Linked Data Notifications is a protocol that describes how servers (receivers) can have messages pushed to them by applications (senders), as well as how other applications (consumers) may retrieve those messages. Any resource can advertise a receiving endpoint (Inbox) for the messages. Messages are expressed in RDF, and can contain any data.
This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/.
This document was published by the Social Web Working Group as a Candidate Recommendation. This document is intended to become a W3C Recommendation. If you wish to make comments regarding this document, please send them to firstname.lastname@example.org (subscribe, archives). W3C publishes a Candidate Recommendation to indicate that the document is believed to be stable and to encourage implementation by the developer community. This Candidate Recommendation is expected to advance to Proposed Recommendation no earlier than 13 December 2016. All comments are welcome.
Please see the Working Group's implementation report.
Publication as a Candidate Recommendation does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.
This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.
This document is governed by the 1 September 2015 W3C Process Document.
Data on the Web should not be locked in to particular systems or be only readable by the applications which created it. Users should be free to switch between applications and share data between them. Applications generate notifications about activities, interactions, and new information, which may be presented to the user or processed further.
Linked Data Notifications (LDN) supports sharing and reuse of notifications across applications, regardless of how they were generated. This allows for more modular systems, which decouple data storage from the applications which display or otherwise make use of the data. The protocol is intended to allow senders, receivers and consumers of notifications, which are independently implemented and run on different technology stacks, to seamlessly work together, contributing to decentralisation of our interactions on the Web.
Instead of treating notifications as ephemeral or non-persistent entities, this specification enables the notion of a notification as an individual entity with its own URI. As such, notifications can be retrieved and reused. We support a range of different application domains, social and otherwise, thus the contents of notifications are left up to applications to define. Authentication and verification of notifications is encouraged, but the mechanism to do so is at the discretion of receivers and consumers, as needs differ according to types of notification and different application domains.
A sender is triggered, either by a human or an automatic process, to deliver a notification to a server. The notification is data intended for the attention of the receiver, for example: a personal message from a friend; a pingback link; a comment on a blog post; an invitation to collaborate; a calendar reminder.
The sender chooses a target resource to send notifications to; the sender then discovers the location of the target’s Inbox, and sends the notification there. Any resource can advertise an Inbox. The receiver exposes the notification data (according to appropriate access control) for use by consumers.
Consumers discover the location of the Inbox in the same way as the sender, and may perform further processing on the notifications, combine it with some other data, or simply present it in a suitable human-readable way.
Senders and consumers discover a resource’s Inbox URL through a relation in the HTTP
Link header or body of the resource.
POSTrequest, containing the body in JSON-LD or in another serialization acceptable by the server.
GETrequests made to the Inbox URL with a listing of the URLs of notifications that have previously been accepted.
GETrequests made to the individual notification URLs with JSON-LD (or optionally other serializations).
POSTrequests at the Inbox URL to create notifications.
GETrequest, and uses according to the needs of application.
LDN is a specialized use of Linked Data Platform [LDP] for sending and consuming notifications. It is not dependent on a complete implementation of LDP, but an easy-to-implement subset. Having knowledge of LDP is not required to understand this specification, but those who do will find some concepts familiar. We describe the particular features necessary to make it easy to exchange notifications in a decentralised, interoperable way. An LDN Inbox is comparable to an LDP
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative.
LDN implementations may be senders, receivers or consumers. The conformance criteria for each of these roles are described in their respective sections of this specification.
For this specification to advance to Proposed Recommendation, there must be at least two independent, interoperable implementations of each feature. Each feature may be implemented by a different set of products. There is no requirement that all features be implemented by a single product.
For the purposes of evaluating exit criteria, each of the following is considered a feature:
GETrequests on the Inbox with the Inbox listing, and responding to
GETrequests on the individual notifications with their representations.
This section describes the discovery of the URL to which notifications are delivered or read from (the Inbox) and the delivery mechanism. Notification contents are described in Payload.
