draft-ietf-precis-framework-05.txt   draft-ietf-precis-framework-06.txt 
Network Working Group P. Saint-Andre PRECIS P. Saint-Andre
Internet-Draft Cisco Systems, Inc. Internet-Draft Cisco Systems, Inc.
Obsoletes: 3454 (if approved) M. Blanchet Obsoletes: 3454 (if approved) M. Blanchet
Intended status: Standards Track Viagenie Intended status: Standards Track Viagenie
Expires: February 2, 2013 August 1, 2012 Expires: March 27, 2013 September 23, 2012
PRECIS Framework: Preparation and Comparison of Internationalized PRECIS Framework: Preparation and Comparison of Internationalized
Strings in Application Protocols Strings in Application Protocols
draft-ietf-precis-framework-05 draft-ietf-precis-framework-06
Abstract Abstract
Application protocols using Unicode code points in protocol strings Application protocols using Unicode code points in protocol strings
need to prepare such strings in order to perform comparison need to prepare such strings in order to perform comparison
operations (e.g., for purposes of authentication or authorization). operations (e.g., for purposes of authentication or authorization).
This document defines a framework enabling application protocols to This document defines a framework enabling application protocols to
handle various classes of strings in a way that depends on the perform the preparation and comparison of internationalized strings
properties of Unicode code points and that is agile with respect to (a.k.a. "PRECIS") in a way that depends on the properties of Unicode
versions of Unicode; as a result, this framework provides a more code points and thus is agile with respect to versions of Unicode.
sustainable approach to the handling of internationalized strings As a result, this framework provides a more sustainable approach to
than the previous framework, known as Stringprep (RFC 3454). A the handling of internationalized strings than the previous
specification that reuses this framework can either directly use the framework, known as Stringprep (RFC 3454). A specification that
base string classes or subclass the base string classes as needed. reuses this framework can either directly use the base string classes
This framework takes an approach similar to the revised or subclass the base string classes as needed. This framework takes
internationalized domain names in applications (IDNA) technology (RFC an approach similar to the revised internationalized domain names in
5890, RFC 5891, RFC 5892, RFC 5893, RFC 5894) and thus adheres to the applications (IDNA) technology (RFC 5890, RFC 5891, RFC 5892, RFC
high-level design goals described in RFC 4690, albeit for application 5893, RFC 5894) and thus adheres to the high-level design goals
technologies other than the Domain Name System (DNS). This document described in RFC 4690, albeit for application technologies other than
obsoletes RFC 3454. the Domain Name System (DNS). This document obsoletes RFC 3454.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 2, 2013. This Internet-Draft will expire on March 27, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 28 skipping to change at page 2, line 28
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. String Classes . . . . . . . . . . . . . . . . . . . . . . . . 5 3. String Classes . . . . . . . . . . . . . . . . . . . . . . . . 5
3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 5
3.2. NameClass . . . . . . . . . . . . . . . . . . . . . . . . 7 3.2. NameClass . . . . . . . . . . . . . . . . . . . . . . . . 7
3.2.1. Valid . . . . . . . . . . . . . . . . . . . . . . . . 7 3.2.1. Valid . . . . . . . . . . . . . . . . . . . . . . . . 7
3.2.2. Disallowed . . . . . . . . . . . . . . . . . . . . . . 7 3.2.2. Disallowed . . . . . . . . . . . . . . . . . . . . . . 8
3.2.3. Unassigned . . . . . . . . . . . . . . . . . . . . . . 8 3.2.3. Unassigned . . . . . . . . . . . . . . . . . . . . . . 8
3.2.4. Directionality . . . . . . . . . . . . . . . . . . . . 8 3.2.4. Normalization . . . . . . . . . . . . . . . . . . . . 8
3.2.5. Case Mapping . . . . . . . . . . . . . . . . . . . . . 8 3.2.5. Casemapping . . . . . . . . . . . . . . . . . . . . . 8
3.2.6. Normalization . . . . . . . . . . . . . . . . . . . . 8 3.2.6. Additional Mappings . . . . . . . . . . . . . . . . . 8
3.3. FreeClass . . . . . . . . . . . . . . . . . . . . . . . . 8 3.2.7. Directionality . . . . . . . . . . . . . . . . . . . . 8
3.3. FreeClass . . . . . . . . . . . . . . . . . . . . . . . . 9
3.3.1. Valid . . . . . . . . . . . . . . . . . . . . . . . . 9 3.3.1. Valid . . . . . . . . . . . . . . . . . . . . . . . . 9
3.3.2. Disallowed . . . . . . . . . . . . . . . . . . . . . . 9 3.3.2. Disallowed . . . . . . . . . . . . . . . . . . . . . . 9
3.3.3. Unassigned . . . . . . . . . . . . . . . . . . . . . . 9 3.3.3. Unassigned . . . . . . . . . . . . . . . . . . . . . . 9
3.3.4. Directionality . . . . . . . . . . . . . . . . . . . . 9 3.3.4. Normalization . . . . . . . . . . . . . . . . . . . . 9
3.3.5. Case Mapping . . . . . . . . . . . . . . . . . . . . . 9 3.3.5. Casemapping . . . . . . . . . . . . . . . . . . . . . 10
3.3.6. Normalization . . . . . . . . . . . . . . . . . . . . 10 3.3.6. Additional Mappings . . . . . . . . . . . . . . . . . 10
3.3.7. Directionality . . . . . . . . . . . . . . . . . . . . 10
4. Use of PRECIS String Classes . . . . . . . . . . . . . . . . . 10 4. Use of PRECIS String Classes . . . . . . . . . . . . . . . . . 10
4.1. Principles . . . . . . . . . . . . . . . . . . . . . . . . 10 4.1. Principles . . . . . . . . . . . . . . . . . . . . . . . . 10
4.2. Subclassing . . . . . . . . . . . . . . . . . . . . . . . 10 4.2. Subclassing . . . . . . . . . . . . . . . . . . . . . . . 11
4.3. A Note about Spaces . . . . . . . . . . . . . . . . . . . 11 4.3. A Note about Spaces . . . . . . . . . . . . . . . . . . . 11
5. Code Point Properties . . . . . . . . . . . . . . . . . . . . 12 5. Code Point Properties . . . . . . . . . . . . . . . . . . . . 12
6. Category Definitions Used to Calculate Derived Property 6. Category Definitions Used to Calculate Derived Property
Value . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Value . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
6.1. LetterDigits (A) . . . . . . . . . . . . . . . . . . . . . 14 6.1. LetterDigits (A) . . . . . . . . . . . . . . . . . . . . . 14
6.2. Unstable (B) . . . . . . . . . . . . . . . . . . . . . . . 14 6.2. Unstable (B) . . . . . . . . . . . . . . . . . . . . . . . 15
6.3. IgnorableProperties (C) . . . . . . . . . . . . . . . . . 15 6.3. IgnorableProperties (C) . . . . . . . . . . . . . . . . . 15
6.4. IgnorableBlocks (D) . . . . . . . . . . . . . . . . . . . 15 6.4. IgnorableBlocks (D) . . . . . . . . . . . . . . . . . . . 15
6.5. LDH (E) . . . . . . . . . . . . . . . . . . . . . . . . . 15 6.5. LDH (E) . . . . . . . . . . . . . . . . . . . . . . . . . 15
6.6. Exceptions (F) . . . . . . . . . . . . . . . . . . . . . . 15 6.6. Exceptions (F) . . . . . . . . . . . . . . . . . . . . . . 15
6.7. BackwardCompatible (G) . . . . . . . . . . . . . . . . . . 16 6.7. BackwardCompatible (G) . . . . . . . . . . . . . . . . . . 17
6.8. JoinControl (H) . . . . . . . . . . . . . . . . . . . . . 17 6.8. JoinControl (H) . . . . . . . . . . . . . . . . . . . . . 17
6.9. OldHangulJamo (I) . . . . . . . . . . . . . . . . . . . . 17 6.9. OldHangulJamo (I) . . . . . . . . . . . . . . . . . . . . 17
6.10. Unassigned (J) . . . . . . . . . . . . . . . . . . . . . . 17 6.10. Unassigned (J) . . . . . . . . . . . . . . . . . . . . . . 18
6.11. ASCII7 (K) . . . . . . . . . . . . . . . . . . . . . . . . 18 6.11. ASCII7 (K) . . . . . . . . . . . . . . . . . . . . . . . . 18
6.12. Controls (L) . . . . . . . . . . . . . . . . . . . . . . . 18 6.12. Controls (L) . . . . . . . . . . . . . . . . . . . . . . . 18
6.13. PrecisIgnorableProperties (M) . . . . . . . . . . . . . . 18 6.13. PrecisIgnorableProperties (M) . . . . . . . . . . . . . . 18
6.14. Spaces (N) . . . . . . . . . . . . . . . . . . . . . . . . 18 6.14. Spaces (N) . . . . . . . . . . . . . . . . . . . . . . . . 19
6.15. Symbols (O) . . . . . . . . . . . . . . . . . . . . . . . 18 6.15. Symbols (O) . . . . . . . . . . . . . . . . . . . . . . . 19
6.16. Punctuation (P) . . . . . . . . . . . . . . . . . . . . . 19 6.16. Punctuation (P) . . . . . . . . . . . . . . . . . . . . . 19
6.17. HasCompat (Q) . . . . . . . . . . . . . . . . . . . . . . 19 6.17. HasCompat (Q) . . . . . . . . . . . . . . . . . . . . . . 19
6.18. OtherLetterDigits (R) . . . . . . . . . . . . . . . . . . 19 6.18. OtherLetterDigits (R) . . . . . . . . . . . . . . . . . . 19
7. Calculation of the Derived Property . . . . . . . . . . . . . 19 7. Calculation of the Derived Property . . . . . . . . . . . . . 20
8. Code Points . . . . . . . . . . . . . . . . . . . . . . . . . 20 8. Code Points . . . . . . . . . . . . . . . . . . . . . . . . . 21
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20 9. Security Considerations . . . . . . . . . . . . . . . . . . . 21
9.1. PRECIS Derived Property Value Registry . . . . . . . . . . 20 9.1. General Issues . . . . . . . . . . . . . . . . . . . . . . 21
9.2. PRECIS Base Classes Registry . . . . . . . . . . . . . . . 21 9.2. Use of the NameClass . . . . . . . . . . . . . . . . . . . 21
9.3. PRECIS Subclasses Registry . . . . . . . . . . . . . . . . 21 9.3. Use of the FreeClass . . . . . . . . . . . . . . . . . . . 21
9.4. PRECIS Usage Registry . . . . . . . . . . . . . . . . . . 22 9.4. Local Character Set Issues . . . . . . . . . . . . . . . . 22
10. Security Considerations . . . . . . . . . . . . . . . . . . . 22 9.5. Visually Similar Characters . . . . . . . . . . . . . . . 22
10.1. General Issues . . . . . . . . . . . . . . . . . . . . . . 22 9.6. Security of Passwords . . . . . . . . . . . . . . . . . . 24
10.2. Use of the NameClass . . . . . . . . . . . . . . . . . . . 23 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25
10.3. Use of the FreeClass . . . . . . . . . . . . . . . . . . . 23 10.1. PRECIS Derived Property Value Registry . . . . . . . . . . 25
10.4. Local Character Set Issues . . . . . . . . . . . . . . . . 23 10.2. PRECIS Base Classes Registry . . . . . . . . . . . . . . . 25
10.5. Visually Similar Characters . . . . . . . . . . . . . . . 24 10.3. PRECIS Subclasses Registry . . . . . . . . . . . . . . . . 26
10.6. Security of Passwords and Passphrases . . . . . . . . . . 25 10.4. PRECIS Usage Registry . . . . . . . . . . . . . . . . . . 27
11. Interoperability Considerations . . . . . . . . . . . . . . . 26 11. Interoperability Considerations . . . . . . . . . . . . . . . 28
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 26 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 29
12.1. Normative References . . . . . . . . . . . . . . . . . . . 26 12.1. Normative References . . . . . . . . . . . . . . . . . . . 29
12.2. Informative References . . . . . . . . . . . . . . . . . . 27 12.2. Informative References . . . . . . . . . . . . . . . . . . 29
