idnits 2.17.1 draft-ietf-precis-nickname-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (January 23, 2014) is 3738 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-23) exists of draft-ietf-precis-framework-13 -- Possible downref: Non-RFC (?) normative reference: ref. 'UNICODE' -- Possible downref: Non-RFC (?) normative reference: ref. 'UTS39' == Outdated reference: A later version (-12) exists of draft-ietf-precis-mappings-05 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PRECIS P. Saint-Andre 3 Internet-Draft 4 Intended status: Standards Track January 23, 2014 5 Expires: July 27, 2014 7 Preparation and Comparison of Nicknames 8 draft-ietf-precis-nickname-09 10 Abstract 12 This document describes how to prepare and compare Unicode strings 13 representing nicknames, primarily for use within textual chatrooms. 14 This profile is intended to be used by messaging and text 15 conferencing technologies such as the Extensible Messaging and 16 Presence Protocol (XMPP), the Message Session Relay Protocol (MSRP), 17 and Centralized Conferencing (XCON). 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on July 27, 2014. 36 Copyright Notice 38 Copyright (c) 2014 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 1.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 2 55 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 56 2. Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 4 58 4. Use in Application Protocols . . . . . . . . . . . . . . . . 5 59 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 60 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 61 6.1. Reuse of PRECIS . . . . . . . . . . . . . . . . . . . . . 7 62 6.2. Reuse of Unicode . . . . . . . . . . . . . . . . . . . . 7 63 6.3. Visually Similar Characters . . . . . . . . . . . . . . . 7 64 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 65 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 66 7.2. Informative References . . . . . . . . . . . . . . . . . 8 67 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 9 68 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9 70 1. Introduction 72 1.1. Overview 74 Technologies for textual chatrooms customarily enable participants to 75 specify a nickname for use in the room; e.g., this is true of 76 Internet Relay Chat [RFC2811] as well as multi-party chat 77 technologies based on the Extensible Messaging and Presence Protocol 78 (XMPP) [RFC6120] [XEP-0045], the Message Session Relay Protocol 79 (MSRP) [RFC4975] [I-D.ietf-simple-chat], and Centralized Conferencing 80 (XCON) [RFC5239] [I-D.boulton-xcon-session-chat]. Recent chatroom 81 technologies also allow internationalized nicknames because they 82 support characters from outside the ASCII range [RFC20], typically by 83 means of the Unicode character set [UNICODE]. Although such 84 nicknames tend to be used primarily for display purposes, they are 85 sometimes used for programmatic purposes as well (e.g., kicking users 86 or avoiding nickname conflicts). Note too that nicknames can be used 87 not only in chatrooms but also more generally as a user's preferred 88 display name (see for instance [XEP-0172]). 90 To increase the likelihood that nicknames will work in ways that make 91 sense for typical users throughout the world, this document defines 92 rules for preparing and comparing internationalized nicknames. 94 1.2. Terminology 96 Many important terms used in this document are defined in 97 [I-D.ietf-precis-framework], [RFC6365], and [UNICODE]. 99 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 100 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 101 "OPTIONAL" in this document are to be interpreted as described in RFC 102 2119 [RFC2119]. 104 2. Rules 106 A nickname MUST consist only of Unicode code points that conform to 107 the "FreeformClass" string class defined in 108 [I-D.ietf-precis-framework]. 110 For preparation purposes (most commonly, when a chatroom client 111 generates a nickname from user input for inclusion as a protocol 112 element that represents a "nickname slot"), an application MUST at a 113 minimum ensure that the string conforms to the "FreeformClass" string 114 class defined in [I-D.ietf-precis-framework]; however, it MAY in 115 addition perform the normalization and mapping operations specified 116 below for comparison purposes. 118 For comparison purposes (e.g., when a chatroom server determines if 119 two nicknames are in conflict during the authorization process), an 120 application MUST treat a nickname as specified below (these rules 121 constitute the "NicknameFreeformClass" profile). The operations 122 specified MUST be completed in the order shown (in particular, 123 normalization MUST be performed after the other mapping steps and 124 before validity-checking against the definition of the PRECIS 125 "FreeformClass", consistent with [I-D.ietf-precis-framework]). 