idnits 2.17.1 draft-ietf-precis-nickname-18.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 26, 2015) is 3226 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 7564 (Obsoleted by RFC 8264) -- Possible downref: Non-RFC (?) normative reference: ref. 'UTS39' -- Possible downref: Non-RFC (?) normative reference: ref. 'Unicode' Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PRECIS P. Saint-Andre 3 Internet-Draft &yet 4 Intended status: Standards Track June 26, 2015 5 Expires: December 28, 2015 7 Preparation, Enforcement, and Comparison of Internationalized Strings 8 Representing Nicknames 9 draft-ietf-precis-nickname-18 11 Abstract 13 This document describes methods for handling Unicode strings 14 representing nicknames. 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on December 28, 2015. 33 Copyright Notice 35 Copyright (c) 2015 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 51 1.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 2 52 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 53 2. Nickname Profile . . . . . . . . . . . . . . . . . . . . . . 3 54 2.1. Preparation . . . . . . . . . . . . . . . . . . . . . . . 3 55 2.2. Enforcement . . . . . . . . . . . . . . . . . . . . . . . 3 56 2.3. Comparison . . . . . . . . . . . . . . . . . . . . . . . 5 57 3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 5 58 4. Use in Application Protocols . . . . . . . . . . . . . . . . 6 59 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 60 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 61 6.1. Reuse of PRECIS . . . . . . . . . . . . . . . . . . . . . 7 62 6.2. Reuse of Unicode . . . . . . . . . . . . . . . . . . . . 7 63 6.3. Visually Similar Characters . . . . . . . . . . . . . . . 7 64 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 65 7.1. Normative References . . . . . . . . . . . . . . . . . . 8 66 7.2. Informative References . . . . . . . . . . . . . . . . . 8 67 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 9 68 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9 70 1. Introduction 72 1.1. Overview 74 Technologies for textual chatrooms customarily enable participants to 75 specify a nickname for use in the room; e.g., this is true of 76 Internet Relay Chat [RFC2811] as well as multi-party chat 77 technologies based on the Extensible Messaging and Presence Protocol 78 (XMPP) [RFC6120] [XEP-0045], the Message Session Relay Protocol 79 (MSRP) [RFC4975] [I-D.ietf-simple-chat], and Centralized Conferencing 80 (XCON) [RFC5239] [I-D.boulton-xcon-session-chat]. Recent chatroom 81 technologies also allow internationalized nicknames because they 82 support characters from outside the ASCII range [RFC20], typically by 83 means of the Unicode character set [Unicode]. Although such 84 nicknames tend to be used primarily for display purposes, they are 85 sometimes used for programmatic purposes as well (e.g., kicking users 86 or avoiding nickname conflicts). Note too that nicknames can be used 87 not only in chatrooms but also more generally as a user's preferred 88 display name (see for instance [XEP-0172]). 90 Nicknames (sometimes called "petnames") are also used in contexts 91 other than messaging, such as petnames for devices (e.g., in a 92 network visualization application), websites (e.g., for bookmarks in 93 a web browser), accounts (e.g., in a web interface for a list of 94 payees in a bank account), people (e.g., in a contact list 95 application), and the like. The rules specified in this document can 96 also be applied to such usages. 98 To increase the likelihood that nicknames will work in ways that make 99 sense for typical users throughout the world, this document defines 100 rules for preparing, enforcing, and comparing internationalized 101 nicknames. 103 1.2. Terminology 105 Many important terms used in this document are defined in [RFC7564], 106 [RFC6365], and [Unicode]. 108 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 109 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 110 "OPTIONAL" in this document are to be interpreted as described in RFC 111 2119 [RFC2119]. 