Appendix A. Codepoint Table . . . . . . . . . . . . . . . . . . . 29 Appendix A. Codepoint Table . . . . . . . . . . . . . . . . . . . 31
Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 64 Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 66
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 65 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 67
1. Introduction 1. Introduction
As described in [I-D.ietf-precis-problem-statement], many IETF As described in [I-D.ietf-precis-problem-statement], many IETF
protocols have used the Stringprep framework [RFC3454] as the basis protocols have used the Stringprep framework [RFC3454] as the basis
for preparing and comparing protocol strings that contain Unicode for preparing and comparing protocol strings that contain Unicode
code points [UNICODE]. The Stringprep framework was developed during code points [UNICODE]. The Stringprep framework was developed during
work on the original technology for internationalized domain names work on the original technology for internationalized domain names
(IDNs), here called "IDNA2003" [RFC3490], and Nameprep [RFC3491] was (IDNs), here called "IDNA2003" [RFC3490], and Nameprep [RFC3491] was
a Stringprep profile for the IDN case. At the time, Stringprep was the Stringprep profile for IDNs. At the time, Stringprep was
designed as a general framework so that other application protocols designed as a general framework so that other application protocols
could define their own Stringprep profiles for the preparation and could define their own Stringprep profiles for the preparation and
comparison of strings and identifiers, and a number of application comparison of strings and identifiers, and a number of application
protocols did define such profiles. protocols did define such profiles.
Since the publication of [RFC3454] in 2002, several significant After the publication of [RFC3454] in 2002, several significant
issues arose with the use of Stringprep in the IDN case, as issues arose with the use of Stringprep in the IDN case, as
documented in [RFC4690] (most significantly, Stringprep was tied to documented in [RFC4690] (most significantly, Stringprep was tied to
Unicode version 3.2). Therefore, the new IDNA specifications, here Unicode version 3.2). Therefore, the new IDNA specifications, here
called "IDNA2008" ([RFC5890], [RFC5891], [RFC5892], [RFC5893], called "IDNA2008" ([RFC5890], [RFC5891], [RFC5892], [RFC5893],
[RFC5894]), no longer use Stringprep and Nameprep. This migration [RFC5894]), no longer use Stringprep and Nameprep. This migration
away from Stringprep for internationalized domain names has prompted away from Stringprep for IDNs has prompted other "customers" of
other "customers" of Stringprep to consider new approaches to the Stringprep to consider new approaches to the preparation and
preparation and comparison of internationalized strings (a.k.a. comparison of internationalized strings (a.k.a. "PRECIS"), as
"PRECIS"), as described in [I-D.ietf-precis-problem-statement]. described in [I-D.ietf-precis-problem-statement].
This document defines a technical framework for a post-Stringprep This document defines a framework for a post-Stringprep approach to
approach to the preparation and comparison of internationalized the preparation and comparison of internationalized strings in
strings in application protocols. The framework is based on several application protocols, based on several principles:
principles:
1. Define a small set of base string classes appropriate for common 1. Define a small set of base string classes appropriate for common
application protocol constructs such as usernames and free-form application protocol constructs such as usernames and free-form
strings. strings.
2. Define each base string class in terms of Unicode code points and 2. Define each base string class in terms of Unicode code points and
their properties so that an algorithm can be used to determine their properties so that an algorithm can be used to determine
whether each code point or character category is valid, whether each code point or character category is valid,
disallowed, or unassigned. disallowed, or unassigned.
3. Defining string classes in terms of allowable code points (as in 3. Define string classes in terms of allowable code points, so that
IDNA2008), so that any code points not explicitly allowed are any code points not explicitly allowed are forbidden.
forbidden.
4. Enable application protocols to subclass the base string classes, 4. Enable application protocols to subclass the base string classes
mainly to disallow particular code points that are currently if needed, mainly to disallow particular code points that are
disallowed in the relevant application protocol (e.g., characters currently disallowed in the relevant application protocol (e.g.,
with special or reserved meaning, such as "@" and "/" when used characters with special or reserved meaning, such as "@" and "/"
as separators within identifiers). when used as separators within identifiers).
5. Leave various mapping operations (e.g., case preservation or 5. Leave various mapping operations (e.g., case preservation or
lowercasing, Unicode normalization, right-to-left characters) as lowercasing, Unicode normalization, mapping of certain characters
the responsibility of application protocols, as was done for to nothing, handling of right-to-left characters) as the
IDNA2008 through an IDNA-specific mapping document [RFC5895]. responsibility of application protocols, as was done for IDNA2008
through an IDNA-specific mapping document [RFC5895].
It is expected that this framework will yield the following benefits: It is expected that this framework will yield the following benefits:
o Application protocols will be more version-agile with regard to o Application protocols will be more version-agile with regard to
the Unicode database. the Unicode database.
o Implementers will be able to share code point tables and software o Implementers will be able to share code point tables and software
code across application protocols, most likely by means of code across application protocols, most likely by means of
software libraries. software libraries.
o End users will be able to acquire more accurate expectations about o End users will be able to acquire more accurate expectations about
the code points that are acceptable in various contexts. Given the code points that are acceptable in various contexts. Given
skipping to change at page 5, line 30 skipping to change at page 5, line 31
copy/paste operations between software implementing different copy/paste operations between software implementing different
application protocols will be more predictable and coherent. application protocols will be more predictable and coherent.
Although this framework is similar to IDNA2008 and borrows some of Although this framework is similar to IDNA2008 and borrows some of
the character categories defined in [RFC5892], it defines additional the character categories defined in [RFC5892], it defines additional
string classes and character categories to meet the needs of common string classes and character categories to meet the needs of common
application protocols. application protocols.
2. Terminology 2. Terminology
Many important terms used in this document are defined in Many important terms used in this document are defined in [RFC5890],
[I-D.ietf-precis-problem-statement], [RFC6365], [RFC5890], and [RFC6365], [I-D.ietf-precis-problem-statement], and [UNICODE].
[UNICODE].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
[RFC2119]. [RFC2119].
3. String Classes 3. String Classes
3.1. Overview 3.1. Overview
skipping to change at page 6, line 8 skipping to change at page 6, line 8
document does not define a string class for domain names, and document does not define a string class for domain names, and
application protocols are strongly encouraged to use IDNA2008 as the application protocols are strongly encouraged to use IDNA2008 as the
appropriate method to prepare domain names and hostnames.) Because appropriate method to prepare domain names and hostnames.) Because
the IDN string class is designed to meet the particular requirements the IDN string class is designed to meet the particular requirements
of the Domain Name System (DNS), additional string classes are needed of the Domain Name System (DNS), additional string classes are needed
for non-DNS applications. for non-DNS applications.
Starting in 2010, various "customers" of Stringprep began to discuss Starting in 2010, various "customers" of Stringprep began to discuss
the need to define a post-Stringprep approach to the preparation and the need to define a post-Stringprep approach to the preparation and
comparison of internationalized strings. As a result of analyzing comparison of internationalized strings. As a result of analyzing
existing Stringprep profiles, this community of customers concluded existing Stringprep profiles, this community concluded that most
that most existing uses could be addressed by two base string existing uses could be addressed by two base string classes:
classes:
NameClass: a sequence of letters, numbers, and symbols that is used NameClass: a sequence of letters, numbers, and symbols that is used
to identify or address a network entity such as a user account, a to identify or address a network entity such as a user account, a
venue (e.g., a chatroom), an information source (e.g., a data venue (e.g., a chatroom), an information source (e.g., a data
feed), or a collection of data (e.g., a file); the intent is that feed), or a collection of data (e.g., a file); the intent is that
this class will be very safe for use in a wide variety of this class will be very safe for use in a wide variety of
application protocols, with the result that safety has been application protocols, with the result that safety has been
prioritized over inclusiveness for this class. prioritized over inclusiveness for this class.
FreeClass: a sequence of letters, numbers, symbols, spaces, and FreeClass: a sequence of letters, numbers, symbols, spaces, and
other code points that is used for free-form strings, including other code points that is used for free-form strings, including
passwords and passphrases as well as display elements such as passwords as well as display elements such as human-friendly
human-friendly nicknames in chatrooms; the intent is that this nicknames in chatrooms; the intent is that this class will allow
class will allow nearly any Unicode character, with the result nearly any Unicode character, with the result that inclusiveness
that inclusiveness has been prioritized over safety for this class has been prioritized over safety for this class (e.g., protocol
(e.g., protocol designers, application developers, service designers, application developers, service providers, and end
providers, and end users might not understand or be able to enter users might not understand or be able to enter all of the
all of the characters that can be included in the FreeClass). characters that can be included in the FreeClass).