127 1. So-called additional mappings MAY be applied, such as those 128 defined in [I-D.ietf-precis-mappings]. (Note that mapping of 129 fullwidth and halfwidth characters to their decomposition 130 mappings is not necessary, since those mappings are performed as 131 part of normalization using NFKC as mandated below.) 133 2. Non-ASCII space characters from the "N" category defined under 134 Section 6.14 of [I-D.ietf-precis-framework] MUST be mapped to 135 U+0020 SPACE. 137 3. Leading and trailing whitespace (i.e., one or more instances of 138 the ASCII space character at the beginning or end of a nickname) 139 MUST be removed (e.g., "stpeter " is mapped to "stpeter"). 141 4. Interior sequences of more than one ASCII space character MUST be 142 mapped to a single ASCII space character (e.g., "St Peter" is 143 mapped to "St Peter"). 145 5. Uppercase and titlecase characters MUST be mapped to their 146 lowercase equivalents. In applications that prohibit conflicting 147 nicknames, this rule helps to reduce the possibility of confusion 148 by ensuring that nicknames differing only by case (e.g., 149 "stpeter" vs. "StPeter") would not be allowed in a chatroom at 150 the same time. 152 6. The string MUST be normalized using Unicode Normalization Form KC 153 (NFKC). Because NFKC is more "aggressive" in finding matches 154 than other normalization forms (in the terminology of Unicode, it 155 performs both canonical and compatibility decomposition before 156 recomposing code points), this rule helps to reduce the 157 possibility of confusion by increasing the number of characters 158 that would match (e.g., U+2163 ROMAN NUMERAL FOUR would match the 159 combination of U+0049 LATIN CAPITAL LETTER I and U+0056 LATIN 160 CAPITAL LETTER V). 162 7. Finally, the rules for the PRECIS "FreeformClass" MUST be 163 applied, as specified in [I-D.ietf-precis-framework]. 165 For both preparation and comparison, the "Bidi Rule" defined in 166 [RFC5893] applies to the directionality of a nickname. 168 3. Examples 170 The following examples illustrate a small number of nicknames that 171 are consistent with the format defined above, along with the output 172 string resulting from application of the PRECIS rules, which would be 173 used for comparison purposes (note that the characters < and > are 174 used to delineate the actual nickname and are not part of the 175 nickname strings). 177 Table 1: A sample of legal nicknames 178 +---------------------------+-----------------------------------+ 179 | # | Nickname | Output for Comparison | 180 +---------------------------+-----------------------------------+ 181 | 1 | | | 182 +---------------------------+-----------------------------------+ 183 | 2 | | | 184 +---------------------------+-----------------------------------+ 185 | 3 | | | 186 +---------------------------+-----------------------------------+ 187 | 4 | | | 188 +---------------------------+-----------------------------------+ 189 | 5 | <Σ> | GREEK SMALL LETTER SIGMA (U+03C3) | 190 +---------------------------+-----------------------------------+ 191 | 6 | <σ> | GREEK SMALL LETTER SIGMA (U+03C3) | 192 +---------------------------+-----------------------------------+ 193 | 7 | <ς> | GREEK SMALL LETTER FINAL SIGMA | 194 | | | (U+03C2) | 195 +---------------------------+-----------------------------------+ 196 | 8 | <♚> | BLACK CHESS KING (U+265A) | 197 +---------------------------+-----------------------------------+ 199 Regarding examples 5, 6, and 7: case-mapping of GREEK CAPITAL LETTER 200 SIGMA (U+03A3) to lowercase (i.e., to GREEK SMALL LETTER SIGMA, 201 U+03C3) during comparison would result in matching the nicknames in 202 examples 5 and 6; however, because the PRECIS mapping rules do not 203 account for the special status of GREEK SMALL LETTER FINAL SIGMA 204 (U+03C2), the nicknames in examples 5 and 7 or examples 6 and 7 would 205 not be matched. Regarding example 8: symbol characters such as BLACK 206 CHESS KING (U+265A) are allowed by the PRECIS FreeformClass and thus 207 can be used in nicknames. 209 The following examples illustrate strings that are not valid 210 nicknames because they violate the format defined above. 212 Table 2: A sample of strings that violate the nickname rules 214 +---------------------------------+---------------------------------+ 215 | # | Non-Nickname string | Notes | 216 +---------------------------------+---------------------------------+ 217 | 9 | < foo > | Leading spaces | 218 +---------------------------------+---------------------------------+ 219 | 10| <> | Zero-length string | 220 +---------------------------------+---------------------------------+ 222 4. Use in Application Protocols 223 This specification defines only the PRECIS-based rules for handling 224 of nickname strings. It is the responsibility of an application 225 protocol (e.g., MSRP, XCON, or XMPP) to specify the protocol slots in 226 which nickname strings can appear, as well as the entities that are 227 expected to enforce the rules governing nickname strings in that 228 protocol (e.g., chat servers, chat clients, or both). Above and 229 beyond the PRECIS-based rules specified here, application protocols 230 can also define application-specific rules governing nickname strings 231 (rules regarding the minimum or maximum length of nicknames, further 232 restrictions on allowable characters or character ranges, safeguards 233 to mitigate the effects of visually similar characters, etc.). 