleisath, Chad Neptune, Nick Carrabba, Chris Carrabba, Erin Solari, Derick Cordoba, Ryan Alexander, John Sowder, Sandra Amisano, Tom Mainville, Janie Wargo, Jason Hansen, Markus Hofmann, Dan Connolly, Tim Berners-Lee, Harry Chen, Adrien Macneil, Louis Suarez-Potts, Ross Smith, Rahul Sundaram, Jesse Keating, Michal Bentkowski, Andrew Pantyukhin, Judd Vinet, Charles Landemaine, Pascal Bleser, Jeff@BLAG, Yuichiro Nakada, Jereme Hancock, Marcel Hauser, Jeff Covey, Doug Lang, Seth Brown, Alexander Lazic, Mayank Sharma, Robin Heggelund Hansen, Steve Langasek, Federico Parodi, Stefano Verna, Jason Green, James Linden, Matt Nederlanden, Aren Olsen, Dag Odenhall, Troy Sobotka, Corey Farwell, Ed Lee, Shawn Wilsher, Mike Connor, Anand Muttagi, Debi Goulding, the Anthony Family, the Bryan Family, Juanita Anthony and Zimmy Bryan.
TOC |
This appendix is informative.
The Relax NG schema explicitly excludes elements in the Metalink namespace that are not defined in this revision of the specification. Requirements for Metalink Processors encountering such markup are given in Sections 6.2 (Extensions to the Metalink Vocabulary) and 6.3 (Processing Foreign Markup).
# -*- rnc -*- # RELAX NG Compact Syntax Grammar for the # Metalink Format Specification Version 1 namespace metalink = "http://www.metalinker.org" namespace xsd = "http://www.w3.org/2001/XMLSchema" # Common attributes metalinkCommonAttributes = attribute xml:base { metalinkUri }?, attribute xml:lang { metalinkLanguageTag }?, undefinedAttribute* # Text Constructs metalinkTextConstruct = metalinkCommonAttributes, text # Date Construct metalinkDateConstruct = metalinkCommonAttributes, xsd:dateTime start = element metalink { attribute version { "3.0" }, element generator { attribute uri { metalinkUri }?, attribute version { text }?, metalinkTextConstruct } element origin { metalinkUri }?, element type { "static" | "dynamic" }?, element published { metalinkDateConstruct }?, element updated { metalinkDateConstruct }?, element files { element file { attribute name { metalinkTextConstruct }, element identity { metalinkTextConstruct }?, element version { metalinkTextConstruct }?, element size { xsd:integer }?, element description { metalinkTextConstruct }?, element license { attribute uri { metalinkUri }?, attribute name { metalinkTextConstruct }?, }?, element logo { metalinkUri }?, element publisher { attribute uri { metalinkUri }?, attribute name { metalinkTextConstruct }?, }?, element language { metalinkTextConstruct }?, element copyright { metalinkTextConstruct }?, element license { metalinkTextConstruct }?, element os { metalinkTextConstruct }?, element verification { hash+, element pieces { attribute length { metalinkTextConstruct }, attribute type { "crc32" | "md4" | "md5" | "sha1" | "sha256" | "sha384" | "sha512" | "rmd160" | "tiger" }, hash+ }+, element signature { attribute type { "pgp" }, text } }?, element resources { element url { attribute location { xsd:string { minLength = "2" maxLength="2"} }?, attribute preference { xsd:integer }?, attribute type { "ftp" | "ftps" | "http" | "https" | "rsync" | "bittorrent" | "magnet" | "ed2k" }?, metalinkUri }+ } }+ } } hash = element hash { attribute piece { metalinkTextConstruct }?, attribute type { "crc32" | "md4" | "md5" | "sha1" | "sha256" | "sha384" | "sha512" | "rmd160" | "tiger" }, text } # As defined in RFC 3066 metalinkLanguageTag = xsd:string { pattern = "[A-Za-z]{1,8}(-[A-Za-z0-9]{1,8})*" } # Unconstrained; it's not entirely clear how IRI fit into # xsd:anyURI so let's not try to constrain it here metalinkUri = text # Simple Extension simpleExtensionElement = element * - metalink:* { text } # Structured Extension structuredExtensionElement = element * - metalink:* { (attribute * { text }+, (text|anyElement)*) | (attribute * { text }*, (text?, anyElement+, (text|anyElement)*)) } # Other Extensibility extensionElement = simpleExtensionElement | structuredExtensionElement undefinedAttribute = attribute * - (xml:base | xml:lang | local:*) { text } undefinedContent = (text|anyForeignElement)* anyElement = element * { (attribute * { text } | text | anyElement)* } anyForeignElement = element * - metalink:* { (attribute * { text } | text | anyElement)* } # EOF
TOC |
TOC |
Anthony Bryan (editor) | |
Metalinker Project | |
Email: | anthonybryan@gmail.com |
URI: | http://www.metalinker.org |
TOC |
Copyright © The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an “AS IS” basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.