An Inbox, the endpoint to which notifications are sent or from which they are consumed, can be discovered from any resource, for example a blog post, a user profile, a dataset, a video. The starting point for discovery is the resource which the notification is to or about: the target. Choosing the most appropriate target resource from which to begin discovery is at the discretion of the sender or consumer, since any resource (RDF or non-RDF) may have its own Inbox.
Senders and consumers do the following to discover the Inbox URL:
GETrequest on the target URL, and use the
Linkheader with a
GETrequest on the target URL to retrieve an RDF representation [RDF 1.1], whose encoded RDF graph contains a relation of type
http://www.w3.org/ns/ldp#inbox. The subject of that relation is target and the object is the Inbox.
These may be carried out in either order, but if the first fails to result in an Inbox the second MUST be tried. Senders and consumers SHOULD omit the
Link header discovery when specifically targeting URIs with fragment identifiers.
If the target contains a fragment identifier, the fragment is not part of the request to the server. Senders and consumers should be aware that any Inbox found in the
Link header will be for the resolved URL, without the fragment. See [Cool URIs for the Semantic Web - Hash URIs].
A resource MUST advertise only one Inbox. One Inbox MAY be used by multiple resources, for example using the same Inbox for replies to all of my blog posts and shares of all of my photos.
Please see Social Web Protocols for recommendations on how to carry out discovery, particularly with consideration to servers which may be unaware of this protocol.
Following discovery, senders who want to send notifications MUST deliver them through a
POST request to the Inbox URL. Senders can expect a
201 Created (with a
Location Link header) or a
202 Accepted in response to a successful request.
The sender MAY use an
OPTIONS request to determine the RDF content types accepted by the server, and serialize the notification in the request body according to the value of the
Accept-Post header [Accept-Post] returned. Otherwise, the body of the
POST request MUST contain the notification payload in JSON-LD with header
Content-Type: application/ld+json. The
Content-Type header MAY include a
profile URI [RFC6906].
The sender MAY include additional headers or content for the purposes of authentication or authorization e.g.,
Authorization: Bearer XXX.
If the sender has any services that listen on localhost that do not require authentication, it’s possible for a malicious script to run at the Inbox endpoint that could cause the sender to make an arbitrary
POST request to itself. Senders SHOULD NOT make
POST requests to the Inbox that are localhost or a loopback IP address.
Receivers MUST support
POST requests on the Inbox URL. In LDP terms, an Inbox is a Container.
Upon receipt of a
POST request, if the notification resource was processed successfully, receivers MUST respond with status code
201 Created and the
Location header set to the URL from which the notification data can be retrieved (see Consuming). If the request was queued to be processed asynchronously, the receiver MUST respond with a status code of
202 Accepted and include information about the status of the request in the body of the response.
Receivers which enforce constraints on the notifications (see Constraints) SHOULD fail to process the notification if the constraints are not met and return the appropriate
4xx error code.
Receivers MUST accept notifications where the request body is JSON-LD, with the
Content-Type: application/ld+json, which MAY include a
profile URI [RFC6906].
Receivers MAY accept other RDF content types (e.g.,
text/html), and if so, SHOULD advertise the content types they accept with an
Accept-Post [Accept-Post] header in response to an
OPTIONS request on the Inbox URL.
GET request on the Inbox MUST return a
HTTP 200 OK with the URIs of notifications, subject to the requester’s access (returning
4xx error codes as applicable). Receivers MAY list only URIs of notifications in the Inbox that the consumer is able to access.
Each notification URI MUST be related to the Inbox URL with the
http://www.w3.org/ns/ldp#contains predicate. Each notification MUST be an RDF source. If non-RDF resources are returned, the consumer MAY ignore them.
The JSON-LD content type MUST be available for all resources, but clients may send
Accept headers preferring other content types (RFC7231 Section 3.4 - Content Negotiation). If the client sends no
Accept header, the server may send the data in JSON-LD or any format which faithfully conveys the same information (e.g., Turtle).