234 Naturally, application protocols can also specify rules governing the 235 actual use of nicknames in applications (reserved nicknames, 236 authorization requirements for using nicknames, whether certain 237 nicknames can be prohibited, handling of duplicates, the relationship 238 between nicknames and underlying identifiers such as SIP URIs or 239 Jabber Identifiers, etc.). 241 5. IANA Considerations 243 The IANA shall add the following entry to the PRECIS Profiles 244 Registry: 246 Name: NicknameFreeformClass. 248 Applicability: Nicknames in messaging and text conferencing 249 technologies such as MSRP, XCON, and XMPP. 251 Base Class: FreeformClass. 253 Replaces: None. 255 Width Mapping: None (handled via NFKC). 257 Additional Mappings: Map non-ASCII space characters to ASCII space, 258 strip leading and trailing space characters, map interior 259 sequences of multiple space characters to a single ASCII space. 261 Case Mapping: Map uppercase and titlecase characters to lowercase. 263 Normalization: NFKC. 265 Directionality: The "Bidi Rule" defined in RFC 5893 applies. 267 Exclusions: None. 269 Enforcement: To be specified by applications. 271 Specification: RFC XXXX. [Note to RFC Editor: please change XXXX to 272 the number issued for this specification.] 274 6. Security Considerations 276 6.1. Reuse of PRECIS 278 The security considerations described in [I-D.ietf-precis-framework] 279 apply to the "FreeformClass" string class used in this document for 280 nicknames. 282 6.2. Reuse of Unicode 284 The security considerations described in [UTS39] apply to the use of 285 Unicode characters in nicknames. 287 6.3. Visually Similar Characters 289 [I-D.ietf-precis-framework] describes some of the security 290 considerations related to visually similar characters, also called 291 "confusable characters" or "confusables". 293 Although the mapping rules defined under Section 2 of this document 294 are designed in part to reduce the possibility of confusion about 295 nicknames, this document does not provide more detailed 296 recommendations regarding the handling of visually similar 297 characters, such as those provided in [UTS39]. 299 7. References 301 7.1. Normative References 303 [I-D.ietf-precis-framework] 304 Saint-Andre, P. and M. Blanchet, "Precis Framework: 305 Handling Internationalized Strings in Protocols", draft- 306 ietf-precis-framework-13 (work in progress), December 307 2013. 309 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 310 Requirement Levels", BCP 14, RFC 2119, March 1997. 312 [RFC5893] Alvestrand, H. and C. Karp, "Right-to-Left Scripts for 313 Internationalized Domain Names for Applications (IDNA)", 314 RFC 5893, August 2010. 316 [UNICODE] The Unicode Consortium, "The Unicode Standard, Version 317 6.3", 2013, 318 . 320 [UTS39] The Unicode Consortium, "Unicode Technical Standard #39: 321 Unicode Security Mechanisms", November 2013, 322 . 324 7.2. Informative References 326 [I-D.boulton-xcon-session-chat] 327 Barnes, M., Boulton, C., and S. Loreto, "Chatrooms within 328 a Centralized Conferencing (XCON) System", draft-boulton- 329 xcon-session-chat-08 (work in progress), July 2011. 331 [I-D.ietf-simple-chat] 332 Niemi, A., Garcia, M., and G. Sandbakken, "Multi-party 333 Chat Using the Message Session Relay Protocol (MSRP)", 334 draft-ietf-simple-chat-18 (work in progress), January 335 2013. 337 [I-D.ietf-precis-mappings] 338 Yoneya, Y. and T. NEMOTO, "Mapping characters for PRECIS 339 classes", draft-ietf-precis-mappings-05 (work in 340 progress), October 2013. 342 [RFC20] Cerf, V., "ASCII format for network interchange", RFC 20, 343 October 1969. 345 [RFC2811] Kalt, C., "Internet Relay Chat: Channel Management", RFC 346 2811, April 2000. 348 [RFC4975] Campbell, B., Mahy, R., and C. Jennings, "The Message 349 Session Relay Protocol (MSRP)", RFC 4975, September 2007. 351 [RFC5239] Barnes, M., Boulton, C., and O. Levin, "A Framework for 352 Centralized Conferencing", RFC 5239, June 2008. 354 [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence 355 Protocol (XMPP): Core", RFC 6120, March 2011. 357 [RFC6365] Hoffman, P. and J. Klensin, "Terminology Used in 358 Internationalization in the IETF", BCP 166, RFC 6365, 359 September 2011. 361 [XEP-0045] 362 Saint-Andre, P., "Multi-User Chat", XSF XEP 0045, February 363 2012. 365 [XEP-0172] 366 Saint-Andre, P. and V. Mercier, "User Nickname", XSF XEP 367 0172, March 2012. 369 Appendix A. Acknowledgements 371 Thanks to Kim Alvefur, Mary Barnes, Dave Cridland, Miguel Garcia, 372 Salvatore Loreto, and Enrico Marocco for their reviews and comments. 374 Author's Address 376 Peter Saint-Andre 378 Email: ietf@stpeter.im