Although members of the community discussed the possibility of Although members of the community discussed the possibility of
defining other bases string classes (e.g., a class falling somewhere defining other bases string classes (e.g., a class falling somewhere
between the NameClass and the FreeClass), they concluded that the between the NameClass and the FreeClass), they concluded that the
NameClass would be a safe choice meeting the needs of many or even NameClass would be a safe choice meeting the needs of many or even
most application protocols, and that protocols needing a wider range most application protocols, and that protocols needing a wider range
of Unicode characters could subclass the FreeClass. of Unicode characters could use the FreeClass directly or subclass it
if needed.
The following subsections discuss the NameClass and FreeClass in more The following subsections discuss the NameClass and FreeClass in more
detail, with reference to the dimensions described in Section 3 of detail, with reference to the dimensions described in Section 3 of
[I-D.ietf-precis-problem-statement]. (Naturally, future documents [I-D.ietf-precis-problem-statement]. (Naturally, future documents
can define base string classes beyond the NameClass and FreeClass; can define base string classes beyond the NameClass and FreeClass;
see Section 9.2.) In particular, each string class is defined by the see Section 10.2.) Each string class (or a particular usage thereof)
following behavioral rules: is defined by the following behavioral rules:
Valid: defines which code points and character categories are Valid: defines which code points and character categories are
treated as valid input to preparation of the string. treated as valid input to the string.
Disallowed: defines which code points and character categories are Disallowed: defines which code points and character categories are
treated as disallowed during preparation of the string. treated as disallowed for the string.
Unassigned: defines application behavior in the presence of code Unassigned: defines application behavior in the presence of code
points that are unassigned, i.e. unknown for the version of points that are unassigned, i.e. unknown for the version of
Unicode the application is built upon. Unicode the application is built upon.
Normalization: defines which Unicode normalization form (D, KD, C,
or KC) is to be applied (see [UAX15]).
Casemapping: specifies if casemapping is performed (instead of case
preservation), and how the mapping is done (e.g., mapping
uppercase and titlecase characters to their lowercase
equivalents).
Directionality: defines application behavior in the presence of code Directionality: defines application behavior in the presence of code
points that have directionality, in particular right-to-left code points that have directionality, in particular right-to-left code
points as defined in the Unicode database (see [UAX9]). points as defined in the Unicode database (see [UAX9]).
Casemapping: defines if case mapping is used for this class (instead
of case preservation), and how the mapping is done.
Normalization: defines which Unicode normalization form (D, KD, C,
or KC) is to be applied (see [UAX15]).
This document defines the valid, disallowed, and unassigned rules for This document defines the valid, disallowed, and unassigned rules for
the NameClass and FreeClass. Application protocols that use these the NameClass and FreeClass. Application protocols that use these
string classes are responsible for defining the directionality, string classes are responsible for defining the normalization,
casemapping, and normalization rules. casemapping, and directionality rules, as well as any additional
mappings to be applied (e.g., mapping fullwidth and halfwidth
characters to their decomposition equivalents).
Note well that in order to ensure proper comparison, any NOTE: In order to ensure proper comparison, any normalization MUST be
normalization MUST be completed before the application of additional completed before the application of additional mappings or the
mappings or the process of checking whether a code point is valid, process of checking whether a code point is valid, disallowed, or
disallowed, or unassigned. unassigned.
3.2. NameClass 3.2. NameClass
Most application technologies need a special class of strings that Most application technologies need strings that can be used to refer
can be used to refer to, include, or communicate things like to, include, or communicate things like usernames, file names, data
usernames, file names, data feed names, and chatroom names. We group feed names, and chatroom names. We group such things into a class
such things into a bucket called "NameClass" having the following called "NameClass" having the following features.
features.
3.2.1. Valid 3.2.1. Valid
o Traditional letters and numbers, i.e., the LetterDigits ("A") o Code points traditionally used as letters and numbers in writing
category first defined in [RFC5892] and listed here under systems, i.e., the LetterDigits ("A") category first defined in
Section 6.1. [RFC5892] and listed here under Section 6.1.
o Code points in the range U+0021 through U+007E, i.e., the ASCII7 o Code points in the range U+0021 through U+007E, i.e., the ASCII7
("K") rule defined under Section 6.11. These code points are ("K") rule defined under Section 6.11. These code points are
valid even if they would otherwise be disallowed according to the "grandfathered" into PRECIS and thus are valid even if they would
property-based rules specified in the next section. otherwise be disallowed according to the property-based rules
specified in the next section.
3.2.2. Disallowed 3.2.2. Disallowed
o Control characters, i.e., the Controls ("L") category defined o Control characters, i.e., the Controls ("L") category defined
under Section 6.12. under Section 6.12.
o Ignorable characters, i.e., the PrecisIgnorableProperties ("M") o Ignorable characters, i.e., the PrecisIgnorableProperties ("M")
category defined under Section 6.13. category defined under Section 6.13.
o Space characters, i.e., the Spaces ("N") category defined under o Space characters, i.e., the Spaces ("N") category defined under
Section 6.14. Section 6.14.
o Symbol characters, i.e., the Symbols ("O") category defined under o Symbol characters, i.e., the Symbols ("O") category defined under
Section 6.15. Section 6.15.
o Punctuation characters, i.e., the Punctuation ("P") category o Punctuation characters, i.e., the Punctuation ("P") category
defined under Section 6.16. defined under Section 6.16.
o Any character that has a compatibility equivalent, i.e., the o Any character that has a compatibility equivalent, i.e., the
HasCompat ("Q") category defined under Section 6.17. These code HasCompat ("Q") category defined under Section 6.17. These code
skipping to change at page 8, line 27 skipping to change at page 8, line 31
section. section.
o Letters and digits other than the "traditional" letters and digits o Letters and digits other than the "traditional" letters and digits
allowed in IDNs, i.e., the OtherLetterDigits ("R") category allowed in IDNs, i.e., the OtherLetterDigits ("R") category
defined under Section 6.18. defined under Section 6.18.
3.2.3. Unassigned 3.2.3. Unassigned
Any code points that are not yet assigned in the Unicode character Any code points that are not yet assigned in the Unicode character
set SHALL be considered Unassigned for purposes of the NameClass. set SHALL be considered Unassigned for purposes of the NameClass.
3.2.4. Directionality 3.2.4. Normalization
The directionality rule MUST be specified by each application The Unicode normalization form MUST be specified by each application
protocol that uses or subclasses the NameClass. protocol that uses or subclasses the NameClass.
3.2.5. Case Mapping However, in accordance with [RFC5198], normalization form C (NFC) is
RECOMMENDED.
3.2.5. Casemapping
The casemapping rule MUST be specified by each application protocol The casemapping rule MUST be specified by each application protocol
that uses or subclasses the NameClass. that uses or subclasses the NameClass.
3.2.6. Normalization 3.2.6. Additional Mappings
The normalization form MUST be specified by each application protocol Additional mapping rules (if any) MUST be specified by each
that uses or subclasses the NameClass. application protocol that uses or subclasses the NameClass.
However, in accordance with [RFC5198], normalization form C (NFC) is 3.2.7. Directionality
RECOMMENDED.
The directionality rule MUST be specified by each application
protocol that uses or subclasses the NameClass.
3.3. FreeClass 3.3. FreeClass
Some application technologies need a special class of strings that Some application technologies need strings that can be used in a
can be used in a free-form way, e.g., as a passphrase in an free-form way, e.g., as a password in an authentication exchange (see
authentication exchange (see [I-D.melnikov-precis-saslprepbis] or a [I-D.melnikov-precis-saslprepbis] or a nickname in a chatroom (see
nickname in a chatroom (see [I-D.saintandre-precis-nickname]). We [I-D.ietf-precis-nickname]). We group such things into a class
group such things into a bucket called "FreeClass" having the called "FreeClass" having the following features.
following features.
NOTE: Consult Section 10.6 for relevant security considerations when NOTE: Consult Section 9.6 for relevant security considerations when
strings conforming to the FreeClass, or a subclass thereof, are used strings conforming to the FreeClass, or a subclass thereof, are used
as passwords or passphrases. as passwords.
3.3.1. Valid 3.3.1. Valid
o Traditional letters and numbers, i.e., the LetterDigits ("A") o Traditional letters and numbers, i.e., the LetterDigits ("A")
category first defined in [RFC5892] and listed here under category first defined in [RFC5892] and listed here under
Section 6.1. Section 6.1.
o Additional letters and numbers, i.e., the OtherLetterDigits ("R") o Letters and digits other than the "traditional" letters and digits
category defined under Section 6.18. allowed in IDNs, i.e., the OtherLetterDigits ("R") category
defined under Section 6.18.
o Code points in the range U+0021 through U+007E, i.e., the ASCII7 o Code points in the range U+0021 through U+007E, i.e., the ASCII7
("K") rule defined under Section 6.11. ("K") rule defined under Section 6.11.
o Any character that has a compatibility equivalent, i.e., the o Any character that has a compatibility equivalent, i.e., the
HasCompat ("Q") category defined under Section 6.17. HasCompat ("Q") category defined under Section 6.17.
o Space characters, i.e., the Spaces ("N") category defined under o Space characters, i.e., the Spaces ("N") category defined under
Section 6.14. Section 6.14.
o Symbol characters, i.e., the Symbols ("O") category defined under o Symbol characters, i.e., the Symbols ("O") category defined under
Section 6.15. Section 6.15.
o Punctuation characters, i.e., the Punctuation ("P") category o Punctuation characters, i.e., the Punctuation ("P") category
defined under Section 6.16. defined under Section 6.16.
o Letters and digits other than the "traditional" letters and digits
allowed in IDNs, i.e., the OtherLetterDigits ("R") category
defined under Section 6.18.
3.3.2. Disallowed 3.3.2. Disallowed
o Control characters, i.e., the Controls ("L") category defined o Control characters, i.e., the Controls ("L") category defined
under Section 6.12. under Section 6.12.
o Ignorable characters, i.e., the PrecisIgnorableProperties ("M") o Ignorable characters, i.e., the PrecisIgnorableProperties ("M")
category defined under Section 6.13. category defined under Section 6.13.
