idnits 2.17.1 draft-ietf-xmpp-resourceprep-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (June 04, 2003) is 7626 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3454 (ref. '1') (Obsoleted by RFC 7564) == Outdated reference: A later version (-24) exists of draft-ietf-xmpp-core-13 -- Possible downref: Non-RFC (?) normative reference: ref. '4' Summary: 2 errors (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group P. Saint-Andre 3 Internet-Draft Jabber Software Foundation 4 Expires: December 3, 2003 J. Hildebrand 5 Jabber, Inc. 6 June 04, 2003 8 Resourceprep: A Stringprep Profile for Resource Identifiers in XMPP 9 draft-ietf-xmpp-resourceprep-03 11 Status of this Memo 13 This document is an Internet-Draft and is in full conformance with 14 all provisions of Section 10 of RFC2026. 16 Internet-Drafts are working documents of the Internet Engineering 17 Task Force (IETF), its areas, and its working groups. Note that other 18 groups may also distribute working documents as Internet-Drafts. 20 Internet-Drafts are draft documents valid for a maximum of six months 21 and may be updated, replaced, or obsoleted by other documents at any 22 time. It is inappropriate to use Internet-Drafts as reference 23 material or to cite them other than as "work in progress." 25 The list of current Internet-Drafts can be accessed at http:// 26 www.ietf.org/ietf/1id-abstracts.txt. 28 The list of Internet-Draft Shadow Directories can be accessed at 29 http://www.ietf.org/shadow.html. 31 This Internet-Draft will expire on December 3, 2003. 33 Copyright Notice 35 Copyright (C) The Internet Society (2003). All Rights Reserved. 37 Abstract 39 This document defines a stringprep profile for resource identifiers 40 in the Extensible Messaging and Presence Protocol (XMPP). 42 Table of Contents 44 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 45 1.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 46 1.2 Discussion Venue . . . . . . . . . . . . . . . . . . . . . . . 3 47 1.3 Intellectual Property Notice . . . . . . . . . . . . . . . . . 3 48 2. Character Repertoire . . . . . . . . . . . . . . . . . . . . . 5 49 3. Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 50 4. Normalization . . . . . . . . . . . . . . . . . . . . . . . . 7 51 5. Prohibited Output . . . . . . . . . . . . . . . . . . . . . . 8 52 6. Bidirectional Characters . . . . . . . . . . . . . . . . . . . 9 53 7. Security Considerations . . . . . . . . . . . . . . . . . . . 10 54 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 55 Normative References . . . . . . . . . . . . . . . . . . . . . 12 56 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 12 57 A. Revision History . . . . . . . . . . . . . . . . . . . . . . . 13 58 A.1 Changes from draft-ietf-xmpp-resourceprep-02 . . . . . . . . . 13 59 A.2 Changes from draft-ietf-xmpp-resourceprep-01 . . . . . . . . . 13 60 A.3 Changes from draft-ietf-xmpp-resourceprep-00 . . . . . . . . . 13 61 Intellectual Property and Copyright Statements . . . . . . . . 14 63 1. Introduction 65 This document, which defines a profile of stringprep (RFC 3454 [1]), 66 specifies processing rules that will enable users to enter 67 internationalized resource identifiers in XMPP (see XMPP Core [2]) 68 and have the highest chance of getting the content of the strings 69 correct. These processing rules are intended only for XMPP resource 70 identifiers (which are often associated with session names), and are 71 not intended for arbitrary text. 73 This profile defines the following, as required by RFC 3454 [1]: 75 o The intended applicability of the profile: internationalized 76 resource identifiers within XMPP 78 o The character repertoire that is the input and output to 79 stringprep: Unicode 3.2, specified in section 2 81 o The mappings used: specified in section 3 83 o The Unicode normalization used: specified in section 4 85 o The characters that are prohibited as output: specified in section 86 5 88 o Bidirectional character handling: specified in section 6 90 1.1 Terminology 92 This document inherits the terminology defined in XMPP Core [2]. 94 The capitalized key words "MUST", "MUST NOT", "REQUIRED", "SHALL", 95 "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and 96 "OPTIONAL" in this document are to be interpreted as described in RFC 97 2119 [3]. 99 1.2 Discussion Venue 101 The authors welcome discussion and comments related to the topics 102 presented in this document. The preferred forum is the 103 mailing list, for which archives and subscription 104 information are available at . 107 1.3 Intellectual Property Notice 109 This document is in full compliance with all provisions of Section 10 110 of RFC 2026. Parts of this specification use the term "jabber" for 111 identifying namespaces and other protocol syntax. Jabber[tm] is a 112 registered trademark of Jabber, Inc. Jabber, Inc. grants permission 113 to the IETF for use of the Jabber trademark in association with this 114 specification and its successors, if any. 116 2. Character Repertoire 118 This profile uses Unicode 3.2 with the list of unassigned code points 119 being Table A.1, both defined in Appendix A of RFC 3454 [1]. 121 3. Mapping 123 This profile specifies mapping using the following tables from RFC 124 3454 [1]: 126 Table B.1 128 4. Normalization 130 This profile specifies using Unicode normalization form KC, as 131 described in RFC 3454 [1]. 133 5. Prohibited Output 135 This profile specifies prohibiting use of the following tables from 136 RFC 3454 [1]. 138 Table C.1.2 140 Table C.2.1 142 Table C.2.2 144 Table C.3 146 Table C.4 148 Table C.5 150 Table C.6 152 Table C.7 154 Table C.8 156 Table C.9 158 6. Bidirectional Characters 160 This profile specifies checking bidirectional strings as described in 161 section 6 of RFC 3454 [1]. 