idnits 2.17.1 draft-ietf-precis-nickname-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 1, 2014) is 3495 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-23) exists of draft-ietf-precis-framework-18 -- Possible downref: Non-RFC (?) normative reference: ref. 'UNICODE' -- Possible downref: Non-RFC (?) normative reference: ref. 'UTS39' == Outdated reference: A later version (-12) exists of draft-ietf-precis-mappings-08 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PRECIS P. Saint-Andre 3 Internet-Draft &yet 4 Intended status: Standards Track October 1, 2014 5 Expires: April 4, 2015 7 Preparation and Comparison of Nicknames 8 draft-ietf-precis-nickname-11 10 Abstract 12 This document describes how to prepare and compare Unicode strings 13 representing nicknames, primarily for use within textual chatrooms. 14 This profile is intended to be used by messaging and text 15 conferencing technologies such as the Extensible Messaging and 16 Presence Protocol (XMPP), the Message Session Relay Protocol (MSRP), 17 and Centralized Conferencing (XCON). 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on April 4, 2015. 36 Copyright Notice 38 Copyright (c) 2014 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 1.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 2 55 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 56 2. Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 2.1. Preparation . . . . . . . . . . . . . . . . . . . . . . . 3 58 2.2. Enforcement . . . . . . . . . . . . . . . . . . . . . . . 3 59 3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 5 60 4. Use in Application Protocols . . . . . . . . . . . . . . . . 6 61 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 62 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 63 6.1. Reuse of PRECIS . . . . . . . . . . . . . . . . . . . . . 7 64 6.2. Reuse of Unicode . . . . . . . . . . . . . . . . . . . . 7 65 6.3. Visually Similar Characters . . . . . . . . . . . . . . . 8 66 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 67 7.1. Normative References . . . . . . . . . . . . . . . . . . 8 68 7.2. Informative References . . . . . . . . . . . . . . . . . 8 69 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 9 70 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9 72 1. Introduction 74 1.1. Overview 76 Technologies for textual chatrooms customarily enable participants to 77 specify a nickname for use in the room; e.g., this is true of 78 Internet Relay Chat [RFC2811] as well as multi-party chat 79 technologies based on the Extensible Messaging and Presence Protocol 80 (XMPP) [RFC6120] [XEP-0045], the Message Session Relay Protocol 81 (MSRP) [RFC4975] [I-D.ietf-simple-chat], and Centralized Conferencing 82 (XCON) [RFC5239] [I-D.boulton-xcon-session-chat]. Recent chatroom 83 technologies also allow internationalized nicknames because they 84 support characters from outside the ASCII range [RFC20], typically by 85 means of the Unicode character set [UNICODE]. Although such 86 nicknames tend to be used primarily for display purposes, they are 87 sometimes used for programmatic purposes as well (e.g., kicking users 88 or avoiding nickname conflicts). Note too that nicknames can be used 89 not only in chatrooms but also more generally as a user's preferred 90 display name (see for instance [XEP-0172]). 92 To increase the likelihood that nicknames will work in ways that make 93 sense for typical users throughout the world, this document defines 94 rules for preparing and comparing internationalized nicknames. 96 1.2. Terminology 98 Many important terms used in this document are defined in 99 [I-D.ietf-precis-framework], [RFC6365], and [UNICODE]. 101 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 102 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 103 "OPTIONAL" in this document are to be interpreted as described in RFC 104 2119 [RFC2119]. 106 2. Rules 108 This document distinguishes between three different actions that an 109 entity can take: 111 o Enforcement entails applying to all of the rules specified for the 112 NicknameFreeformClass profile to an individual string. 