3.3.3. Unassigned 3.3.3. Unassigned
Any code points that are not yet assigned in the Unicode character Any code points that are not yet assigned in the Unicode character
set SHALL be considered Unassigned for purposes of the FreeClass. set SHALL be considered Unassigned for purposes of the FreeClass.
3.3.4. Directionality 3.3.4. Normalization
The directionality rule MUST be specified by each application The Unicode normalization form MUST be specified by each application
protocol that uses or subclasses the FreeClass. protocol that uses or subclasses the FreeClass.
3.3.5. Case Mapping However, in accordance with [RFC5198], normalization form C (NFC) is
RECOMMENDED.
3.3.5. Casemapping
The casemapping rule MUST be specified by each application protocol The casemapping rule MUST be specified by each application protocol
that uses or subclasses the FreeClass. that uses or subclasses the FreeClass.
In general, case preservation is NOT RECOMMENDED for application In general, the combination of case preservation and case-insensitive
protocols that perform case-insensitive comparison of comparison of internationalized strings is NOT RECOMMENDED; instead,
internationalized strings; instead, application protocols SHOULD application protocols SHOULD either (a) not preserve case but perform
either (a) not preserve case but perform case-insensitive matching or case-insensitive comparison or (b) preserve case but perform case-
(b) preserve case but perform case-sensitive comparison. sensitive comparison.
In order to maximize entropy, it is NOT RECOMMENDED for application In order to maximize entropy and minimize the potential for false
protocols to map uppercase and titlecase code points to their positives, it is NOT RECOMMENDED for application protocols to map
lowercase equivalents when strings conforming to the FreeClass, or a uppercase and titlecase code points to their lowercase equivalents
subclass thereof, are used in passwords or passphrases; instead, it when strings conforming to the FreeClass, or a subclass thereof, are
is RECOMMENDED to preserve the case of all code points contained in used in passwords; instead, it is RECOMMENDED to preserve the case of
such strings. all code points contained in such strings and then perform case-
sensitive comparison. See also the related discussion in
[I-D.melnikov-precis-saslprepbis].
3.3.6. Normalization 3.3.6. Additional Mappings
The normalization form MUST be specified by each application protocol Additional mapping rules (if any) MUST be specified by each
that uses or subclasses the FreeClass. application protocol that uses or subclasses the FreeClass.
However, in accordance with [RFC5198], normalization form C (NFC) is 3.3.7. Directionality
RECOMMENDED.
The directionality rule MUST be specified by each application
protocol that uses or subclasses the FreeClass.
4. Use of PRECIS String Classes 4. Use of PRECIS String Classes
4.1. Principles 4.1. Principles
This document defines the valid, disallowed, and unassigned rules. This document defines the valid, disallowed, and unassigned rules.
Application protocols that use the PRECIS string classes MUST define Application protocols that use the PRECIS string classes MUST define
the directionality, casemapping, and normalization rules. Such the normalization, casemapping, and directionality rules. Such
definitions MUST at a minimum specify the following: definitions MUST at a minimum specify the following:
Directionality: Whether any instance of the class that contains a Normalization: Which Unicode normalization form (D, KD, C, or KC) is
right-to-left code point is to be considered a right-to-left to be applied (see [UAX15] for background information); in
string, or whether some other rule is to be applied (e.g., the accordance with [RFC5198], NFC is RECOMMENDED.
"Bidi Rule" from [RFC5893]).
Casemapping: Whether uppercase and titlecase code points are to be Casemapping: Whether uppercase and titlecase code points are to be
(a) preserved or (b) mapped to lowercase. (a) preserved or (b) mapped to lowercase.
Normalization: Which Unicode normalization form (D, KD, C, or KC) is Additional Mappings: Whether additional mappings are to be applied,
to be applied (see [UAX15] for background information); in such as mapping fullwidth and halfwidth characters to their
accordance with [RFC5198], NFC is RECOMMENDED. decomposition mappings, mapping non-ASCII space characters to
ASCII space, or mapping certain characters to nothing.
Directionality: Whether any instance of the class that contains a
right-to-left code point is to be considered a right-to-left
string, or whether some other rule is to be applied (e.g., the
"Bidi Rule" from [RFC5893]).
4.2. Subclassing 4.2. Subclassing
Application protocols are allowed to subclass the base string classes Application protocols are allowed to subclass the base string classes
specified in this document. As the word "subclass" implies, a specified in this document. As the word "subclass" implies, a
subclass MUST NOT add as valid any code points or character subclass MUST NOT add as valid any code points or character
categories that are disallowed by the base string class. However, a categories that are disallowed by the base string class. However, a
subclass MAY do either of the following: subclass MAY do either of the following:
1. Exclude specific code points that are included in the base string 1. Exclude specific code points that are included in the base string
class. class.
2. Exclude characters matching certain Unicode properties (e.g., 2. Exclude characters matching certain Unicode properties (e.g.,
math symbols) that are included in the base string class. math symbols) that are included in the base string class.
As a result, code points that are defined as valid for the base
string class being subclassed will be defined as disallowed for the
subclass.
Application protocols that subclass the PRECIS string classes MUST Application protocols that subclass the PRECIS string classes MUST
register with the IANA as described under Section 9.3. register with the IANA as described under Section 10.3.
It is RECOMMENDED for subclass names to be of the form It is RECOMMENDED for subclass names to be of the form
"SubclassBaseClass", where the "Subclass" string is a differentiator "SubclassBaseClass", where the "Subclass" string is a differentiator
and "BaseClass" is the name of the base class being subclassed; for and "BaseClass" is the name of the base class being subclassed; for
example, the subclass of the NameClass used for localparts in the example, the subclass of the NameClass used for localparts in the
Extensible Messaging and Presence Protocol (XMPP) would be Extensible Messaging and Presence Protocol (XMPP) is named
"LocalpartNameClass" [I-D.ietf-xmpp-6122bis]. "LocalpartNameClass" [I-D.ietf-xmpp-6122bis].
4.3. A Note about Spaces 4.3. A Note about Spaces
The NameClass does not allow spaces of any kind (even ASCII space, The NameClass does not allow spaces of any kind (even ASCII space,
U+0020). This might be counter-intuitive, given that spaces are U+0020). This might be counter-intuitive, given that spaces are
included between family names and personal names when representing included between family names and personal names when representing
the full names of people (and full names might be used as usernames). the full names of people (and full names might be used as usernames).
The consensus of the PRECIS Working Group is that spaces are The consensus of the PRECIS Working Group is that spaces are
problematic for many reasons, for example because in some locales problematic for many reasons, for example because in some locales
skipping to change at page 12, line 19 skipping to change at page 12, line 38
1. Reviews and classifies the collections of code points in the 1. Reviews and classifies the collections of code points in the
Unicode character set by examining various code point properties. Unicode character set by examining various code point properties.
2. Defines an algorithm for determining a derived property value, 2. Defines an algorithm for determining a derived property value,
which can vary depending on the string class being used by the which can vary depending on the string class being used by the
relevant application protocol. relevant application protocol.
This document is not intended to specify precisely how derived This document is not intended to specify precisely how derived
property values are to be applied in protocol strings. That property values are to be applied in protocol strings. That
information should be defined in the protocol specification that uses information is the responsibility of the protocol specification that
or subclasses a base string class from this document. uses or subclasses a base string class from this document.
The value of the property is to be interpreted as follows. The value of the property is to be interpreted as follows.
PROTOCOL VALID Those code points that are allowed to be used in any PROTOCOL VALID Those code points that are allowed to be used in any
PRECIS string class (NameClass and FreeClass). Code points with PRECIS string class (NameClass and FreeClass). Code points with
this property value are permitted for general use in any string this property value are permitted for general use in any string
class. The abbreviated term PVALID is used to refer to this value class. The abbreviated term PVALID is used to refer to this value
in the remainder of this document. in the remainder of this document.
SPECIFIC CLASS PROTOCOL VALID Those code points that are allowed to SPECIFIC CLASS PROTOCOL VALID Those code points that are allowed to
skipping to change at page 12, line 42 skipping to change at page 13, line 17
property value are permitted for use in specific string classes. property value are permitted for use in specific string classes.
In the remainder of this document, the abbreviated term *_PVAL is In the remainder of this document, the abbreviated term *_PVAL is
used, where * = (NAME | FREE), i.e., either FREE_PVAL or used, where * = (NAME | FREE), i.e., either FREE_PVAL or
NAME_PVAL. NAME_PVAL.
CONTEXTUAL RULE REQUIRED Some characteristics of the character, such CONTEXTUAL RULE REQUIRED Some characteristics of the character, such
as its being invisible in certain contexts or problematic in as its being invisible in certain contexts or problematic in
others, require that it not be used in labels unless specific others, require that it not be used in labels unless specific
other characters or properties are present. The abbreviated term other characters or properties are present. The abbreviated term
CONTEXT is used to refer to this value in the remainder of this CONTEXT is used to refer to this value in the remainder of this
document. There are two subdivisions of CONTEXTUAL RULE REQUIRED, document. As in IDNA2008, there are two subdivisions of
the first for Join_controls (called CONTEXTJ) and the second for CONTEXTUAL RULE REQUIRED, the first for Join_controls (called
other characters (called CONTEXTO). CONTEXTJ) and the second for other characters (called CONTEXTO).
DISALLOWED Those code points that must not be included in any string DISALLOWED Those code points that must not permitted in any PRECIS
class. Code points with this property value are not permitted in string class.
any string class.
SPECIFIC CLASS DISALLOWED Those code points that are not to be SPECIFIC CLASS DISALLOWED Those code points that are not to be
included in a specific string class. Code points with this included in a specific string class. Code points with this
property value are not permitted in one of the string classes but property value are not permitted in one of the string classes but
might be permitted in others. In the remainder of this document, might be permitted in others. In the remainder of this document,
the abbreviated term *_DIS is used, where * = (NAME | FREE), i.e., the abbreviated term *_DIS is used, where * = (NAME | FREE), i.e.,
either FREE_DIS or NAME_DIS. either FREE_DIS or NAME_DIS.