113 2. Nickname Profile 115 Detailed rules for the preparation, enforcement, and comparison of 116 nicknames are provided in the following sections, which define the 117 Nickname profile of the PRECIS FreeformClass (on the differences 118 among preparation, enforcement, and comparison, refer to [RFC7564]). 120 2.1. Preparation 122 An entity that prepares a string according to this profile MUST 123 ensure that the string consists only of Unicode code points that 124 conform to the "FreeformClass" base string class defined in 125 [RFC7564]. In addition, the string MUST be encoded as UTF-8 126 [RFC3629]. 128 2.2. Enforcement 130 An entity that performs enforcement according to this profile MUST 131 prepare a string as described in the previous section and MUST also 132 apply the rules specified below for the Nickname profile (these rules 133 MUST be applied in the order shown). 135 1. Width Mapping Rule: There is no width-mapping rule (such a rule 136 is not necessary because width mapping is performed as part of 137 normalization using NFKC as specified below). 139 2. Additional Mapping Rule: The additional mapping rule consists of 140 the following sub-rules. 142 1. Any instances of non-ASCII space MUST be mapped to ASCII 143 space (U+0020); a non-ASCII space is any Unicode code point 144 having a general category of "Zs", naturally with the 145 exception of U+0020. 147 2. Any instances of the ASCII space character at the beginning 148 or end of a nickname MUST be removed (e.g., "stpeter " is 149 mapped to "stpeter"). 151 3. Interior sequences of more than one ASCII space character 152 MUST be mapped to a single ASCII space character (e.g., 153 "St Peter" is mapped to "St Peter"). 155 3. Case Mapping Rule: Uppercase and titlecase characters MUST be 156 mapped to their lowercase equivalents using Unicode Default Case 157 Folding as defined in the Unicode Standard [Unicode] (at the time 158 of this writing, the algorithm is specified in Chapter 3 of 159 [Unicode7.0]). In applications that prohibit conflicting 160 nicknames, this rule helps to reduce the possibility of confusion 161 by ensuring that nicknames differing only by case (e.g., 162 "stpeter" vs. "StPeter") would not be presented to a human user 163 at the same time. 165 4. Normalization Rule: The string MUST be normalized using Unicode 166 Normalization Form KC (NFKC). Because NFKC is more "aggressive" 167 in finding matches than other normalization forms (in the 168 terminology of Unicode, it performs both canonical and 169 compatibility decomposition before recomposing code points), this 170 rule helps to reduce the possibility of confusion by increasing 171 the number of characters that would match (e.g., U+2163 ROMAN 172 NUMERAL FOUR would match the combination of U+0049 LATIN CAPITAL 173 LETTER I and U+0056 LATIN CAPITAL LETTER V). 175 5. Directionality Rule: There is no directionality rule. The "Bidi 176 Rule" (defined in [RFC5893]) and similar rules are unnecessary 177 and inapplicable to nicknames, since it is perfectly acceptable 178 for a given nickname to be presented differently in different 179 layout systems (e.g., a user interface that is configured to 180 handle primarily a right-to-left script vs. an interface that is 181 configured to handle primarily a left-to-right script), as long 182 as the presentation is consistent in any given layout system. 184 After all of the foregoing rules have been enforced, a nickname MUST 185 NOT be zero bytes in length. 187 2.3. Comparison 189 An entity that performs comparison of two strings according to this 190 profile MUST prepare each string and enforce the rules as specified 191 in the previous two sections. The two strings are to be considered 192 equivalent if they are an exact octet-for-octet match (sometimes 193 called "bit-string identity"). 195 3. Examples 197 The following examples illustrate a small number of nicknames that 198 are consistent with the format defined above, along with the output 199 string resulting from application of the PRECIS rules (note that the 200 characters < and > are used to delineate the actual nickname and are 201 not part of the nickname strings). 