idnits 2.17.1 draft-ietf-precis-nickname-12.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (November 21, 2014) is 3444 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-23) exists of draft-ietf-precis-framework-20 -- Possible downref: Non-RFC (?) normative reference: ref. 'UNICODE' -- Possible downref: Non-RFC (?) normative reference: ref. 'UTS39' Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PRECIS P. Saint-Andre 3 Internet-Draft &yet 4 Intended status: Standards Track November 21, 2014 5 Expires: May 25, 2015 7 Preparation, Enforcement, and Comparison of Internationalized Strings 8 Representing Nicknames 9 draft-ietf-precis-nickname-12 11 Abstract 13 This document describes methods for handling Unicode strings 14 representing nicknames. 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on May 25, 2015. 33 Copyright Notice 35 Copyright (c) 2014 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 51 1.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 2 52 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 53 2. Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 54 2.1. Preparation . . . . . . . . . . . . . . . . . . . . . . . 3 55 2.2. Enforcement . . . . . . . . . . . . . . . . . . . . . . . 3 56 3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 4. Use in Application Protocols . . . . . . . . . . . . . . . . 6 58 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 59 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 60 6.1. Reuse of PRECIS . . . . . . . . . . . . . . . . . . . . . 7 61 6.2. Reuse of Unicode . . . . . . . . . . . . . . . . . . . . 7 62 6.3. Visually Similar Characters . . . . . . . . . . . . . . . 7 63 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 64 7.1. Normative References . . . . . . . . . . . . . . . . . . 8 65 7.2. Informative References . . . . . . . . . . . . . . . . . 8 66 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 9 67 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9 69 1. Introduction 71 1.1. Overview 73 Technologies for textual chatrooms customarily enable participants to 74 specify a nickname for use in the room; e.g., this is true of 75 Internet Relay Chat [RFC2811] as well as multi-party chat 76 technologies based on the Extensible Messaging and Presence Protocol 77 (XMPP) [RFC6120] [XEP-0045], the Message Session Relay Protocol 78 (MSRP) [RFC4975] [I-D.ietf-simple-chat], and Centralized Conferencing 79 (XCON) [RFC5239] [I-D.boulton-xcon-session-chat]. Recent chatroom 80 technologies also allow internationalized nicknames because they 81 support characters from outside the ASCII range [RFC20], typically by 82 means of the Unicode character set [UNICODE]. Although such 83 nicknames tend to be used primarily for display purposes, they are 84 sometimes used for programmatic purposes as well (e.g., kicking users 85 or avoiding nickname conflicts). Note too that nicknames can be used 86 not only in chatrooms but also more generally as a user's preferred 87 display name (see for instance [XEP-0172]). 89 Nicknames (also called "petnames") are also used in contexts other 90 than messaging, such as petnames for devices, bank accounts, and the 91 like. The rules specified in this document can also be applied to 92 such nicknames. 94 To increase the likelihood that nicknames will work in ways that make 95 sense for typical users throughout the world, this document defines 96 rules for preparing, enforcing, and comparing internationalized 97 nicknames. 99 1.2. Terminology 101 Many important terms used in this document are defined in 102 [I-D.ietf-precis-framework], [RFC6365], and [UNICODE]. 104 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 105 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 106 "OPTIONAL" in this document are to be interpreted as described in RFC 107 2119 [RFC2119]. 109 2. Rules 111 Detailed rules for the preparation, enforcement, and comparision of 112 nicknames are provided in the following sections (on the distinction 113 between these actions, refer to [I-D.ietf-precis-framework]). 115 2.1. Preparation 117 An entity that prepares a string for inclusion in a nickname slot 118 MUST ensure that the string consists only of Unicode code points that 119 conform to the "FreeformClass" base string class defined in 120 [I-D.ietf-precis-framework]. In addition, the string MUST be encoded 121 as UTF-8 [RFC3629]. 123 2.2. Enforcement 125 An entity that performs enforcement in nickname slots MUST prepare a 126 string as described in the previous section and MUST also apply the 127 rules specified below for the NicknameFreeformClass profile (these 128 rules MUST be applied in the order shown). 130 1. Width Mapping Rule: There is no width-mapping rule (such a rule 131 is not necessary because width mapping is performed as part of 132 normalization using NFKC as specified below). 134 2. Additional Mapping Rule: The additional mapping rule consists of 135 the following sub-rules. 137 1. Any instances of non-ASCII space MUST be mapped to ASCII 138 space (U+0020); a non-ASCII space is any Unicode code point 139 having a general category of "Zs", naturally with the 140 exception of U+0020. 