Web Statement

From Creative Commons
Jump to: navigation, search

For Developers

This is a developer-oriented document for a developer oriented feature. This has two implications:

  • Do not attempt to implement as a content creator. If your software doesn't transparently handle CC metadata for you (you should only have to select a license), do not attempt to do it yourself.
  • Read our non-technical account with explanatory comics first.


License metadata for web pages is published with the content it describes. If someone publishes false metadata, it can be taken down or corrected.

But with non-web content (such as files on peer-to-peer networks), incorrect metadata can propagate around the network, since it's extremely difficult to get everyone to correct it.

Our solution is to embed a link to a license info page that includes the license metadata, rather than including it directly in the file. For example:

mysong.mp3 links to http://example.com/licenseinfo (using ID3 tags)

http://example.com/licenseinfo says the work is available under http://creativecommons.org/licenses/by/2.0/ (using HTML and RDF)

The URL for the page that includes license metadata for a file is known as a WebStatement URL after the name used in XMP.

The page at the WebStatement URL should also identify the licensed media file with a content-derived identifier (e.g., SHA1 hash, see example below) or other independently verifiable identifier so that a program can verify that the page is making a license assertion about the media file at hand.

This has additional benefits besides preventing the propagation of incorrect license metadata: the metadata can now be linked to and indexed by search engines. Imagine searching the Web for music under a Creative Commons license, and then downloading it from a peer-to-peer network.

Third parties can also build authentication services that provide additional assurance that the data is valid.

Security Considerations

Software will automatically download the license info page. Security impact: Anyone who can get you to download their file, just like anyone who can get you to visit their web page, can get you to visit another page and discover your IP address.


Embedding a link to the license info page

Many file formats support embedding CC license information; embedding a WebStatement is supported in {{#ask: supports web statement::True}}.

Publishing the license info page

The license info page must have or HTTP redirect to a page that has a license notice for the file in question. (Readers should be ready to follow several HTTP redirects.)

Example HTML fragment with RDFa:

   <span about="urn:sha1:MSMBC5VEUDLTC26UT5W7GZBAKZHCY2MD">
        Example_Song.mp3 is licensed under
        <a rel="license" href="http://creativecommons.org/licenses/by/3.0/">CC BY 3.0</a>

This fragment includes the statement

<urn:sha1:MSMBC5VEUDLTC26UT5W7GZBAKZHCY2MD> :license <http://creativecommons.org/licenses/by/3.0/> .

which may be read as "File with the SHA1 hash (base32 encoded) of MSMB... is licensed under CC BY 3.0."


ccPublisher and ccLookup offer GUI tools for MP3 license claim embedding and verification metadata generation. Available for Linux, OS X, and Windows.

See XMP for tools and code for embedding XMP in PDF and JPEG formats.