-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathdraft-ietf-precis-7700bis.xml
407 lines (356 loc) · 24.1 KB
/
draft-ietf-precis-7700bis.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<?rfc sortrefs="yes"?>
<?rfc strict="yes"?>
<?rfc symrefs="yes"?>
<?rfc toc="yes"?>
<?rfc tocdepth="4"?>
<rfc category="std" ipr="trust200902" docName="draft-ietf-precis-7700bis-10" obsoletes="7700">
<front>
<title abbrev="PRECIS: Nickname">Preparation, Enforcement, and Comparison of Internationalized Strings Representing Nicknames</title>
<author initials="P." surname="Saint-Andre" fullname="Peter Saint-Andre">
<organization>Filament</organization>
<address>
<postal>
<street>18335 E 103rd Ave, Suite 203</street>
<city>Commerce City</city>
<region>CO</region>
<code>80022</code>
<country>USA</country>
</postal>
<phone>+1 720 256 6756</phone>
<uri>https://filament.com/</uri>
</address>
</author>
<date/>
<area>Applications</area>
<workgroup>PRECIS</workgroup>
<keyword>nickname</keyword>
<keyword>SIP</keyword>
<keyword>SIMPLE</keyword>
<keyword>XMPP</keyword>
<keyword>MSRP</keyword>
<keyword>XCON</keyword>
<keyword>chatrooms</keyword>
<abstract>
<t>This document describes methods for handling Unicode strings representing memorable, human-friendly names (called "nicknames", "display names", or "petnames") for people, devices, accounts, websites, and other entities. This document obsoletes RFC 7700.</t>
</abstract>
</front>
<middle>
<section title="Introduction" anchor="intro">
<section title="Overview" anchor="overview">
<t>A number of technologies and applications provide the ability for a person to choose a memorable, human-friendly name in a communications context, or to set such a name for another entity such as a device, account, contact, or website. Such names are variously called "nicknames" (e.g., in chat room applications), "display names" (e.g., in Internet mail), or "petnames" (see <xref target='PETNAME-SYSTEMS'/>); for consistency, these are all called "nicknames" in this document.</t>
<t>Nicknames are commonly supported in technologies for textual chat rooms, e.g., Internet Relay Chat <xref target='RFC2811'/> and multi-party chat technologies based on the Extensible Messaging and Presence Protocol (XMPP) <xref target='RFC6120'/> <xref target='XEP-0045'/>, the Message Session Relay Protocol (MSRP) <xref target='RFC4975'/> <xref target='RFC7701'/>, and Centralized Conferencing (XCON) <xref target='RFC5239'/> <xref target='XCON-SYSTEM'/>. Recent chat room technologies also allow internationalized nicknames because they support code points from outside the ASCII range <xref target='RFC20'/>, typically by means of the Unicode coded character set <xref target='Unicode'/>. Although such nicknames tend to be used primarily for display purposes, they are sometimes used for programmatic purposes as well (e.g., kicking users or avoiding nickname conflicts).</t>
<t>A similar usage enables a person to set their own preferred display name or to set a preferred display name for another user (e.g., the "display-name" construct in the Internet message format <xref target='RFC5322'/> and <xref target='XEP-0172'/> in XMPP).</t>
<t>Memorable, human-friendly names are also used in contexts other than personal messaging, such as names for devices (e.g., in a network visualization application), websites (e.g., for bookmarks in a web browser), accounts (e.g., in a web interface for a list of payees in a bank account), people (e.g., in a contact list application), and the like.</t>
<t>The rules specified in this document can be applied in all of the foregoing contexts.</t>
<t>To increase the likelihood that memorable, human-friendly names will work in ways that make sense for typical users throughout the world, this document defines rules for preparing, enforcing, and comparing internationalized nicknames.</t>
</section>
<section title="Terminology" anchor="terms">
<t>Many important terms used in this document are defined in <xref target='I-D.ietf-precis-7564bis'/>, <xref target='RFC6365'/>, and <xref target='Unicode'/>.</t>
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in <xref target='RFC2119'/>.</t>
</section>
</section>
<section title='Nickname Profile' anchor='rules'>
<section title='Rules' anchor='rules-rules'>
<t>The following rules apply within the Nickname profile of the PRECIS FreeformClass defined in the PRECIS framework specification <xref target='I-D.ietf-precis-7564bis'/>.</t>
<t>
<list style='numbers'>
<t>Width Mapping Rule: There is no width-mapping rule (such a rule is not necessary because width mapping is performed as part of normalization using Normalization Form KC (NFKC) as specified below).</t>
<t>Additional Mapping Rule: The additional mapping rule consists of the following sub-rules.