142 2. Leading and trailing whitespace (i.e., one or more instances 143 of the ASCII space character at the beginning or end of a 144 nickname) MUST be removed (e.g., "stpeter " is mapped to 145 "stpeter"). 147 3. Interior sequences of more than one ASCII space character 148 MUST be mapped to a single ASCII space character (e.g., 149 "St Peter" is mapped to "St Peter"). 151 3. Case Mapping Rule: Uppercase and titlecase characters MUST be 152 mapped to their lowercase equivalents using Unicode Default Case 153 Folding. In applications that prohibit conflicting nicknames, 154 this rule helps to reduce the possibility of confusion by 155 ensuring that nicknames differing only by case (e.g., "stpeter" 156 vs. "StPeter") would not be presented to a human user at the same 157 time. 159 4. Normalization Rule: The string MUST be normalized using Unicode 160 Normalization Form KC (NFKC). Because NFKC is more "aggressive" 161 in finding matches than other normalization forms (in the 162 terminology of Unicode, it performs both canonical and 163 compatibility decomposition before recomposing code points), this 164 rule helps to reduce the possibility of confusion by increasing 165 the number of characters that would match (e.g., U+2163 ROMAN 166 NUMERAL FOUR would match the combination of U+0049 LATIN CAPITAL 167 LETTER I and U+0056 LATIN CAPITAL LETTER V). 169 5. Directionality Rule: Applications MUST apply the "Bidi Rule" 170 defined in [RFC5893] (i.e., each of the six conditions of the 171 Bidi Rule must be satisfied). 173 3. Examples 175 The following examples illustrate a small number of nicknames that 176 are consistent with the format defined above, along with the output 177 string resulting from application of the PRECIS rules, which would be 178 used for comparison purposes (note that the characters < and > are 179 used to delineate the actual nickname and are not part of the 180 nickname strings). 182 Table 1: A sample of legal nicknames 184 +---------------------------+-----------------------------------+ 185 | # | Nickname | Output for Comparison | 186 +---------------------------+-----------------------------------+ 187 | 1 | | | 188 +---------------------------+-----------------------------------+ 189 | 2 | | | 190 +---------------------------+-----------------------------------+ 191 | 3 | | | 192 +---------------------------+-----------------------------------+ 193 | 4 | | | 194 +---------------------------+-----------------------------------+ 195 | 5 | <Σ> | GREEK SMALL LETTER SIGMA (U+03C3) | 196 +---------------------------+-----------------------------------+ 197 | 6 | <σ> | GREEK SMALL LETTER SIGMA (U+03C3) | 198 +---------------------------+-----------------------------------+ 199 | 7 | <ς> | GREEK SMALL LETTER FINAL SIGMA | 200 | | | (U+03C2) | 201 +---------------------------+-----------------------------------+ 202 | 8 | <♚> | BLACK CHESS KING (U+265A) | 203 +---------------------------+-----------------------------------+ 205 Regarding examples 5, 6, and 7: case-mapping of GREEK CAPITAL LETTER 206 SIGMA (U+03A3) to lowercase (i.e., to GREEK SMALL LETTER SIGMA, 207 U+03C3) during comparison would result in matching the nicknames in 208 examples 5 and 6; however, because the PRECIS mapping rules do not 209 account for the special status of GREEK SMALL LETTER FINAL SIGMA 210 (U+03C2), the nicknames in examples 5 and 7 or examples 6 and 7 would 211 not be matched. Regarding example 8: symbol characters such as BLACK 212 CHESS KING (U+265A) are allowed by the PRECIS FreeformClass and thus 213 can be used in nicknames. 215 The following examples illustrate strings that are not valid 216 nicknames because they violate the format defined above. 218 Table 2: A sample of strings that violate the nickname rules 220 +---------------------------------+---------------------------------+ 221 | # | Non-Nickname string | Notes | 222 +---------------------------------+---------------------------------+ 223 | 9 | < foo > | Leading spaces | 224 +---------------------------------+---------------------------------+ 225 | 10 | | Multiple spaces | 226 +---------------------------------+---------------------------------+ 227 | 10| <> | Zero-length string | 228 +---------------------------------+---------------------------------+ 230 4. Use in Application Protocols 232 This specification defines only the PRECIS-based rules for handling 233 of nickname strings. It is the responsibility of an application 234 protocol (e.g., MSRP, XCON, or XMPP) to specify the protocol slots in 235 which nickname strings can appear, as well as the entities that are 236 expected to enforce the rules governing nickname strings in that 237 protocol. 239 Above and beyond the PRECIS-based rules specified here, application 240 protocols can also define application-specific rules governing 241 nickname strings (rules regarding the minimum or maximum length of 242 nicknames, further restrictions on allowable characters or character 243 ranges, safeguards to mitigate the effects of visually similar 244 characters, etc.). 