Internationalized resource identifier

From Wikipedia, the free encyclopedia
Jump to: navigation, search

The internationalized resource identifier (IRI) is was defined by the Internet Engineering Task Force (IETF) in 2005 as a new internet standard to extend upon the existing uniform resource identifier (URI) scheme.[1] The new standard was published in RFC 3987.

While URIs are limited to a subset of the ASCII character set, IRIs may contain characters from the Universal Character Set (Unicode/ISO 10646), including Chinese or Japanese kanji, Korean, Cyrillic characters, and so forth. It is defined by RFC 3987.

Syntax[edit]

IRI extend upon URIs by using the Universal Character Set whereas URIs were limited to the ASCII with far fewer characters. IRIs may be represented by a sequence of octets but by definition is defined as a sequence of characters because IRIs can be spoken or written by hand.[2]

Compatibility[edit]

IRIs are mapped to URIs to retain backwards-compatibility with systems that do not support the new format.[2]

For applications and protocols that do not allow direct consumption of IRIs, the IRI should first be converted to Unicode using canonical composition normalization (NFC), if not already in Unicode format.

All non-ASCII code points in the IRI should next be encoded as UTF-8, and the resulting bytes percent-encoded, to produce a valid URI.[example needed]

ASCII code points that are invalid URI characters may be encoded the same way, depending on implementation.[2]

This conversion is easily reversible; by definition, converting an IRI to an URI and back again will yield an IRI that is semantically equivalent to the original IRI, even though it may differ in exact representation.[3]

Some protocols may impose further transformations; e.g. Punycode for DNS labels.

Advantages[edit]

There are reasons to see URIs displayed in different languages; mostly, it makes it easier for users who are unfamiliar with the Latin (A-Z) alphabet. Assuming that it isn't too difficult for anyone to replicate arbitrary Unicode on their keyboards, this can make the URI system more accessible.[4]

Disadvantages[edit]

Mixing IRIs and ASCII URIs can make it much easier to do phishing attacks that trick someone into believing they are on a site they really are not on. For example, one can replace the "a" in

www.ebay.com

or

www.paypal.com

with an internationalized look-alike "a" character, and point that IRI to a malicious site. This is known as an IDN homograph attack.

While a URI does not provide people with a way to specify Web resources using their own alphabets, an IRI does not make clear how Web resources can be accessed with keyboards that are not capable of generating the requisite internationalized characters.

See also[edit]

References[edit]

  1. ^ Gangemi, Aldo; Presutti, Valentina (2006). "The bourne identity of a web resource". Proceedings of Identity Reference and the Web Workshop (IRW). Laboratory for Applied Ontology (Roma, Italy: National Research Council (ISTC-CNR)): 3. "Notice that IRIs (Internationalized Resource Identifier) [11] are supposed to replace URIs in next future." 
  2. ^ a b c Duerst, M. (2005). "RFC 3987". Network Working Group (Internet Engineering Task Force). Standards Track. Retrieved 12 October 2014. 
  3. ^ Hendler, Hrsg. Dieter Fensel; Hrsg. John Domingue; Hrsg. James A. (2010). Handbook of Semantic Web Technologies (1. Aufl. ed.). Berlin: Springer-Verlag GmbH. ISBN 9783540929123. Retrieved 12 October 2014. 
  4. ^ Clark, Kendall (2003-05-07). "Internationalizing the URI". O’Reilly Media, Inc. Retrieved 12 October 2014. 

External links[edit]