<list>
<t>Map any instances of non-ASCII space to ASCII space (U+0020); a non-ASCII space is any Unicode code point having a general category of "Zs", naturally with the exception of U+0020. (The inclusion of only ASCII space prevents confusion with various non-ASCII space code points, many of which are difficult to reproduce across different input methods.)</t>
<t>Remove any instances of the ASCII space character at the beginning or end of a nickname (e.g., "stpeter " is mapped to "stpeter").</t>
<t>Map interior sequences of more than one ASCII space character to a single ASCII space character (e.g., "St  Peter" is mapped to "St Peter").</t>
</list>
</t>
<t>Case Mapping Rule: Apply the Unicode toLower() operation, as defined in the Unicode Standard <xref target='Unicode'/>. In applications that prohibit conflicting nicknames, this rule helps to reduce the possibility of confusion by ensuring that nicknames differing only by case (e.g., "stpeter" vs. "StPeter") would not be presented to a human user at the same time. (As explained below, this is typically appropriate only for comparison, not for enforcement.)</t>
<t>Normalization Rule: Apply Unicode Normalization Form KC. Because NFKC is more "aggressive" in finding matches than other normalization forms (in the terminology of Unicode, it performs both canonical and compatibility decomposition before recomposing code points), this rule helps to reduce the possibility of confusion by increasing the number of code points that would match (e.g., U+2163 ROMAN NUMERAL FOUR would match the combination of U+0049 LATIN CAPITAL LETTER I and U+0056 LATIN CAPITAL LETTER V).</t>
<t>Directionality Rule: There is no directionality rule. The "Bidi Rule" (defined in <xref target='RFC5893'/>) and similar rules are unnecessary and inapplicable to nicknames, because it is perfectly acceptable for a given nickname to be presented differently in different layout systems (e.g., a user interface that is configured to handle primarily a right-to-left script versus an interface that is configured to handle primarily a left-to-right script), as long as the presentation is consistent in any given layout system.</t>
</list>
</t>
</section>
<section title='Preparation' anchor='rules-prep'>
<t>An entity that prepares an input string for subsequent enforcement according to this profile MUST ensure that the string consists only of Unicode code points that conform to the FreeformClass string class defined in <xref target='I-D.ietf-precis-7564bis'/>.</t>
</section>
<section title='Enforcement' anchor='rules-enforce'>
<t>An entity that performs enforcement according to this profile MUST prepare an input string as described in <xref target='rules-prep'/> and MUST also apply the following rules specified in <xref target='rules-rules'/> in the order shown:
<list style="numbers">
<?rfc subcompact="yes"?>
<t>Additional Mapping Rule</t>
<t>Normalization Rule</t>
</list></t>
<?rfc subcompact="no"?>
<t>Note: An entity SHOULD apply the Case Mapping Rule only during comparison.</t>
<t>After all of the foregoing rules have been enforced, the entity MUST
ensure that the nickname is not zero bytes in length (this is done
after enforcing the rules to prevent applications from mistakenly
omitting a nickname entirely, because when internationalized
strings are accepted, a non-empty sequence of characters can
result in a zero-length nickname after canonicalization).</t>
<t>The result of the foregoing operations is an output string that conforms
to the Nickname profile. Until an implementation produces such an output string,
it MUST NOT treat the string as conforming (in particular, it MUST NOT
assume that an input string is conforming before the enforcement operation
has been completed).</t>
</section>
<section title="Comparison" anchor="rules-comp">
<t> An entity that performs comparison of two strings according to this
profile MUST prepare each input string as specified in <xref target='rules-prep'/> and
MUST apply the following rules specified in <xref target='rules-rules'/> in the order
shown:
<?rfc subcompact="yes"?>
<list style="numbers">
<t>Additional Mapping Rule</t>
<t>Case Mapping Rule</t>
<t>Normalization Rule</t>
</list></t>
<?rfc subcompact="no"?>
<t>The two strings are to be considered equivalent if and only if they are an exact
octet-for-octet match (sometimes called "bit-string identity").