203 Table 1: A sample of legal nicknames 205 +---------------------------+-----------------------------------+ 206 | # | Nickname | Output for Comparison | 207 +---------------------------+-----------------------------------+ 208 | 1 | | | 209 +---------------------------+-----------------------------------+ 210 | 2 | | | 211 +---------------------------+-----------------------------------+ 212 | 3 | | | 213 +---------------------------+-----------------------------------+ 214 | 4 | | | 215 +---------------------------+-----------------------------------+ 216 | 5 | <Σ> | GREEK SMALL LETTER SIGMA (U+03C3) | 217 +---------------------------+-----------------------------------+ 218 | 6 | <σ> | GREEK SMALL LETTER SIGMA (U+03C3) | 219 +---------------------------+-----------------------------------+ 220 | 7 | <ς> | GREEK SMALL LETTER FINAL SIGMA | 221 | | | (U+03C2) | 222 +---------------------------+-----------------------------------+ 223 | 8 | <♚> | BLACK CHESS KING (U+265A) | 224 +---------------------------+-----------------------------------+ 225 | 9 | | richard iv | 226 +---------------------------+-----------------------------------+ 228 Regarding examples 5, 6, and 7: applying Unicode Default Case Folding 229 to GREEK CAPITAL LETTER SIGMA (U+03A3) results in GREEK SMALL LETTER 230 SIGMA (U+03C3), and doing so during comparison would result in 231 matching the nicknames in examples 5 and 6; however, because the 232 PRECIS mapping rules do not account for the special status of GREEK 233 SMALL LETTER FINAL SIGMA (U+03C2), the nicknames in examples 5 and 7 234 or examples 6 and 7 would not be matched. Regarding example 8: 236 symbol characters such as BLACK CHESS KING (U+265A) are allowed by 237 the PRECIS FreeformClass and thus can be used in nicknames. 238 Regarding example 9: applying Unicode Default Case Folding to ROMAN 239 NUMERAL FOUR (U+2163) results in SMALL ROMAN NUMERAL FOUR (U+2173), 240 and applying NFKC to SMALL ROMAN NUMERAL FOUR (U+2173) results in 241 LATIN SMALL LETTER I (U+0069) LATIN SMALL LETTER V (U+0086). 243 4. Use in Application Protocols 245 This specification defines only the PRECIS-based rules for handling 246 of nickname strings. It is the responsibility of an application 247 protocol (e.g., MSRP, XCON, or XMPP) or application definition to 248 specify the protocol slots in which nickname strings can appear, the 249 entities that are expected to enforce the rules governing nickname 250 strings, and when in protocol processing or interface handling the 251 rules need to be enforced. See Section 6 of [RFC7564] for guidelines 252 about using PRECIS profiles in applications. 254 Above and beyond the PRECIS-based rules specified here, application 255 protocols can also define application-specific rules governing 256 nickname strings (rules regarding the minimum or maximum length of 257 nicknames, further restrictions on allowable characters or character 258 ranges, safeguards to mitigate the effects of visually similar 259 characters, etc.). 261 Naturally, application protocols can also specify rules governing the 262 actual use of nicknames in applications (reserved nicknames, 263 authorization requirements for using nicknames, whether certain 264 nicknames can be prohibited, handling of duplicates, the relationship 265 between nicknames and underlying identifiers such as SIP URIs or 266 Jabber IDs, etc.). 268 Entities that enforce the rules specified in this document are 269 encouraged to be liberal in what they accept by following this 270 procedure: 272 1. Where possible, map characters (e.g, through width mapping, 273 additional mapping, case mapping, or normalization) and accept 274 the mapped string. 276 2. If mapping is not possible (e.g., because a character is 277 disallowed in the FreeformClass), reject the string. 279 5. IANA Considerations 281 The IANA shall add the following entry to the PRECIS Profiles 282 Registry: 284 Name: Nickname. 286 Base Class: FreeformClass. 288 Applicability: Nicknames in messaging and text conferencing 289 technologies; petnames for devices, accounts, and people; and 290 other uses of nicknames or petnames. 292 Replaces: None. 294 Width Mapping Rule: None (handled via NFKC). 