113 Enforcement is typically the responsibility of a chatroom server, 114 conference focus, or similar entity. 116 o Comparison entails applying all of the rules to two separate 117 strings, for the purpose of determining if the two strings are 118 equivalent. 120 o Preparation entails only ensuring that the characters in an 121 individual string are allowed by the PRECIS FreeformClass. 122 Preparation is typically the responsibility of a client or user 123 agent. 125 Detailed rules are provided in the following sections. 127 2.1. Preparation 129 An entity that prepares a string for inclusion in a nickname slot 130 MUST ensure that the string consists only of Unicode code points that 131 conform to the "FreeformClass" base string class defined in 132 [I-D.ietf-precis-framework]. In addition, the string MUST be encoded 133 as UTF-8 [RFC3629]. 135 2.2. Enforcement 137 An entity that performs enforcement in nickname slots MUST prepare a 138 string as described in the previous section and MUST also apply the 139 width-mapping rules, additional-mapping, special-mapping, case- 140 mapping, normalization, and exclusion rules for the 141 NicknameFreeformClass profile described below (these rules MUST be 142 applied in the order shown). 144 1. There is no width-mapping rule (this is not necessary because 145 width mapping is performed as part of normalization using NFKC as 146 specified below). 148 2. So-called additional mappings MAY be applied, such as mapping of 149 characters that are similar to common delimiters (such as '@', 150 ':', '/', '+', '-', and '.', e.g., mapping of IDEOGRAPHIC FULL 151 STOP (U+3002) to FULL STOP (U+002E)); the PRECIS mappings 152 document [I-D.ietf-precis-mappings] describes such mappings in 153 more detail. 155 3. The special-mapping rule consists of the following: 157 1. Non-ASCII space characters from the "N" category defined 158 under Section 7.14 of [I-D.ietf-precis-framework] MUST be 159 mapped to U+0020 SPACE. 161 2. Leading and trailing whitespace (i.e., one or more instances 162 of the ASCII space character at the beginning or end of a 163 nickname) MUST be removed (e.g., "stpeter " is mapped to 164 "stpeter"). 166 3. Interior sequences of more than one ASCII space character 167 MUST be mapped to a single ASCII space character (e.g., 168 "St Peter" is mapped to "St Peter"). 170 4. Uppercase and titlecase characters MUST be mapped to their 171 lowercase equivalents using Unicode Default Case Folding. In 172 applications that prohibit conflicting nicknames, this rule helps 173 to reduce the possibility of confusion by ensuring that nicknames 174 differing only by case (e.g., "stpeter" vs. "StPeter") would not 175 be allowed in a chatroom at the same time. 177 5. The string MUST be normalized using Unicode Normalization Form KC 178 (NFKC). Because NFKC is more "aggressive" in finding matches 179 than other normalization forms (in the terminology of Unicode, it 180 performs both canonical and compatibility decomposition before 181 recomposing code points), this rule helps to reduce the 182 possibility of confusion by increasing the number of characters 183 that would match (e.g., U+2163 ROMAN NUMERAL FOUR would match the 184 combination of U+0049 LATIN CAPITAL LETTER I and U+0056 LATIN 185 CAPITAL LETTER V). 187 6. There is no exclusion rule. 189 With regard to directionality, applications MUST apply the "Bidi 190 Rule" defined in [RFC5893] (i.e., each of the six conditions of the 191 Bidi Rule must be satisfied). 193 3. Examples 195 The following examples illustrate a small number of nicknames that 196 are consistent with the format defined above, along with the output 197 string resulting from application of the PRECIS rules, which would be 198 used for comparison purposes (note that the characters < and > are 199 used to delineate the actual nickname and are not part of the 200 nickname strings). 