UNASSIGNED Those code points that are not designated (i.e. are UNASSIGNED Those code points that are not designated (i.e. are
unassigned) in the Unicode Standard. unassigned) in the Unicode Standard.
skipping to change at page 13, line 28 skipping to change at page 13, line 47
categories in this document are reused from IDNA2008 and therefore categories in this document are reused from IDNA2008 and therefore
were defined at the time of Unicode 5.2). Changes in Unicode were defined at the time of Unicode 5.2). Changes in Unicode
properties that do not affect the outcome of this process do not properties that do not affect the outcome of this process do not
affect this framework. For example, a character can have its Unicode affect this framework. For example, a character can have its Unicode
General_Category value [UNICODE] change from So to Sm, or from Lo to General_Category value [UNICODE] change from So to Sm, or from Lo to
Ll, without affecting the algorithm results. Moreover, even if such Ll, without affecting the algorithm results. Moreover, even if such
changes were to result, the BackwardCompatible list (Section 6.7) can changes were to result, the BackwardCompatible list (Section 6.7) can
be adjusted to ensure the stability of the results. be adjusted to ensure the stability of the results.
Some code points need to be allowed in exceptional circumstances, but Some code points need to be allowed in exceptional circumstances, but
should be excluded in all other cases; these rules are also described ought to be excluded in all other cases; these rules are also
in other documents. The most notable of these are the Join Control described in other documents. The most notable of these are the Join
characters, U+200D ZERO WIDTH JOINER and U+200C ZERO WIDTH NON- Control characters, U+200D ZERO WIDTH JOINER and U+200C ZERO WIDTH
JOINER. Both of them have the derived property value CONTEXTJ. A NON-JOINER. Both of them have the derived property value CONTEXTJ.
character with the derived property value CONTEXTJ or CONTEXTO A character with the derived property value CONTEXTJ or CONTEXTO
(CONTEXTUAL RULE REQUIRED) is not to be used unless an appropriate (CONTEXTUAL RULE REQUIRED) is not to be used unless an appropriate
rule has been established and the context of the character is rule has been established and the context of the character is
consistent with that rule. It is invalid to generate a string consistent with that rule. It is invalid to generate a string
containing these characters unless such a contextual rule is found containing these characters unless such a contextual rule is found
and satisfied. PRECIS does not define its own contextual rules, but and satisfied. PRECIS does not define its own contextual rules, but
instead re-uses the contextual rules defined for IDNA2008; please see instead re-uses the contextual rules defined for IDNA2008; please see
Appendix A of [RFC5892] for more information. Appendix A of [RFC5892] for more information.
6. Category Definitions Used to Calculate Derived Property Value 6. Category Definitions Used to Calculate Derived Property Value
The derived property obtains its value based on a two-step procedure: The derived property obtains its value based on a two-step procedure:
1. Characters are placed in one or more character categories either 1. Characters are placed in one or more character categories either
(1) based on core properties defined by the Unicode Standard or (1) based on core properties defined by the Unicode Standard or
(2) by treating the code point as an exception and addressing the (2) by treating the code point as an exception and addressing the
code point as its code point value. These categories are not code point based on its code point value. These categories are
mutually exclusive. not mutually exclusive.
2. Set operations are used with these categories to determine the 2. Set operations are used with these categories to determine the
values for a property that is specific to a given string class. values for a property that is specific to a given string class.
These operations are specified under Section 7. These operations are specified under Section 7.
(NOTE: Unicode property names and property value names might have (NOTE: Unicode property names and property value names might have
short abbreviations, such as "gc" for the General_Category property short abbreviations, such as "gc" for the General_Category property
and "Ll" for the Lowercase_Letter property value of the gc property.) and "Ll" for the Lowercase_Letter property value of the gc property.)
In the following specification of character categories, the operation In the following specification of character categories, the operation
skipping to change at page 17, line 20 skipping to change at page 17, line 38
property values for code points stay stable. property values for code points stay stable.
6.8. JoinControl (H) 6.8. JoinControl (H)
NOTE: This category is defined in [RFC5892] and copied here for use NOTE: This category is defined in [RFC5892] and copied here for use
in PRECIS. in PRECIS.
H: Join_Control(cp) = True H: Join_Control(cp) = True
This category consists of Join Control characters (i.e., they are not This category consists of Join Control characters (i.e., they are not
in LetterDigits (Section 6.1)) but are still required in strings in LetterDigits (Section 6.1) but are still required in strings under
under some circumstances. some circumstances).
6.9. OldHangulJamo (I) 6.9. OldHangulJamo (I)
NOTE: This category is defined in [RFC5892] and copied here for use NOTE: This category is defined in [RFC5892] and copied here for use
in PRECIS. in PRECIS.
I: Hangul_Syllable_Type(cp) is in {L, V, T} I: Hangul_Syllable_Type(cp) is in {L, V, T}
This category consists of all conjoining Hangul Jamo (Leading Jamo, This category consists of all conjoining Hangul Jamo (Leading Jamo,
Vowel Jamo, and Trailing Jamo). Vowel Jamo, and Trailing Jamo).
skipping to change at page 19, line 26 skipping to change at page 19, line 48
[UNICODE]. [UNICODE].
Q: toNFKC(cp) != cp Q: toNFKC(cp) != cp
The toNFKC() operation returns the code point in normalization form The toNFKC() operation returns the code point in normalization form
KC. For more information, see Section 5 of [UAX15]. KC. For more information, see Section 5 of [UAX15].
6.18. OtherLetterDigits (R) 6.18. OtherLetterDigits (R)
This PRECIS-specific category is used to group code points that are This PRECIS-specific category is used to group code points that are
letters and digits other than the traditional letters and digits letters and digits other than the "traditional" letters and digits
grouped under the LetterDigits (A) class (see Section 6.1). grouped under the LetterDigits (A) class (see Section 6.1).
R: General_Category(cp) is in {Lt, Nl, No, Me} R: General_Category(cp) is in {Lt, Nl, No, Me}
7. Calculation of the Derived Property 7. Calculation of the Derived Property
Possible values of the derived property are: Possible values of the derived property are:
o PVALID o PVALID
o NAME_PVAL o NAME_PVAL
skipping to change at page 20, line 4 skipping to change at page 20, line 25
o NAME_DIS o NAME_DIS
o FREE_DIS o FREE_DIS
o UNASSIGNED o UNASSIGNED
NOTE: The value of the derived property calculated can depend on the NOTE: The value of the derived property calculated can depend on the
string class; for example, if an identifier used in an application string class; for example, if an identifier used in an application
protocol is defined as using or subclassing the PRECIS NameClass then protocol is defined as using or subclassing the PRECIS NameClass then
a space character such as U+0020 would be assigned to NAME_DIS, a space character such as U+0020 would be assigned to NAME_DIS,
whereas if an identifier is defined as using or subclassing the whereas if an identifier is defined as using or subclassing the
PRECIS FreeClass then the character would be assigned to FREE_PVAL. PRECIS FreeClass then the character would be assigned to FREE_PVAL.
For the sake of brevity, the designation "FREE_PVAL" is used in the
code point tables, instead of the longer designation "NAME_DIS or
FREE_PVAL". In practice, the derived properties NAME_PVAL and
FREE_DIS are not used in this specification, since every NAME_PVAL
code point is PVALID and every FREE_DIS code point is DISALLOWED.
The algorithm to calculate the value of the derived property is as The algorithm to calculate the value of the derived property is as
follows. (NOTE: Use of the name of a rule (such as "Exception") follows. (NOTE: Use of the name of a rule (such as "Exception")
implies the set of code points that the rule defines, whereas the implies the set of code points that the rule defines, whereas the
same name as a function call (such as "Exception(cp)") implies the same name as a function call (such as "Exception(cp)") implies the
value that the code point has in the Exceptions table.) value that the code point has in the Exceptions table.)
If .cp. .in. Exceptions Then Exceptions(cp); If .cp. .in. Exceptions Then Exceptions(cp);
Else If .cp. .in. BackwardCompatible Then BackwardCompatible(cp); Else If .cp. .in. BackwardCompatible Then BackwardCompatible(cp);
Else If .cp. .in. Unassigned Then UNASSIGNED; Else If .cp. .in. Unassigned Then UNASSIGNED;
skipping to change at page 20, line 29 skipping to change at page 21, line 7
Else If .cp. .in. LetterDigits Then PVALID; Else If .cp. .in. LetterDigits Then PVALID;
Else If .cp. .in. OtherLetterDigits Then NAME_DIS or FREE_PVAL; Else If .cp. .in. OtherLetterDigits Then NAME_DIS or FREE_PVAL;
Else If .cp. .in. Spaces Then NAME_DIS or FREE_PVAL; Else If .cp. .in. Spaces Then NAME_DIS or FREE_PVAL;
Else If .cp. .in. Symbols Then NAME_DIS or FREE_PVAL; Else If .cp. .in. Symbols Then NAME_DIS or FREE_PVAL;
Else If .cp. .in. Punctuation Then NAME_DIS or FREE_PVAL; Else If .cp. .in. Punctuation Then NAME_DIS or FREE_PVAL;
Else If .cp. .in. HasCompat Then NAME_DIS or FREE_PVAL; Else If .cp. .in. HasCompat Then NAME_DIS or FREE_PVAL;
Else DISALLOWED; Else DISALLOWED;
8. Code Points 8. Code Points
The Categories and Rules defined in Section 6 and Section 7 apply to The Categories and Rules defined under Section 6 and Section 7 apply
all Unicode code points. The table in Appendix A shows, for to all Unicode code points. The table in Appendix A shows, for
illustrative purposes, the consequences of the categories and illustrative purposes, the consequences of the categories and
classification rules, and the resulting property values. classification rules, and the resulting property values.
The list of code points that can be found in Appendix A is non- The list of code points that can be found in Appendix A is non-
normative. Instead, the rules defined by Section 6 and Section 7 are normative. Instead, the rules defined by Section 6 and Section 7 are
normative, and any tables are derived from the rules. normative, and any tables are derived from the rules.
9. IANA Considerations 9. Security Considerations
9.1. PRECIS Derived Property Value Registry
IANA is requested to create a PRECIS-specific registry with the
Derived Properties for the versions of Unicode that are released
after (and including) version 6.1. The derived property value is to
be calculated in cooperation with a designated expert [RFC5226]
according to the rules specified under Section 6 and Section 7, not
by copying the non-normative table found under Appendix A.
The IESG is to be notified if backward-incompatible changes to the
table of derived properties are discovered or if other problems arise
during the process of creating the table of derived property values
or during expert review. Changes to the rules Section 6 and
Section 7) require IETF Review, as described in [RFC5226].