</t>
<t>Until an implementation determines whether two strings are to be considered equivalent,
it MUST NOT treat them as equivalent (in particular, it MUST NOT assume that an input
string conforms to the rules before the comparison operation has been completed).</t>
</section>
</section>
<section title="Examples" anchor="examples">
<t>The following examples illustrate a small number of nicknames that are consistent with the format defined above, along with the output string resulting from application of the PRECIS rules (note that the characters < and > are used to delineate the actual nickname and are not part of the nickname strings).</t>
<figure>
<preamble>Table 1: A Sample of Legal Nicknames</preamble>
<artwork><![CDATA[
+---------------------------+-----------------------------------+
| # | Nickname | Output for Comparison |
+---------------------------+-----------------------------------+
| 1 | <Foo> | <foo> |
+---------------------------+-----------------------------------+
| 2 | <foo> | <foo> |
+---------------------------+-----------------------------------+
| 3 | <Foo Bar> | <foo bar> |
+---------------------------+-----------------------------------+
| 4 | <foo bar> | <foo bar> |
+---------------------------+-----------------------------------+
| 5 | <Σ> | GREEK SMALL LETTER SIGMA (U+03C3) |
+---------------------------+-----------------------------------+
| 6 | <σ> | GREEK SMALL LETTER SIGMA (U+03C3) |
+---------------------------+-----------------------------------+
| 7 | <ς> | GREEK SMALL LETTER FINAL SIGMA |
| | | (U+03C2) |
+---------------------------+-----------------------------------+
| 8 | <♚> | BLACK CHESS KING (U+265A) |
+---------------------------+-----------------------------------+
| 9 | <Richard Ⅳ> | <richard iv> |
+---------------------------+-----------------------------------+
]]></artwork>
</figure>
<t>Regarding examples 5, 6, and 7: applying the Unicode toLower() operation
to GREEK CAPITAL LETTER SIGMA (U+03A3) results in GREEK SMALL LETTER
SIGMA (U+03C3), however the toLower() operation does not modify GREEK SMALL
LETTER FINAL SIGMA (U+03C2); therefore, the comparison operation defined in
<xref target="rules-comp"/> would result in matching of the nicknames in
examples 5 and 6 but not the nicknames in examples 5 and 7 or 6 and 7.
Regarding example 8: symbol characters such as BLACK CHESS KING
(U+265A) are allowed by the PRECIS FreeformClass and thus can be
used in nicknames. Regarding example 9: applying the Unicode
toLower() operation to ROMAN NUMERAL FOUR (U+2163) results in SMALL ROMAN
NUMERAL FOUR (U+2173), and applying NFKC to SMALL ROMAN NUMERAL
FOUR (U+2173) results in LATIN SMALL LETTER I (U+0069) LATIN SMALL
LETTER V (U+0086).</t>
</section>
<section title="Use in Application Protocols" anchor="use">
<t>This specification defines only the PRECIS-based rules for handling of nickname strings. It is the responsibility of an application protocol (e.g., MSRP, XCON, or XMPP) or application definition to specify the protocol slots in which nickname strings can appear, the entities that are expected to enforce the rules governing nickname strings, and when in protocol processing or interface handling the rules need to be enforced. See Section 6 of <xref target='I-D.ietf-precis-7564bis'/> for guidelines about using PRECIS profiles in applications.</t>
<t>Above and beyond the PRECIS-based rules specified here, application protocols can also define application-specific rules governing nickname strings (rules regarding the minimum or maximum length of nicknames, further restrictions on allowable code points or character ranges, safeguards to mitigate the effects of visually similar characters, etc.).</t>
<t>Naturally, application protocols can also specify rules governing the actual use of nicknames in applications (reserved nicknames, authorization requirements for using nicknames, whether certain nicknames can be prohibited, handling of duplicates, the relationship between nicknames and underlying identifiers such as SIP URIs or Jabber IDs, etc.).</t>
<t>Entities that enforce the rules specified in this document are encouraged to be liberal in what they accept by following this procedure:</t>
<t>
<list style='numbers'>
<t>Where possible, map characters (e.g, through width mapping, additional mapping, case mapping, or normalization) and accept the mapped string.</t>
<t>If mapping is not possible (e.g., because a character is disallowed in the FreeformClass), reject the string.</t>
</list>
</t>