296 Additional Mapping Rule: Map non-ASCII space characters to ASCII 297 space, strip leading and trailing space characters, map interior 298 sequences of multiple space characters to a single ASCII space. 300 Case Mapping Rule: Map uppercase and titlecase characters to 301 lowercase using Unicode Default Case Folding. 303 Normalization Rule: NFKC. 305 Directionality Rule: None. 307 Enforcement: To be specified by applications. 309 Specification: RFC XXXX. [Note to RFC Editor: please change "XXXX" 310 to the RFC number issued for this specification.] 312 6. Security Considerations 314 6.1. Reuse of PRECIS 316 The security considerations described in [RFC7564] apply to the 317 "FreeformClass" string class used in this document for nicknames. 319 6.2. Reuse of Unicode 321 The security considerations described in [UTS39] apply to the use of 322 Unicode characters in nicknames. 324 6.3. Visually Similar Characters 326 [RFC7564] describes some of the security considerations related to 327 visually similar characters, also called "confusable characters" or 328 "confusables". 330 Although the mapping rules defined under Section 2 of this document 331 are designed in part to reduce the possibility of confusion about 332 nicknames, this document does not provide more detailed 333 recommendations regarding the handling of visually similar 334 characters, such as those provided in [UTS39]. 336 7. References 338 7.1. Normative References 340 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 341 Requirement Levels", BCP 14, RFC 2119, March 1997. 343 [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO 344 10646", STD 63, RFC 3629, November 2003. 346 [RFC5893] Alvestrand, H. and C. Karp, "Right-to-Left Scripts for 347 Internationalized Domain Names for Applications (IDNA)", 348 RFC 5893, August 2010. 350 [RFC6365] Hoffman, P. and J. Klensin, "Terminology Used in 351 Internationalization in the IETF", BCP 166, RFC 6365, 352 September 2011. 354 [RFC7564] Saint-Andre, P. and M. Blanchet, "PRECIS Framework: 355 Preparation, Enforcement, and Comparison of 356 Internationalized Strings in Application Protocols", RFC 357 7564, May 2015. 359 [UTS39] The Unicode Consortium, "Unicode Technical Standard #39: 360 Unicode Security Mechanisms", November 2013, 361 . 363 [Unicode7.0] 364 The Unicode Consortium, "The Unicode Standard, Version 365 7.0.0", 2014, 366 . 368 [Unicode] The Unicode Consortium, "The Unicode Standard", 369 2015-present, . 371 7.2. Informative References 373 [I-D.boulton-xcon-session-chat] 374 Barnes, M., Boulton, C., and S. Loreto, "Chatrooms within 375 a Centralized Conferencing (XCON) System", draft-boulton- 376 xcon-session-chat-08 (work in progress), July 2011. 378 [I-D.ietf-simple-chat] 379 Niemi, A., Garcia, M., and G. Sandbakken, "Multi-party 380 Chat Using the Message Session Relay Protocol (MSRP)", 381 draft-ietf-simple-chat-18 (work in progress), January 382 2013. 384 [RFC20] Cerf, V., "ASCII format for network interchange", RFC 20, 385 October 1969. 387 [RFC2811] Kalt, C., "Internet Relay Chat: Channel Management", RFC 388 2811, April 2000. 390 [RFC4975] Campbell, B., Mahy, R., and C. Jennings, "The Message 391 Session Relay Protocol (MSRP)", RFC 4975, September 2007. 393 [RFC5239] Barnes, M., Boulton, C., and O. Levin, "A Framework for 394 Centralized Conferencing", RFC 5239, June 2008. 396 [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence 397 Protocol (XMPP): Core", RFC 6120, March 2011. 399 [XEP-0045] 400 Saint-Andre, P., "Multi-User Chat", XSF XEP 0045, February 401 2012. 403 [XEP-0172] 404 Saint-Andre, P. and V. Mercier, "User Nickname", XSF XEP 405 0172, March 2012. 407 Appendix A. Acknowledgements 409 Thanks to Kim Alvefur, Mary Barnes, Ben Campbell, Dave Cridland, 410 Miguel Garcia, Salvatore Loreto, Enrico Marocco, Matt Miller, and 411 Yoshiro YONEYA for their reviews and comments. 413 Thanks to Matt Miller as document shepherd, Marc Blanchet and Alexey 414 Melnikov as working group chairs, and Barry Leiba as area director. 416 Peter Saint-Andre wishes to acknowledge Cisco Systems, Inc., for 417 employing him during his work on earlier versions of this document. 419 Author's Address 421 Peter Saint-Andre 422 &yet 424 Email: peter@andyet.com 425 URI: https://andyet.com/