9.2. PRECIS Base Classes Registry
IANA is requested to create a registry of PRECIS base string classes.
In accordance with [RFC5226], the registration policy is "RFC
Required".
The registration template is as follows:
Base Class: [the name of the base class]
Subclassing: [whether the base class can be subclassed]
Directionality: [the behavioral rule for handling of right-to-left
code points, or "Application Specific" if to be defined by
protocols that use the base class]
Casemapping: [the behavioral rule for handling of case, or
"Application Specific" if to be defined by protocols that use the
base class]
Normalization: [which Unicode normalization form is applied, or
"Application Specific" if to be defined by protocols that use the
base class]
Specification: [the RFC number]
The initial registrations are as follows:
Base Class: FreeClass
Subclassing: Yes
Directionality: Application Specific
Casemapping: Application Specific
Normalization: Application Specific
Specification: RFC XXXX [to be replaced with the number assigned
to this document upon publication as an RFC]
Base Class: NameClass
Subclassing: Yes
Directionality: Application Specific
Casemapping: Application Specific
Normalization: Application Specific
Specification: RFC XXXX [to be replaced with the number assigned
to this document upon publication as an RFC]
9.3. PRECIS Subclasses Registry
IANA is requested to create a registry of subclasses that use the
PRECIS base string classes. In accordance with [RFC5226], the
registration policy is "First Come First Served".
The registration template is as follows:
Subclass: [the name of the subclass]
Base Class: [which base class is being subclassed]
Directionality: [the behavioral rule for handling of right-to-left
code points]
Casemapping: [the behavioral rule for handling of case]
Normalization: [which Unicode normalization form is applied]
Specification: [a pointer to relevant documentation, such as an RFC
or Internet-Draft]
9.4. PRECIS Usage Registry
IANA is requested to create a registry of application protocols that
use the base string classes. The registry will include one entry for
each use (e.g., if a protocol uses both the NameClass and the
FreeClass then the specification for that protocol would submit two
registrations). In accordance with [RFC5226], the registration
policy is "First Come First Served".
The registration template is as follows:
Application Protocol: [the application protocol that is using or
subclassing the base string class]
Base Class: [the base string class that is being used or subclassed]
Subclassing: [whether the protocol is subclassing the base class
and, if so, the name of the subclass]
Directionality: [the behavioral rule for handling of right-to-left
code points]
Casemapping: [the behavioral rule for handling of case]
Normalization: [which Unicode normalization form is applied]
Specification: [a pointer to relevant documentation, such as an RFC
or Internet-Draft]
10. Security Considerations
10.1. General Issues 9.1. General Issues
The security of applications that use this framework can depend in The security of applications that use this framework can depend in
part on the proper preparation and comparison of internationalized part on the proper preparation and comparison of internationalized
strings. For example, such strings can be used to make strings. For example, such strings can be used to make
authentication and authorization decisions, and the security of an authentication and authorization decisions, and the security of an
application could be compromised if an entity providing a given application could be compromised if an entity providing a given
string is connected to the wrong account or online resource based on string is connected to the wrong account or online resource based on
different interpretations of the string. different interpretations of the string.
Specifications of application protocols that use this framework are Specifications of application protocols that use this framework are
encouraged to describe how internationalized strings are used in the encouraged to describe how internationalized strings are used in the
protocol, including the security implications of any false positives protocol, including the security implications of any false positives
and false negatives that might result from various comparison and false negatives that might result from various comparison
operations. For some helpful guidelines, refer to operations. For some helpful guidelines, refer to
[I-D.iab-identifier-comparison], [RFC5890], [UTR36], and [UTR39]. [I-D.iab-identifier-comparison], [RFC5890], [UTR36], and [UTR39].
10.2. Use of the NameClass 9.2. Use of the NameClass
Strings that conform to the NameClass and any subclass thereof are Strings that conform to the NameClass and any subclass thereof are
intended to be relatively safe for use in a broad range of intended to be relatively safe for use in a broad range of
applications, primarily because they include only letters, digits, applications, primarily because they include only letters, digits,
and "grandfathered" non-space characters from the US-ASCII range and and "grandfathered" non-space characters from the ASCII range; thus
thus exclude spaces, characters with compatibility equivalents, and they exclude spaces, characters with compatibility equivalents, and
almost all symbols and punctuation marks. However, such strings can almost all symbols and punctuation marks. However, because such
still include so-called confusable characters (see Section 10.5; strings can still include so-called confusable characters (see
therefore protocol designers and implementers are encouraged to pay Section 9.5, protocol designers and implementers are encouraged to
close attention to the security considerations described elsewhere in pay close attention to the security considerations described
this document. elsewhere in this document.
10.3. Use of the FreeClass 9.3. Use of the FreeClass
Strings that conform to the FreeClass and many subclasses thereof can Strings that conform to the FreeClass and many subclasses thereof can
include virtually any Unicode character. This makes the FreeClass include virtually any Unicode character. This makes the FreeClass
quite expressive, but also problematic from the perspective of quite expressive, but also problematic from the perspective of
possible user confusion. Protocol designers are hereby warned that possible user confusion. Protocol designers are hereby warned that
the FreeClass contains codepoints they might not understand, and are the FreeClass contains codepoints they might not understand, and are
encouraged to use or subclass the NameClass wherever feasible; encouraged to use or subclass the NameClass wherever feasible;
however, if an application protocol requires more code points than however, if an application protocol requires more code points than
are allowed by the NameClass (e.g., to allow ASCII space in human are allowed by the NameClass, protocol designers are encouraged to
names), protocol designers are encouraged to define a subclass of the define a subclass of the FreeClass that restricts the allowable code
FreeClass that restricts the allowable code points as tightly as points as tightly as possible. (The working group considered the
possible. (The working group considered the option of allowing option of allowing superclasses as well as subclasses of PRECIS
superclasses as well as subclasses of PRECIS string classes, but string classes, but decided against allowing superclasses to reduce
decided against allowing superclasses to reduce the likelihood of the likelihood of security and interoperability problems.)
security and interoperability problems.)
10.4. Local Character Set Issues 9.4. Local Character Set Issues
When systems use local character sets other than ASCII and Unicode, When systems use local character sets other than ASCII and Unicode,
these specifications leave the problem of converting between the these specifications leave the problem of converting between the
local character set and Unicode up to the application or local local character set and Unicode up to the application or local
system. If different applications (or different versions of one system. If different applications (or different versions of one
application) implement different rules for conversions among coded application) implement different rules for conversions among coded
character sets, they could interpret the same name differently and character sets, they could interpret the same name differently and
contact different application servers or other network entities. contact different application servers or other network entities.
This problem is not solved by security protocols, such as Transport This problem is not solved by security protocols, such as Transport
Layer Security (TLS) [RFC5246] and the Simple Authentication and Layer Security (TLS) [RFC5246] and the Simple Authentication and
Security Layer (SASL) [RFC4422], that do not take local character Security Layer (SASL) [RFC4422], that do not take local character
sets into account. sets into account.
10.5. Visually Similar Characters 9.5. Visually Similar Characters
Some characters are visually similar and thus can cause confusion Some characters are visually similar and thus can cause confusion
among humans. Such characters are often called "confusable among humans. Such characters are often called "confusable
characters" or "confusables". characters" or "confusables".
The problem of confusable characters is not necessarily caused by the The problem of confusable characters is not necessarily caused by the
use of Unicode code points outside the US-ASCII range. For example, use of Unicode code points outside the ASCII range. For example, in
in some presentations and to some individuals the string "ju1iet" some presentations and to some individuals the string "ju1iet"
(spelled with the Arabic numeral one as the third character) might (spelled with the Arabic numeral one as the third character) might
appear to be the same as "juliet" (spelled with the lowercase version appear to be the same as "juliet" (spelled with the lowercase version
of the letter "L"), especially on casual visual inspection. This of the letter "L"), especially on casual visual inspection. This
phenomenon is sometimes called "typejacking". phenomenon is sometimes called "typejacking".
However, the problem is made more serious by introducing the full However, the problem is made more serious by introducing the full
range of Unicode code points into protocol strings. For example, the range of Unicode code points into protocol strings. For example, the
characters U+13DA U+13A2 U+13B5 U+13AC U+13A2 U+13AC U+13D2 from the characters U+13DA U+13A2 U+13B5 U+13AC U+13A2 U+13AC U+13D2 from the
Cherokee block look similar to the US-ASCII characters "STPETER" as Cherokee block look similar to the ASCII characters "STPETER" as they
they might look when presented in a "creative" font. might look when presented using a "creative" font family.
In some examples of confusable characters, it is unlikely that the In some examples of confusable characters, it is unlikely that the
average human could tell the difference between the real string and average human could tell the difference between the real string and
the fake string. (Indeed, there is no programmatic way to the fake string. (Indeed, there is no programmatic way to
distinguish with full certainty which is the fake string and which is distinguish with full certainty which is the fake string and which is
the real string; in some contexts, the string formed of Cherokee the real string; in some contexts, the string formed of Cherokee
characters might be the real string and the string formed of US-ASCII characters might be the real string and the string formed of ASCII
characters might be the fake string.) Because PRECIS-compliant characters might be the fake string.) Because PRECIS-compliant
strings can contain almost any properly encoded Unicode code point, strings can contain almost any properly-encoded Unicode code point,
it can be relatively easy to fake or mimic some strings in systems it can be relatively easy to fake or mimic some strings in systems
that use the PRECIS framework. The fact that some strings are easily that use the PRECIS framework. The fact that some strings are easily
confused introduces security vulnerabilities of the kind that have confused introduces security vulnerabilities of the kind that have
also plagued the World Wide Web, specifically the phenomenon known as also plagued the World Wide Web, specifically the phenomenon known as
phishing. phishing.
Despite the fact that some specific suggestions about identification Despite the fact that some specific suggestions about identification
and handling of confusable characters appear in the Unicode Security and handling of confusable characters appear in the Unicode Security
Considerations [UTR36], it is also true (as noted in [RFC5890]) that Considerations [UTR36], it is also true (as noted in [RFC5890]) that
"there are no comprehensive technical solutions to the problems of "there are no comprehensive technical solutions to the problems of
confusable characters". Because it is impossible to map visually confusable characters". Because it is impossible to map visually
similar characters without a great deal of context (such as knowing similar characters without a great deal of context (such as knowing
the fonts used), the PRECIS framework does nothing to map similar- the font families used), the PRECIS framework does nothing to map
looking characters together, nor does it prohibit some characters similar-looking characters together, nor does it prohibit some
because they look like others. characters because they look like others.