<t>Implementation experience has shown that applying the rules for the Nickname profile is not an idempotent procedure for all code points. Therefore, an implementation SHOULD apply the rules repeatedly until the output string is stable; if the output string does not stabilize after reapplying the rules three (3) additional times, the implementation SHOULD terminate application of the rules and reject the input string as invalid.</t>
</section>
<section title="IANA Considerations" anchor="iana">
<t>The IANA shall add the following entry to the PRECIS Profiles Registry:</t>
<t>
<list style='hanging'>
<t hangText='Name:'>Nickname</t>
<t hangText='Base Class:'>FreeformClass</t>
<t hangText='Applicability:'>Nicknames in messaging and text conferencing technologies; petnames for devices, accounts, and people; and other uses of nicknames or petnames.</t>
<t hangText='Replaces:'>None</t>
<t hangText='Width Mapping Rule:'>None (handled via NFKC)</t>
<t hangText='Additional Mapping Rule:'>Map non-ASCII space characters to ASCII space, strip leading and trailing space characters, map interior sequences of multiple space characters to a single ASCII space.</t>
<t hangText='Case Mapping Rule:'>Map uppercase and titlecase code points to lowercase using the Unicode toLower() operation.</t>
<t hangText='Normalization Rule:'>NFKC</t>
<t hangText='Directionality Rule:'>None</t>
<t hangText='Enforcement:'>To be specified by applications.</t>
<t hangText='Specification:'>[[this document]]</t>
</list>
</t>
</section>
<section title="Security Considerations" anchor="security">
<section title="Reuse of PRECIS" anchor="security-precis">
<t>The security considerations described in <xref target="I-D.ietf-precis-7564bis"/> apply to the FreeformClass string class used in this document for nicknames.</t>
</section>
<section title="Reuse of Unicode" anchor="security-unicode">
<t>The security considerations described in <xref target='UTS39'/> apply to the use of Unicode code points in nicknames.</t>
</section>
<section title="Visually Similar Characters" anchor="security-similar">
<t><xref target='I-D.ietf-precis-7564bis'/> describes some of the security considerations related to visually similar characters, also called "confusable characters" or "confusables", and provides some examples of such characters.</t>
<t>Although the mapping rules defined in <xref target='rules'/> of this document are designed, in part, to reduce the possibility of confusion about nicknames, this document does not provide more-detailed recommendations regarding the handling of visually similar characters, such as those provided in <xref target='UTS39'/>.</t>
</section>
</section>
</middle>
<back>
<references title="Normative References">
<?rfc include="reference.RFC.2119.xml"?>
<?rfc include="reference.RFC.5893.xml"?>
<?rfc include="reference.RFC.6365.xml"?>
<reference anchor='I-D.ietf-precis-7564bis'>
<front>
<title>PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols</title>
<author initials='P' surname='Saint-Andre' fullname='Peter Saint-Andre'>
<organization />
</author>
<author initials='M' surname='Blanchet' fullname='Marc Blanchet'>
<organization />
</author>
<date month='July' day='25' year='2017' />
<abstract><t>Application protocols using Unicode characters in protocol strings need to properly handle such strings in order to enforce internationalization rules for strings placed in various protocol slots (such as addresses and identifiers) and to perform valid comparison operations (e.g., for purposes of authentication or authorization). This document defines a framework enabling application protocols to perform the preparation, enforcement, and comparison of internationalized strings ("PRECIS") in a way that depends on the properties of Unicode characters and thus is agile with respect to versions of Unicode. As a result, this framework provides a more sustainable approach to the handling of internationalized strings than the previous framework, known as Stringprep (RFC 3454). This document obsoletes RFC 7564.</t></abstract>
</front>
<seriesInfo name='Internet-Draft' value='draft-ietf-precis-7564bis-10' />
<format type='TXT'
target='http://www.ietf.org/internet-drafts/draft-ietf-precis-7564bis-10.txt' />
</reference>
<reference anchor="Unicode" target="http://www.unicode.org/versions/latest/">
<front>
<title>The Unicode Standard</title>
<author>
<organization>The Unicode Consortium</organization>
</author>
<date />
</front>
</reference>
<reference anchor="UTS39" target='http://unicode.org/reports/tr39/'>
<front>