202 Table 1: A sample of legal nicknames 204 +---------------------------+-----------------------------------+ 205 | # | Nickname | Output for Comparison | 206 +---------------------------+-----------------------------------+ 207 | 1 | | | 208 +---------------------------+-----------------------------------+ 209 | 2 | | | 210 +---------------------------+-----------------------------------+ 211 | 3 | | | 212 +---------------------------+-----------------------------------+ 213 | 4 | | | 214 +---------------------------+-----------------------------------+ 215 | 5 | <Σ> | GREEK SMALL LETTER SIGMA (U+03C3) | 216 +---------------------------+-----------------------------------+ 217 | 6 | <σ> | GREEK SMALL LETTER SIGMA (U+03C3) | 218 +---------------------------+-----------------------------------+ 219 | 7 | <ς> | GREEK SMALL LETTER FINAL SIGMA | 220 | | | (U+03C2) | 221 +---------------------------+-----------------------------------+ 222 | 8 | <♚> | BLACK CHESS KING (U+265A) | 223 +---------------------------+-----------------------------------+ 225 Regarding examples 5, 6, and 7: case-mapping of GREEK CAPITAL LETTER 226 SIGMA (U+03A3) to lowercase (i.e., to GREEK SMALL LETTER SIGMA, 227 U+03C3) during comparison would result in matching the nicknames in 228 examples 5 and 6; however, because the PRECIS mapping rules do not 229 account for the special status of GREEK SMALL LETTER FINAL SIGMA 230 (U+03C2), the nicknames in examples 5 and 7 or examples 6 and 7 would 231 not be matched. Regarding example 8: symbol characters such as BLACK 232 CHESS KING (U+265A) are allowed by the PRECIS FreeformClass and thus 233 can be used in nicknames. 235 The following examples illustrate strings that are not valid 236 nicknames because they violate the format defined above. 238 Table 2: A sample of strings that violate the nickname rules 240 +---------------------------------+---------------------------------+ 241 | # | Non-Nickname string | Notes | 242 +---------------------------------+---------------------------------+ 243 | 9 | < foo > | Leading spaces | 244 +---------------------------------+---------------------------------+ 245 | 10| <> | Zero-length string | 246 +---------------------------------+---------------------------------+ 248 4. Use in Application Protocols 250 This specification defines only the PRECIS-based rules for handling 251 of nickname strings. It is the responsibility of an application 252 protocol (e.g., MSRP, XCON, or XMPP) to specify the protocol slots in 253 which nickname strings can appear, as well as the entities that are 254 expected to enforce the rules governing nickname strings in that 255 protocol (e.g., chat servers, chat clients, or both). 257 Above and beyond the PRECIS-based rules specified here, application 258 protocols can also define application-specific rules governing 259 nickname strings (rules regarding the minimum or maximum length of 260 nicknames, further restrictions on allowable characters or character 261 ranges, safeguards to mitigate the effects of visually similar 262 characters, etc.). 264 Naturally, application protocols can also specify rules governing the 265 actual use of nicknames in applications (reserved nicknames, 266 authorization requirements for using nicknames, whether certain 267 nicknames can be prohibited, handling of duplicates, the relationship 268 between nicknames and underlying identifiers such as SIP URIs or 269 Jabber IDs, etc.). 271 Entities that enforce the rules specified in this document are 272 encouraged to be liberal in what they accept by following this 273 procedure: 275 1. Where possible, map characters (e.g, through width mapping, 276 additional mapping, special mapping, case mapping, or 277 normalization) and accept the mapped string. 279 2. If mapping is not possible (e.g., because a character is 280 disallowed in the FreeformClass), reject the string. 282 5. IANA Considerations 284 The IANA shall add the following entry to the PRECIS Profiles 285 Registry: 287 Name: NicknameFreeformClass. 289 Applicability: Nicknames in messaging and text conferencing 290 technologies such as MSRP, XCON, and XMPP. 292 Base Class: FreeformClass. 294 Replaces: None. 296 Width Mapping: None (handled via NFKC). 