However, specifications for application protocols that use this Nevertheless, specifications for application protocols that use this
framework MUST describe how confusable characters can be used to framework MUST describe how confusable characters can be used to
compromise the security of systems that use the protocol in question, compromise the security of systems that use the protocol in question,
and any protocol-specific suggestions for overcoming those threats. along with any protocol-specific suggestions for overcoming those
In particular, software implementations and service deployments that threats. In particular, software implementations and service
use PRECIS-based technologies are strongly encouraged to define and deployments that use PRECIS-based technologies are strongly
implement consistent policies regarding the registration, storage, encouraged to define and implement consistent policies regarding the
and presentation of visually similar characters. The following registration, storage, and presentation of visually similar
recommendations are appropriate: characters. The following recommendations are appropriate:
1. An application service SHOULD define a policy that specifies the 1. An application service SHOULD define a policy that specifies the
scripts or blocks of characters that the service will allow to be scripts or blocks of characters that the service will allow to be
registered (e.g., in an account name) or stored (e.g., in a file registered (e.g., in an account name) or stored (e.g., in a file
name). Such a policy SHOULD be informed by the languages and name). Such a policy SHOULD be informed by the languages and
scripts that are used to write registered account names; in scripts that are used to write registered account names; in
particular, to reduce confusion, the service SHOULD forbid particular, to reduce confusion, the service SHOULD forbid
registration or storage of stings that contain characters from registration or storage of stings that contain characters from
more than one script and to restrict registrations to characters more than one script and SHOULD restrict registrations to
drawn from a very small number of scripts (e.g., scripts that are characters drawn from a very small number of scripts (e.g.,
well-understood by the administrators of the service, to improve scripts that are well-understood by the administrators of the
manageability). service, to improve manageability).
2. User-oriented application software SHOULD define a policy that 2. User-oriented application software SHOULD define a policy that
specifies how internationalized strings will be presented to a specifies how internationalized strings will be presented to a
human user. Because every human user of such software has a human user. Because every human user of such software has a
preferred language or a small set of preferred languages, the preferred language or a small set of preferred languages, the
software SHOULD gather that information either explicitly from software SHOULD gather that information either explicitly from
the user or implicitly via the operating system of the user's the user or implicitly via the operating system of the user's
device. Furthermore, because most languages are typically device. Furthermore, because most languages are typically
represented by a single script or a small set of scripts, and represented by a single script or a small set of scripts, and
because and most scripts are typically contained in one or more because most scripts are typically contained in one or more
blocks of characters, the software SHOULD warn the user when blocks of characters, the software SHOULD warn the user when
presenting a string that mixes characters from more than one presenting a string that mixes characters from more than one
script or block, or that uses characters outside the normal range script or block, or that uses characters outside the normal range
of the user's preferred language(s). (Such a recommendation is of the user's preferred language(s). (Such a recommendation is
not intended to discourage communication across different not intended to discourage communication across different
communities of language users; instead, it recognizes the communities of language users; instead, it recognizes the
existence of such communities and encourages due caution when existence of such communities and encourages due caution when
presenting unfamiliar scripts or characters to human users.) presenting unfamiliar scripts or characters to human users.)
10.6. Security of Passwords and Passphrases 9.6. Security of Passwords
One goal of passwords and passphrases is to maximize the amount of Two goals of passwords are to maximize the amount of entropy and to
entropy, for example by allowing a wide range of code points and by minimize the potential for false positives. These goals can be
ensuring that secrets are not prepared in such a way that code points achieved in part by allowing a wide range of code points and by
are compared aggressively. Therefore, it is NOT RECOMMENDED for ensuring that passwords are handled in such a way that code points
are not compared aggressively. Therefore, it is NOT RECOMMENDED for
application protocols to subclass the FreeClass for use in passwords application protocols to subclass the FreeClass for use in passwords
and passphrases in a way that removes entire categories (e.g., by in a way that removes entire categories (e.g., by disallowing symbols
disallowing symbols or punctuation). Furthermore, it is NOT or punctuation). Furthermore, it is NOT RECOMMENDED for application
RECOMMENDED for application protocols to map uppercase and titlecase protocols to map uppercase and titlecase code points to their
code points to their lowercase equivalents in such strings; instead, lowercase equivalents in such strings; instead, it is RECOMMENDED to
it is RECOMMENDED to preserve the case of all code points contained preserve the case of all code points contained in such strings and to
in such strings. compare them in a case-sensitive manner.
That said, software implementers need to be aware that there exist That said, software implementers need to be aware that there exist
tradeoffs between entropy and usability. For example, allowing a tradeoffs between entropy and usability. For example, allowing a
user to establish a password containing "uncommon" code points might user to establish a password containing "uncommon" code points might
make it difficult for the user to access an application when using an make it difficult for the user to access a service when using an
unfamiliar or constrained input device. unfamiliar or constrained input device.
Some application protocols use passwords and passphrases directly, Some application protocols use passwords directly, whereas others
whereas others reuse technologies that themselves process passwords reuse technologies that themselves process passwords (one example of
(one example is the Simple Authentication and Security Layer such a technology is the Simple Authentication and Security Layer
[RFC4422]). Moreover, passwords are often carried by a sequence of [RFC4422]). Moreover, passwords are often carried by a sequence of
protocols with backends authentication systems or data storage protocols with backend authentication systems or data storage systems
systems such as RADIUS [RFC2865] and LDAP [RFC4510]. Developers of such as RADIUS [RFC2865] and LDAP [RFC4510]. Developers of
application protocols are encouraged to look into reusing these application protocols are encouraged to look into reusing these
profiles instead of defining new ones, so that end-user expectations profiles instead of defining new ones, so that end-user expectations
about passwords are consistent no matter which application protocol about passwords are consistent no matter which application protocol
is used. is used.
10. IANA Considerations
10.1. PRECIS Derived Property Value Registry
IANA is requested to create a PRECIS-specific registry with the
Derived Properties for the versions of Unicode that are released
after (and including) version 6.1. The derived property value is to
be calculated in cooperation with a designated expert [RFC5226]
according to the rules specified under Section 6 and Section 7, not
by copying the non-normative table found under Appendix A.
The IESG is to be notified if backward-incompatible changes to the
table of derived properties are discovered or if other problems arise
during the process of creating the table of derived property values
or during expert review. Changes to the rules defined under
Section 6 and Section 7) require IETF Review, as described in
[RFC5226].
10.2. PRECIS Base Classes Registry
IANA is requested to create a registry of PRECIS base string classes.
In accordance with [RFC5226], the registration policy is "RFC
Required".
The registration template is as follows:
Base Class: [the name of the base class]
Description: [a brief description of the base class and its intended
use, e.g., "A sequence of letters, numbers, and symbols that is
used to identify or address a network entity."]
Normalization: [which Unicode normalization form is applied, e.g.,
"NFC"; or "Application Specific" if to be defined by protocols
that use the base class]
Casemapping: [the behavioral rule for handling of case, e.g., "Map
uppercase and titlecase characters to lowercase."; or "Application
Specific" if to be defined by protocols that use the base class]
Additional Mappings: [any additional mappings are required or
recommended, e.g., "Map non-ASCII space characters to ASCII
space."; or "Application Specific" if to be defined by protocols
that use the base class]
Directionality: [the behavioral rule for handling of right-to-left
code points, e.g., "The 'Bidi Rule' defined in RFC 5893 applies.";
or "Application Specific" if to be defined by protocols that use
the base class]
Specification: [the RFC number]
The initial registrations are as follows:
Base Class: FreeClass.
Description: A sequence of letters, numbers, symbols, spaces, and
other code points that is used for free-form strings.
Normalization: Application Specific.
Casemapping: Application Specific.
Additional Mappings: Application Specific.
Directionality: Application Specific.
Specification: RFC XXXX. [Note to RFC Editor: please change XXXX to
the number issued for this specification.]
Base Class: NameClass.
Description: A sequence of letters, numbers, and symbols that is
used to identify or address a network entity.
Normalization: Application Specific.
Casemapping: Application Specific.
Additional Mappings: Application Specific.
Directionality: Application Specific.
Specification: RFC XXXX. [Note to RFC Editor: please change XXXX to
the number issued for this specification.]
10.3. PRECIS Subclasses Registry
IANA is requested to create a registry of subclasses that use the
PRECIS base string classes. In accordance with [RFC5226], the
registration policy is "Expert Review". This policy was chosen in
order to ensure that "customers" of PRECIS receive appropriate
guidance regarding the sometimes complex and subtle
internationalization issues related to subclassing of PRECIS base
classes.
The registration template is as follows:
Subclass: [the name of the subclass]
Base Class: [which base class is being subclassed]
Exclusions: [a brief description of the specific code points that
are excluded or of the properties based on which characters are
excluded, e.g., "Eight legacy characters in the ASCII range" or
"Any character that has a compatibility equivalent, i.e., the
HasCompat category"]
Specification: [a pointer to relevant documentation, such as an RFC
or Internet-Draft]
In order to request a review, the registrant shall send a completed
template to the precis@ietf.org list or its designated successor.
Factors to focus on while reviewing subclass registrations include
the following:
o Is the problem well-defined?
o Is it clear what applications will use this subclass?
o Would an existing base class or subclass solve the problem?
o Are the defined exclusions a reasonable solution to the problem
for the relevant applications?
o Is the subclass clearly defined?
o Does the subclass reduce the degree to which human users could be
surprised by application behavior (the "principle of least user
surprise")?
o Is the subclass based on an appropriate dividing line between user
interface (culture, context, intent, locale, device limitations,
etc.) and the use of conformant strings in protocol elements?
o Does the subclass introduce any new security concerns (e.g., false
positives for authentication or authorization)?
10.4. PRECIS Usage Registry
IANA is requested to create a registry of application protocols that
use the base string classes. The registry will include one entry for
each use (e.g., if a protocol uses both the NameClass and the
FreeClass then the specification for that protocol would submit two
registrations). In accordance with [RFC5226], the registration
policy is "Expert Review". This policy was chosen in order to ensure
that "customers" of PRECIS receive appropriate guidance regarding the
sometimes complex and subtle internationalization issues related to
use of PRECIS base classes.