246 Naturally, application protocols can also specify rules governing the 247 actual use of nicknames in applications (reserved nicknames, 248 authorization requirements for using nicknames, whether certain 249 nicknames can be prohibited, handling of duplicates, the relationship 250 between nicknames and underlying identifiers such as SIP URIs or 251 Jabber IDs, etc.). 253 Entities that enforce the rules specified in this document are 254 encouraged to be liberal in what they accept by following this 255 procedure: 257 1. Where possible, map characters (e.g, through width mapping, 258 additional mapping, special mapping, case mapping, or 259 normalization) and accept the mapped string. 261 2. If mapping is not possible (e.g., because a character is 262 disallowed in the FreeformClass), reject the string. 264 5. IANA Considerations 266 The IANA shall add the following entry to the PRECIS Profiles 267 Registry: 269 Name: NicknameFreeformClass. 271 Applicability: Nicknames in messaging and text conferencing 272 technologies such as MSRP, XCON, and XMPP. 274 Base Class: FreeformClass. 276 Replaces: None. 278 Width Mapping Rule: None (handled via NFKC). 280 Additional Mapping Rule: Map non-ASCII space characters to ASCII 281 space, strip leading and trailing space characters, map interior 282 sequences of multiple space characters to a single ASCII space. 284 Case Mapping Rule: For comparison purposes, map uppercase and 285 titlecase characters to lowercase using Unicode Default Case 286 Folding. 288 Normalization Rule: NFKC. 290 Directionality Rule: The "Bidi Rule" defined in RFC 5893 applies. 292 Enforcement: To be specified by applications. 294 Specification: RFC XXXX. [Note to RFC Editor: please change "XXXX" 295 to the RFC number issued for this specification.] 297 6. Security Considerations 299 6.1. Reuse of PRECIS 301 The security considerations described in [I-D.ietf-precis-framework] 302 apply to the "FreeformClass" string class used in this document for 303 nicknames. 305 6.2. Reuse of Unicode 307 The security considerations described in [UTS39] apply to the use of 308 Unicode characters in nicknames. 310 6.3. Visually Similar Characters 312 [I-D.ietf-precis-framework] describes some of the security 313 considerations related to visually similar characters, also called 314 "confusable characters" or "confusables". 316 Although the mapping rules defined under Section 2 of this document 317 are designed in part to reduce the possibility of confusion about 318 nicknames, this document does not provide more detailed 319 recommendations regarding the handling of visually similar 320 characters, such as those provided in [UTS39]. 322 7. References 324 7.1. Normative References 326 [I-D.ietf-precis-framework] 327 Saint-Andre, P. and M. Blanchet, "Precis Framework: 328 Handling Internationalized Strings in Protocols", draft- 329 ietf-precis-framework-20 (work in progress), November 330 2014. 332 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 333 Requirement Levels", BCP 14, RFC 2119, March 1997. 335 [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO 336 10646", STD 63, RFC 3629, November 2003. 338 [RFC5893] Alvestrand, H. and C. Karp, "Right-to-Left Scripts for 339 Internationalized Domain Names for Applications (IDNA)", 340 RFC 5893, August 2010. 342 [UNICODE] The Unicode Consortium, "The Unicode Standard, Version 343 6.3", 2013, 344 . 346 [UTS39] The Unicode Consortium, "Unicode Technical Standard #39: 347 Unicode Security Mechanisms", November 2013, 348 . 350 7.2. Informative References 352 [I-D.boulton-xcon-session-chat] 353 Barnes, M., Boulton, C., and S. Loreto, "Chatrooms within 354 a Centralized Conferencing (XCON) System", draft-boulton- 355 xcon-session-chat-08 (work in progress), July 2011. 357 [I-D.ietf-simple-chat] 358 Niemi, A., Garcia, M., and G. Sandbakken, "Multi-party 359 Chat Using the Message Session Relay Protocol (MSRP)", 360 draft-ietf-simple-chat-18 (work in progress), January 361 2013. 363 [RFC20] Cerf, V., "ASCII format for network interchange", RFC 20, 364 October 1969. 366 [RFC2811] Kalt, C., "Internet Relay Chat: Channel Management", RFC 367 2811, April 2000. 369 [RFC4975] Campbell, B., Mahy, R., and C. Jennings, "The Message 370 Session Relay Protocol (MSRP)", RFC 4975, September 2007. 372 [RFC5239] Barnes, M., Boulton, C., and O. Levin, "A Framework for 373 Centralized Conferencing", RFC 5239, June 2008. 375 [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence 376 Protocol (XMPP): Core", RFC 6120, March 2011. 378 [RFC6365] Hoffman, P. and J. Klensin, "Terminology Used in 379 Internationalization in the IETF", BCP 166, RFC 6365, 380 September 2011. 382 [XEP-0045] 383 Saint-Andre, P., "Multi-User Chat", XSF XEP 0045, February 384 2012. 386 [XEP-0172] 387 Saint-Andre, P. and V. Mercier, "User Nickname", XSF XEP 388 0172, March 2012. 390 Appendix A. Acknowledgements 392 Thanks to Kim Alvefur, Mary Barnes, Dave Cridland, Miguel Garcia, 393 Salvatore Loreto, and Enrico Marocco for their reviews and comments. 395 Peter Saint-Andre wishes to acknowledge Cisco Systems, Inc., for 396 employing him during his work on earlier versions of this document. 398 Author's Address 400 Peter Saint-Andre 401 &yet 403 Email: peter@andyet.com 404 URI: https://andyet.com/