<title>Unicode Technical Standard #39: Unicode Security Mechanisms</title>
<author>
<organization>The Unicode Consortium</organization>
</author>
<date month="November" year="2013" />
</front>
</reference>
</references>
<references title="Informative References">
<reference anchor='RFC20' target='http://www.rfc-editor.org/info/rfc20'>
<front>
<title>ASCII format for network interchange</title>
<author initials='V.G.' surname='Cerf' fullname='V.G. Cerf'><organization /></author>
<date year='1969' month='October' />
</front>
<seriesInfo name='STD' value='80'/>
<seriesInfo name='RFC' value='20'/>
<seriesInfo name='DOI' value='10.17487/RFC0020'/>
</reference>
<?rfc include="reference.RFC.2811.xml"?>
<?rfc include="reference.RFC.4975.xml"?>
<?rfc include="reference.RFC.5239.xml"?>
<?rfc include="reference.RFC.5322.xml"?>
<?rfc include="reference.RFC.6120.xml"?>
<?rfc include="reference.RFC.7700.xml"?>
<?rfc include="reference.RFC.7701.xml"?>
<reference anchor='XCON-SYSTEM'>
<front>
<title>Chatrooms within a Centralized Conferencing (XCON) System</title>
<author initials='M' surname='Barnes' fullname='Mary Barnes'>
<organization />
</author>
<author initials='C' surname='Boulton' fullname='Chris Boulton'>
<organization />
</author>
<author initials='S' surname='Loreto' fullname='Salvatore Loreto'>
<organization />
</author>
<date month='July' day='16' year='2012' />
<abstract><t>The document "A Framework for Centralized Conferencing" defines a centralized conference as both signaling and protocol agnostic. The primary examples within this framework focus on audio and video as the media types for the session. This document provides an overview of the mechanisms defined in the centralized conferencing framework that can be used to support multi-user chat. In addition, the document describes additional functionality and requirements necessary to provide feature rich functionality.</t></abstract>
</front>
<seriesInfo name='Work in Progress,' value='draft-boulton-xcon-session-chat-08' />
</reference>
<reference anchor="XEP-0045" target="http://xmpp.org/extensions/xep-0045.html">
<front>
<title>Multi-User Chat</title>
<author initials="P." surname="Saint-Andre" fullname="Peter Saint-Andre">
<organization/>
<address>
</address>
</author>
<date day="08" month="February" year="2012"/>
</front>
<seriesInfo name="XSF XEP" value="0045"/>
<format type="HTML" target="http://xmpp.org/extensions/xep-0045.html"/>
</reference>
<reference anchor="XEP-0172" target="http://xmpp.org/extensions/xep-0172.html">
<front>
<title>User Nickname</title>
<author initials="P." surname="Saint-Andre" fullname="Peter Saint-Andre">
<organization/>
<address>
</address>
</author>
<author initials="V." surname="Mercier" fullname="Valerie Mercier">
<organization/>
<address>
</address>
</author>
<date day="21" month="March" year="2012"/>
</front>
<seriesInfo name="XSF XEP" value="0172"/>
</reference>
<reference anchor="PETNAME-SYSTEMS" target="http://www.skyhunter.com/marcs/petnames/IntroPetNames.html">
<front>
<title>An Introduction to Petname Systems</title>
<author initials="M." surname="Stiegler" fullname="Marc Stiegler">
<organization/>
<address>
<email></email>
</address>
</author>
<date month="February" year="2005"/>
</front>
<seriesInfo name="updated June" value="2012"/>
</reference>
<reference anchor="Err4570" target="http://www.rfc-editor.org">
<front>
<title>Erratum ID 4570</title>
<author>
<organization>RFC Errata</organization>
</author>
<date month="" year="" />
</front>
<seriesInfo name="RFC" value="7700" />
</reference>
</references>
<section title="Changes from RFC 7700" anchor="changes">
<t>The following changes were made from <xref target='RFC7700'/>.</t>
<t>
<list style='symbols'>
<t>Addressed <xref target="Err4570"/> by removing the directionality rule and adding the normalization rule to Section 2.3.</t>
<t>In accordance with working group discussions and updates to <xref target='I-D.ietf-precis-7564bis'/>, removed the use of the Unicode CaseFold() operation in favor of the Unicode toLower() operation.</t>
<t>Clarified several editorial matters.</t>
<t>Updated references.</t>
</list>
</t>
</section>
<section title="Acknowledgements" anchor="acks">
<t>Thanks to William Fisher for his implementation feedback, especially regarding idempotence.</t>
<t>Thanks to Sam Whited for his feedback and for submitting <xref target="Err4570"/>.</t>
<t>See <xref target='RFC7700'/> for acknowledgements related to the specification that this document supersedes.</t>
</section>
</back>
</rfc>