163 7. Security Considerations 165 The Unicode and ISO/IEC 10646 repertoires have many characters that 166 look similar. In many cases, users of security protocols might do 167 visual matching, such as when comparing the names of trusted third 168 parties. Because it is impossible to map similar-looking characters 169 without a great deal of context such as knowing the fonts used, 170 stringprep does nothing to map similar-looking characters together 171 nor to prohibit some characters because they look like others. 173 A resource identifier can be employed as one part of an entity's 174 address in XMPP. One common usage is as the name for an instant 175 messaging user's active session; another is as the nickname of a user 176 in a multi-user chat room; and many other kinds of entities could use 177 resource identifiers as part of their addresses. The security of such 178 services could be compromised based on different interpretations of 179 the internationalized resource identifier; for example, a user could 180 attempt to initiate multiple sessions with the same name, or a user 181 could send a message to someone other than the intended recipient in 182 a multi-user chat room. 184 8. IANA Considerations 186 This is a profile of stringprep. If and when it becomes an RFC, it 187 should be registered in the stringprep profile registry maintained by 188 the IANA [4]. 190 Name of this profile: 192 Resourceprep 194 RFC in which the profile is defined: 196 This document 198 Indicator whether or not this is the newest version of the profile: 200 This is the first version of Resourceprep 202 Normative References 204 [1] Hoffman, P. and M. Blanchet, "Preparation of Internationalized 205 Strings ("stringprep")", RFC 3454, December 2002. 207 [2] Saint-Andre, P. and J. Miller, "XMPP Core", 208 draft-ietf-xmpp-core-13 (work in progress), June 2003. 210 [3] Bradner, S., "Key words for use in RFCs to Indicate Requirement 211 Levels", BCP 14, RFC 2119, March 1997. 213 [4] Internet Assigned Numbers Authority, "Internet Assigned Numbers 214 Authority", January 1998, . 216 Authors' Addresses 218 Peter Saint-Andre 219 Jabber Software Foundation 221 EMail: stpeter@jabber.org 222 URI: http://www.jabber.org/people/stpeter.php 224 Joe Hildebrand 225 Jabber, Inc. 227 EMail: jhildebrand@jabber.com 228 URI: http://www.jabber.org/people/hildjj.php 230 Appendix A. Revision History 232 Note to RFC Editor: please remove this entire appendix, and the 233 corresponding entries in the table of contents, prior to publication. 235 A.1 Changes from draft-ietf-xmpp-resourceprep-02 237 o Provided additional examples of resource identifier usage. 239 o Made several small editorial changes. 241 A.2 Changes from draft-ietf-xmpp-resourceprep-01 243 o Made small editorial changes to address RFC Editor requirements. 245 A.3 Changes from draft-ietf-xmpp-resourceprep-00 247 o Clarified references to Unicode 3.2 and unassigned code points. 249 o Corrected normalization routine. 251 o Removed reference to section B.2 of RFC 3454 (no case folding 252 required). 254 Intellectual Property Statement 256 The IETF takes no position regarding the validity or scope of any 257 intellectual property or other rights that might be claimed to 258 pertain to the implementation or use of the technology described in 259 this document or the extent to which any license under such rights 260 might or might not be available; neither does it represent that it 261 has made any effort to identify any such rights. Information on the 262 IETF's procedures with respect to rights in standards-track and 263 standards-related documentation can be found in BCP-11. Copies of 264 claims of rights made available for publication and any assurances of 265 licenses to be made available, or the result of an attempt made to 266 obtain a general license or permission for the use of such 267 proprietary rights by implementors or users of this specification can 268 be obtained from the IETF Secretariat. 270 The IETF invites any interested party to bring to its attention any 271 copyrights, patents or patent applications, or other proprietary 272 rights which may cover technology that may be required to practice 273 this standard. Please address the information to the IETF Executive 274 Director. 276 Full Copyright Statement 278 Copyright (C) The Internet Society (2003). All Rights Reserved. 280 This document and translations of it may be copied and furnished to 281 others, and derivative works that comment on or otherwise explain it 282 or assist in its implementation may be prepared, copied, published 283 and distributed, in whole or in part, without restriction of any 284 kind, provided that the above copyright notice and this paragraph are 285 included on all such copies and derivative works. However, this 286 document itself may not be modified in any way, such as by removing 287 the copyright notice or references to the Internet Society or other 288 Internet organizations, except as needed for the purpose of 289 developing Internet standards in which case the procedures for 290 copyrights defined in the Internet Standards process must be 291 followed, or as required to translate it into languages other than 292 English. 294 The limited permissions granted above are perpetual and will not be 295 revoked by the Internet Society or its successors or assignees. 297 This document and the information contained herein is provided on an 298 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 299 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 300 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 301 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 302 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 304 Acknowledgement 306 Funding for the RFC Editor function is currently provided by the 307 Internet Society.