(registered 2013-06-24, last updated 2013-06-24) 1. Media Type Name: application 2. Subtype name: standards tree urc-uisocketdesc+xml 3. Required parameters: none 4. Optional parameters: charset parameter (see definition of charset parameter for application/xml, RFC 3023). The allowed values are: "utf-8" [RFC2279] and "utf-16" [RFC2781]. In the absence of the charset parameter, UTF-8 and UTF-16 are differentiated by the procedure described in [XML 4.3.3]. [XML 4.3.3] Extensible Markup Language (XML) 1.0 (Fifth Edition). W3C Recommendation 26 November 2008. 4.3.3 Character Encoding in Entities. http://www.w3.org/TR/REC-xml/#charencoding 5. Encoding considerations: binary 6. Security considerations: The general utility of this media type to the Internet community is in the area of remote user interfaces for devices and services that use Internet-based technologies, in particular the Universal Remote Console (URC) technology (ISO/IEC 24752). A device/service that exposes a User Interface Socket Description, as defined by ISO/IEC 24752-2, can be remotely controlled by pluggable user interfaces conforming to this standard. The separation of device/service functionality and user interface allows for an open user interface platform, thus facilitating personalized user interfaces and user interfaces tailored for specific user groups, including users with disabilities. The basic (standardized) format of information contained in the media type does not carry active or executable content (with the exception of the elements, and the XPath 2.0 fragments, see below). Content is restricted to describing the structure of a data model, not the actual values of the data model (that could potentially be modified). For most applications, this information is publicly available, and not sensitive to privacy and integrity. However, for sensitive applications transport security (HTTPS) may be employed, providing a basic level of integrity and privacy. However, the elements underneath , , , , and (see ISO/IEC 24752-2:2013, sections 6.12, 7.5, 8.11, 9.10, 9.12.9, and 10.11) that allow for vendor- and platform-specific extensions, could potentially carry such content. For each of these elements, ISO/IEC 24752-2:2013 contains a note that strongly discourages vendors to use the element for active or executable content. The inclusion of XPath 2.0 fragments is deemed to not significantly increase the security risk, since it is interpreted in a sandbox-like context (rather than directly executed). Note: ISO/IEC 24752-2:2013 section 12 explicitly encourages vendors and platform carriers to consider employment of privacy and integrity services such as transport security. However, concrete measures in this regard are outside the scope of this standard. See also the security considerations described in section 10 of RFC 3023. 7. Interoperability considerations: Same as interoperability considerations of text/xml as specified in RFC 3023. 8. Published specification: ISO/IEC 24752-2:2013 (currently in FDIS vote) 9. Applications which use this media type: Universal Remote Console clients, i.e. software and hardware for the purpose of remote control of devices and services. 10. Additional information: Magic number(s): Same as magic number(s) of text/xml as specified in RFC 3023. File extension(s): .uis Macintosh file type code(s): not assigned Object Identifier(s) or OID(s): not assigned 11. Intended usage: COMMON 12. Other Information/General Comment: 13. Person to contact for further information: Name: Gottfried Zimmermann E-mail: gzimmermann&acm.org Author/change controller: ISO/IEC 24752-2 is an international standard by ISO/IEC JTC1 SC35, with editor Gottfried Zimmermann. ISO/IEC JTC1 SC35 has change control over ISO/IEC 24752-2.