Essential International Standards and Registries for Web Developers

2021-11-29 - Programming, Quality Assurance, Security

Last revision: 2022-05-19

The following is a collection of free international standards, registries and references that I collected throughout the years while developing websites and web services. These references, while very precise and technical by their nature, are extremely useful in order to ensure that a specific implementation is actually correct, and to mitigate unexpected interoperability between systems on the Internet.

As it's not always clear how a technology is used based on its name or acronym, I included the primary use case for each reference along with its name and/or acronym.

Also, many of these standards are built over each other, and as such I tried to list them in that order as much as possible while maintaining clarity.

Plain text

The following explains how plain text is handled by a computer.

• Character ID list (Unicode)
• Character encoding list for general use
• Character encoding list for web pages
• Binary data encoded as plain text (Base64)

Note that the most popular character encoding is UTF-8, a superset of ASCII.

Real world stuff

The following provides IDs and critical information about worldwide social, political and cultural concepts often referenced.

• Country code ISO database (ISO 3166 codes)
• Country code United Nations list (M49)
• Currency code list (ISO 4217 codes)
• Language code list (ISO 639 codes)
• Language tags
• Matching language tags
• Language subtag list
• Language tag extension list
• Phone numbering (E.164)
• Phone numbers notation (E.123)
• Time zone database

IP adresses

The following explains how computers can identify and talk to each other on the Internet.

• IPv4
• IPv4 special address list
• IPv6
• IPv6 special address list

Domain names

The following explains how to find information about a particular domain on the Internet, including the IP adresses of its services.

Note that host names are domain names on which a website can be hosted.

• Host name original definition
• Host name extended definition (section 2.1)
• Domain names (DNS) part 1
• Domain names (DNS) part 2
• Wildcards in domain names
• Domain name resource record types (RR TYPEs) list
• International domain names 2003 version (IDNA2003) part 1
• International domain names 2003 version (IDNA2003) part 2
• International domain names 2003 version (IDNA2003) part 3
• International domain names 2003 version (IDNA2003) part 4
• International domain names 2008 version (IDNA2008) part 1
• International domain names 2008 version (IDNA2008) part 2
• International domain names 2008 version (IDNA2008) part 3
• International domain names 2008 version (IDNA2008) part 4
• International domain names 2008 version (IDNA2008) contextual rules list
• Reading international domain names during transition (UTS #46)
• Special domain name list
• Domain name root zone list
• Domain name public suffix list

TLS

The following explains how an encrypted connection can be established between two machines over a network.

• Sharing public encryption keys (X.509 certificates) (often misnamed "SSL certificates")
• Secure communication protocol (TLS)

Note that SSL is an obsolete technology that was superseded by TLS.

Emails

The following explains how emails work.

Note that Pluralsight subscribers can watch my course Configuring and Managing SPF, DKIM, and DMARC, which cover some of these topics.

• Email base definition
• Required email adresses
• Emails with multiple senders
• Email extensions part 1
• Email extensions part 2
• Email extensions part 3
• International emails
• Email message header list
• Domain-based email sources authorization (SPF)
• Updating email source during forwarding (SRS)
• Cryptographic signatures on emails (DKIM)
• Cryptographic signatures on emails (DKIM) parameter list
• Domain-based email authentication policy (DMARC)
• Email authentication for international emails
• End-to-end encryption of messages
• End-to-end encryption of messages parameter lists
• Transmission of emails (SMTP)

XML

The following explains how to use XML, a data format that forms the base of all web pages.

Note that newer versions of XML and XPath exist, but are seldom used.

• XML 1.0
• Navigating XML documents (XPath 1.0)
• Defining XML schemas (XSD) part 1
• Defining XML schemas (XSD) part 2

Note that I am not including SOAP and WSDL as these technologies are obsolete, and most API providers that do use them generally offer better alternatives alongside them.

JSON

The following explains how to use JSON, a common data format commonly used by websites.

• JSON
• Secure data in JSON (JWT)
• Defining JSON schemas

URLs

The following explains how to interpret URLs.

• URLs
• URL scheme list
• about URL scheme token list
• Using URLs as data
• Special URL suffix list

HTTP

The following explains how web clients interact with websites.