Any additional description about the Inbox itself MAY also be returned (e.g., Constraints).
Receivers SHOULD verify the sender of the notification. For example:
Receivers SHOULD use constraints to filter unwarranted notifications from being created on the server and exposed by the Inbox.
Receivers could consider implementing access control on the Inbox URL to restrict writing to a whitelist of trusted senders.
Consumers retrieve the URIs of notifications in an Inbox through making a
GET request on the Inbox URL (to find this URL, see discovery).
The URIs of the notifications MUST be discoverable through the
http://www.w3.org/ns/ldp#contains predicate of the Inbox URL (see example for Inbox content).
When retrieving the Inbox or the individual notifications, the consumer SHOULD explicitly set the
Accept header to indicate preferred content types, including for JSON-LD. Fetching the individual notifications — if any, how many, or according to a particular criteria (e.g., content-length, timestamp) — is at the discretion of the consumer.
The consumer MAY include additional headers or content for the purposes of authentication or authorization.
Consumers MAY perform additional fetching or inferring of information from the payload (e.g., dereferencing resources referenced in the notification to fetch their contents) at their discretion. Consumers MAY also want to check the notifications against any constraints as announced by an Inbox before further processing or use.
Note that the fetched URI for an individual notification can contain RDF statements with subject IRIs different than the requested (and eventually resolved) URI itself. This is also pertinent when the body of the notification uses relative IRIs.
Given the nature of the notification payload, consumers may want to take precautions when ascertaining the veracity of the contents. The
anyone can say anything about anything Web principle applies here. Unless otherwise specified, there is no indication as to whether the original payload was altered by the receiver.
The payload of the notification MUST be JSON-LD unless another RDF syntax has been negotiated with the receiver. To allow for a wide variety of use cases, the actual vocabulary of the payload is deliberately not specified here.
This section is non-normative.
A notification may contain arbitrary information, including references to multiple resources with their own URIs, without necessarily referring to one particular external resource or origin for the data. The receiver is expected to return all triples that were initially sent when such a notification is requested by a consumer.
This section is non-normative. Normative requirements for security and privacy are called out in the section of the specification to which they are most applicable.
Inbox URLs can announce their own constraints (e.g., SHACL, Web Annotation Protocol) via an HTTP
Link header or body of the resource with a
rel value of
http://www.w3.org/ns/ldp#constrainedBy. Senders should comply with constraint specifications or the receiver may reject their notification and return an appropriate
4xx error code.
Publishers of the resources advertising an Inbox (target) should do so on a server they trust. Publishers must be aware that third-party access to headers or content could result in notifications being redirected.
This specification describes how consumers can read notifications from a receiver through pull, however consumers may want to ask to have incoming notifications or changes to Inbox’s contents pushed to them. Similarly, receivers may wish to make a request for notifications from a particular sender. This kind of subscription mechanism is left out of scope, but senders, receivers and consumers are not prohibited from making such an arrangement. Implementations that wish to enable subscribing may want to use existing mechanisms e.g., ActivityPub, PubSub, The WebSocket Protocol, HTTP Web Push.
Building an international base of users is important in a federated network. Some LDN interactions can return content with natural language text, such as HTML fragments, or summary fields. Providing multiple language representations of each item might not be feasible in all circumstances. Implementations are encouraged to provide means of discovering the available languages and/or negotiating the language returned, such as using the HTTP
Accept-Language header to negotiate and select the most appropriate language representation to send for a given request.
If a receiver expects senders or consumers to authenticate, it should check the validity of their credentials before returning any other data, including other error codes. For example, the receiver should not first check for the existence of the inbox and return
404 Not Found if the requester has not been verified.
Authentication involving token passing must be done over HTTPS.
These questions provide an overview of security and privacy considerations for this specification as guided by Self-Review Questionnaire: Security and Privacy.
This section is non-normative.