298 Additional Mappings: Map non-ASCII space characters to ASCII space, 299 strip leading and trailing space characters, map interior 300 sequences of multiple space characters to a single ASCII space. 302 Case Mapping: For comparison purposes, map uppercase and titlecase 303 characters to lowercase using Unicode Default Case Folding. 305 Normalization: NFKC. 307 Directionality: The "Bidi Rule" defined in RFC 5893 applies. 309 Exclusions: None. 311 Enforcement: To be specified by applications. 313 Specification: this document. [Note to RFC Editor: please change 314 "this document" to the RFC number issued for this specification.] 316 6. Security Considerations 318 6.1. Reuse of PRECIS 320 The security considerations described in [I-D.ietf-precis-framework] 321 apply to the "FreeformClass" string class used in this document for 322 nicknames. 324 6.2. Reuse of Unicode 326 The security considerations described in [UTS39] apply to the use of 327 Unicode characters in nicknames. 329 6.3. Visually Similar Characters 331 [I-D.ietf-precis-framework] describes some of the security 332 considerations related to visually similar characters, also called 333 "confusable characters" or "confusables". 335 Although the mapping rules defined under Section 2 of this document 336 are designed in part to reduce the possibility of confusion about 337 nicknames, this document does not provide more detailed 338 recommendations regarding the handling of visually similar 339 characters, such as those provided in [UTS39]. 341 7. References 343 7.1. Normative References 345 [I-D.ietf-precis-framework] 346 Saint-Andre, P. and M. Blanchet, "Precis Framework: 347 Handling Internationalized Strings in Protocols", draft- 348 ietf-precis-framework-18 (work in progress), September 349 2014. 351 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 352 Requirement Levels", BCP 14, RFC 2119, March 1997. 354 [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO 355 10646", STD 63, RFC 3629, November 2003. 357 [RFC5893] Alvestrand, H. and C. Karp, "Right-to-Left Scripts for 358 Internationalized Domain Names for Applications (IDNA)", 359 RFC 5893, August 2010. 361 [UNICODE] The Unicode Consortium, "The Unicode Standard, Version 362 6.3", 2013, 363 . 365 [UTS39] The Unicode Consortium, "Unicode Technical Standard #39: 366 Unicode Security Mechanisms", November 2013, 367 . 369 7.2. Informative References 371 [I-D.boulton-xcon-session-chat] 372 Barnes, M., Boulton, C., and S. Loreto, "Chatrooms within 373 a Centralized Conferencing (XCON) System", draft-boulton- 374 xcon-session-chat-08 (work in progress), July 2011. 376 [I-D.ietf-simple-chat] 377 Niemi, A., Garcia, M., and G. Sandbakken, "Multi-party 378 Chat Using the Message Session Relay Protocol (MSRP)", 379 draft-ietf-simple-chat-18 (work in progress), January 380 2013. 382 [I-D.ietf-precis-mappings] 383 Yoneya, Y. and T. NEMOTO, "Mapping characters for PRECIS 384 classes", draft-ietf-precis-mappings-08 (work in 385 progress), June 2014. 387 [RFC20] Cerf, V., "ASCII format for network interchange", RFC 20, 388 October 1969. 390 [RFC2811] Kalt, C., "Internet Relay Chat: Channel Management", RFC 391 2811, April 2000. 393 [RFC4975] Campbell, B., Mahy, R., and C. Jennings, "The Message 394 Session Relay Protocol (MSRP)", RFC 4975, September 2007. 396 [RFC5239] Barnes, M., Boulton, C., and O. Levin, "A Framework for 397 Centralized Conferencing", RFC 5239, June 2008. 399 [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence 400 Protocol (XMPP): Core", RFC 6120, March 2011. 402 [RFC6365] Hoffman, P. and J. Klensin, "Terminology Used in 403 Internationalization in the IETF", BCP 166, RFC 6365, 404 September 2011. 406 [XEP-0045] 407 Saint-Andre, P., "Multi-User Chat", XSF XEP 0045, February 408 2012. 410 [XEP-0172] 411 Saint-Andre, P. and V. Mercier, "User Nickname", XSF XEP 412 0172, March 2012. 414 Appendix A. Acknowledgements 416 Thanks to Kim Alvefur, Mary Barnes, Dave Cridland, Miguel Garcia, 417 Salvatore Loreto, and Enrico Marocco for their reviews and comments. 419 Author's Address 420 Peter Saint-Andre 421 &yet 423 Email: peter@andyet.com 424 URI: https://andyet.com/