• HTTP/1.1
• HTTP/2
• HTTP method list
• HTTP status code list
• HTTP header list
• Cookies
• APIs using HTTP (REST)
• Defining REST APIs (OpenAPI) (often misnamed "Swagger")

Web pages

The following explains how to write a web page.

• Media type list
• Web document representation (DOM)
• Fetching web resources (Fetch)
• Hypertext (HTML)
• Mathematical formulas (MathML)
• Plain text to hypertext original definition (Markdown)
• Plain text to hypertext standardized definition (CommonMark)
• Styling (CSS)
• High-level programming (ECMAScript) (often misnamed "JavaScript")
• API to communicate from web client to server (XMLHttpRequest)
• API to communicate between web clients (WebRTC)
• News feeds (Atom) (often misnamed "RSS")
• Restricting unauthorized content (CSP)
• Test automation (WebDriver)

Note that RSS is an obsolete technology that was superseded by Atom.

Metadata

The following describes non-standard HTML meta tags found on the Internet. Note that standard ones are documented in the HTML specifications.

• Meta tags understood by Facebook (Open Graph)
• Meta tags understood by Twitter
• Publicly-known non-standard meta tag list

Data access management

The following explains how websites should manage secure data, including cases where authentication is done by a third-party.

• Usernames and passwords containing international characters
• HTTP authentication scheme list
• One-time passwords (OTP)
• Time-based one-time passwords (TOTP)
• Passwordless authentication (WebAuthn)
• Passwordless authentication (WebAuthn) attestation statement formats and extensions
• XML-based single sign-on (SAML)
• JSON-based authorization (OAuth 2.0)
• JSON-based authorization (OAuth 2.0) bearer tokens
• JSON-based authorization (OAuth 2.0) parameter list
• JSON-based identity validation (OpenID Connect)

Accessibility

The following explains how to write web pages to be accessible for people with disabilities.

• Accessibility guidelines for web pages (WCAG)
• Adding accessibility information to web pages (ARIA)
• Recommendations on adding accessibility information to web pages
• Implicit accessibility information in HTML

Other common data formats

The following defines a few other common data formats that can be found on the web.

• Semantic version numbering: An optional but common convension for defining versions of applications.
• YAML: A superset of JSON designed to be generally more easily readable by humans compared to JSON, with the drawback of being extremely complex.
• ZIP: Archives several files together with optional compression.

Related articles I wrote

Validating and Viewing OpenAPI Definitions with Docker

2022-04-11 - Quality Assurance, Programming

Here are a few commands I crafted to validate and easily read API definitions in the OpenAPI format, using Docker and open source tools provided by Swagger. I have yet to convert them into proper shell scripts, but I hope these will be helpful nonetheless. The commands are designed to be run in a…

Beating Illusion of Gaia in 17 Minutes

2021-09-11 - Video Games, Security

I crafted a tool-assisted speedrun (TAS) of the Super NES action-adventure game Illusion of Gaia (also known as Illusion of Time in Europe) which beats the game as fast as possible on the American version. The final time is 16:48 when using TAS timing (from initial power on to the last input) and…

A Universe and World Creation Script for Mongoose Traveller 2nd Edition

2021-07-31 - Tabletop RPGs, Programming

The following is a Python script developed by yours truly to generate a sector according to the core rulebook of the Mongoose Traveller 2nd Edition tabletop RPG, exactly as described in the Universe and World Creation chapter. It is designed to describe worlds in human-readable format as much as…

Deep Learning in Python with PyTorch - Tutorial and Demo

2021-05-07 - Programming, Mathematics

As I am continuing my personal journey into deep learning research and development, I wanted to try out PyTorch, a machine learning framework with GPU acceleration primarily designed for the Python programming language. However, I couldn't find any good introductory resource online for it. So I read…

Resolving Playstation Vita Error Code NP-9968-2

2020-10-02 - Video Games, Security, Anecdotes

For about 2 years, I was not able to install any new software on my PlayStation Vita, for seemingly no reason. I could make new purchases from the PlayStation Store, but the download would always fail, and only on my Vita. No issues whatsoever with my PlayStation 3 nor my PlayStation 4, but for some…

See all of my articles