The registration template is as follows:
Applicability: [the specific protocol elements to which this usage
applies, e.g., "Localparts in XMPP addresses."]
Base Class: [the base string class that is being used or subclassed]
Subclass: [whether the protocol has defined a subclass of the base
class and, if so, the name of the subclass, e.g., "Yes,
LocalpartNameClass."]
Replaces: [the Stringprep profile that this PRECIS usage replaces,
if any]
Normalization: [which Unicode normalization form is applied, e.g.,
"NFC"]
Casemapping: [the behavioral rule for handling of case, e.g., "Map
uppercase and titlecase characters to lowercase."]
Additional Mappings: [any additional mappings are required or
recommended, e.g., "Map non-ASCII space characters to ASCII
space."]
Directionality: [the behavioral rule for handling of right-to-left
code points, e.g., "The 'Bidi Rule' defined in RFC 5893 applies."]
Specification: [a pointer to relevant documentation, such as an RFC
or Internet-Draft]
In order to request a review, the registrant shall send a completed
template to the precis@ietf.org list or its designated successor.
Factors to focus on while reviewing usage registrations include the
following:
o Does the specification define what kinds of applications are
involved and the protocol elements to which this usage applies?
o Is there a base class or subclass that would be more appropriate
to use?
o Are the normalization, casemapping, additional mapping, and
directionality rules appropriate for the intended use?
o Does the usage reduce the degree to which human users could be
surprised by application behavior (the "principle of least user
surprise")?
o Is the usage based on an appropriate dividing line between user
interface (culture, context, intent, locale, device limitations,
etc.) and the use of conformant strings in protocol elements?
o Does the usage introduce any new security concerns (e.g., false
positives for authentication or authorization)?
11. Interoperability Considerations 11. Interoperability Considerations
Although strings that are consumed in PRECIS-based application Although strings that are consumed in PRECIS-based application
protocols are often encoded using UTF-8 [RFC3629], the exact encoding protocols are often encoded using UTF-8 [RFC3629], the exact encoding
is a matter for the application protocol that reuses PRECIS, not for is a matter for the application protocol that reuses PRECIS, not for
the PRECIS framework. the PRECIS framework.
It is known that some existing systems are unable to support the full It is known that some existing systems are unable to support the full
Unicode character set, or even any characters outside the US-ASCII Unicode character set, or even any characters outside the ASCII
range. If two (or more) applications need to interoperate when range. If two (or more) applications need to interoperate when
exchanging data (e.g., for the purpose of authenticating a username exchanging data (e.g., for the purpose of authenticating a username
or password), they will naturally need have in common at least one or password), they will naturally need have in common at least one
coded character set (as defined by [RFC6365]). Establishing such a coded character set (as defined by [RFC6365]). Establishing such a
baseline is a matter for the application protocol that reuses PRECIS, baseline is a matter for the application protocol that reuses PRECIS,
not for the PRECIS framework. not for the PRECIS framework.
12. References 12. References
12.1. Normative References 12.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC5198] Klensin, J. and M. Padlipsky, "Unicode Format for Network [RFC5198] Klensin, J. and M. Padlipsky, "Unicode Format for Network
Interchange", RFC 5198, March 2008. Interchange", RFC 5198, March 2008.
[UNICODE] The Unicode Consortium, "The Unicode Standard, Version [UNICODE] The Unicode Consortium, "The Unicode Standard, Version
6.1", 2012, 6.1", 2012,
skipping to change at page 27, line 13 skipping to change at page 29, line 20
Interchange", RFC 5198, March 2008. Interchange", RFC 5198, March 2008.
[UNICODE] The Unicode Consortium, "The Unicode Standard, Version [UNICODE] The Unicode Consortium, "The Unicode Standard, Version
6.1", 2012, 6.1", 2012,
<http://www.unicode.org/versions/Unicode6.1.0/>. <http://www.unicode.org/versions/Unicode6.1.0/>.
12.2. Informative References 12.2. Informative References
[I-D.iab-identifier-comparison] [I-D.iab-identifier-comparison]
Thaler, D., "Issues in Identifier Comparison for Security Thaler, D., "Issues in Identifier Comparison for Security
Purposes", draft-iab-identifier-comparison-03 (work in Purposes", draft-iab-identifier-comparison-04 (work in
progress), July 2012. progress), August 2012.
[I-D.ietf-precis-nickname]
Saint-Andre, P., "Preparation and Comparison of
Nicknames", draft-ietf-precis-nickname-01 (work in
progress), September 2012.
[I-D.ietf-precis-problem-statement] [I-D.ietf-precis-problem-statement]
Sullivan, A. and M. Blanchet, "Stringprep Revision Problem Sullivan, A. and M. Blanchet, "Stringprep Revision Problem
Statement", draft-ietf-precis-problem-statement-06 (work Statement", draft-ietf-precis-problem-statement-08 (work
in progress), July 2012. in progress), September 2012.
[I-D.ietf-xmpp-6122bis] [I-D.ietf-xmpp-6122bis]
Saint-Andre, P., "Extensible Messaging and Presence Saint-Andre, P., "Extensible Messaging and Presence
Protocol (XMPP): Address Format", Protocol (XMPP): Address Format",
draft-ietf-xmpp-6122bis-02 (work in progress), April 2012. draft-ietf-xmpp-6122bis-03 (work in progress),
August 2012.
[I-D.melnikov-precis-saslprepbis] [I-D.melnikov-precis-saslprepbis]
Melnikov, A. and P. Saint-Andre, "Username and Password Melnikov, A. and P. Saint-Andre, "Username and Password
Preparation Algorithms", Preparation Algorithms",
draft-melnikov-precis-saslprepbis-00 (work in progress), draft-melnikov-precis-saslprepbis-03 (work in progress),
March 2012. September 2012.
[I-D.saintandre-precis-nickname]
Saint-Andre, P., "Preparation and Comparison of
Nicknames", draft-saintandre-precis-nickname-00 (work in
progress), March 2012.
[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, [RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
"Remote Authentication Dial In User Service (RADIUS)", "Remote Authentication Dial In User Service (RADIUS)",
RFC 2865, June 2000. RFC 2865, June 2000.
[RFC3454] Hoffman, P. and M. Blanchet, "Preparation of [RFC3454] Hoffman, P. and M. Blanchet, "Preparation of
Internationalized Strings ("stringprep")", RFC 3454, Internationalized Strings ("stringprep")", RFC 3454,
December 2002. December 2002.
[RFC3490] Faltstrom, P., Hoffman, P., and A. Costello, [RFC3490] Faltstrom, P., Hoffman, P., and A. Costello,
skipping to change at page 29, line 41 skipping to change at page 31, line 49
If one applies the property calculation rules from Section 7 to the If one applies the property calculation rules from Section 7 to the
code points 0x0000 to 0x10FFFF in Unicode 6.1, the result is as shown code points 0x0000 to 0x10FFFF in Unicode 6.1, the result is as shown
in the following table, in Unicode Character Database (UCD) format. in the following table, in Unicode Character Database (UCD) format.
The columns of the table are as follows: The columns of the table are as follows:
1. The code point or codepoint range. 1. The code point or codepoint range.
2. The assignment for the code point or range, where the value is 2. The assignment for the code point or range, where the value is
one of PVALID, DISALLOWED, UNASSIGNED, CONTEXTO, CONTEXTJ, or one of PVALID, DISALLOWED, UNASSIGNED, CONTEXTO, CONTEXTJ, or
FREE_PVAL (which includes NAME_DIS). FREE_PVAL (which includes NAME_DIS).
3. The rule that triggered the assignment (e.g., a value of "K" in 3. The name or names for the code point or range.
the third column indicates that the trigger is the ASCII7 rule
from Section 6.11).
4. The name or names for the code point or range.
This table is non-normative, and included only for illustrative This table is non-normative, and included only for illustrative
purposes. Please note that the strings displayed in the fourth purposes. Please note that the strings displayed in the third column
column are not necessarily the formal name of the code point (as are not necessarily the formal name of the code point (as defined in
defined in [UNICODE]) because the fixed width of the RFC format [UNICODE]) because the fixed width of the RFC format necessitated
necessitated truncation of many names. truncation of many names.
0000..001F ; DISALLOWED # <control> 0000..001F ; DISALLOWED # <control>
0020 ; FREE_PVAL # SPACE 0020 ; FREE_PVAL # SPACE
0021..007E ; PVALID # EXCLAM MARK .. TILDE 0021..007E ; PVALID # EXCLAM MARK .. TILDE
007F..009F ; DISALLOWED # <control> 007F..009F ; DISALLOWED # <control>
00A0..00A9 ; FREE_PVAL # NO-BREAK SPACE .. COPYRIGHT SIGN 00A0..00A9 ; FREE_PVAL # NO-BREAK SPACE .. COPYRIGHT SIGN
00AA ; PVALID # FEMININE ORDINAL INDICATOR 00AA ; PVALID # FEMININE ORDINAL INDICATOR
00AB..00AC ; FREE_PVAL # NO-BREAK SPACE .. NOT SIGN 00AB..00AC ; FREE_PVAL # NO-BREAK SPACE .. NOT SIGN
00AD ; DISALLOWED # SOFT HYPH 00AD ; DISALLOWED # SOFT HYPH
00AE..00B6 ; FREE_PVAL # REGISTERED SIGN .. PILCROW SIGN 00AE..00B6 ; FREE_PVAL # REGISTERED SIGN .. PILCROW SIGN
skipping to change at page 64, line 43 skipping to change at page 66, line 48
E0100..E01EF; FREE_PVAL # VAR SEL-17..VAR SEL-256 E0100..E01EF; FREE_PVAL # VAR SEL-17..VAR SEL-256
E01F0..EFFFD; UNASSIGNED # <reserved>..<reserved> E01F0..EFFFD; UNASSIGNED # <reserved>..<reserved>
EFFFE..10FFFF; DISALLOWED # <noncharacter>..<noncharacter> EFFFE..10FFFF; DISALLOWED # <noncharacter>..<noncharacter>
Appendix B. Acknowledgements Appendix B. Acknowledgements
The authors would like to acknowledge the comments and contributions The authors would like to acknowledge the comments and contributions
of the following individuals: David Black, Mark Davis, Alan DeKok, of the following individuals: David Black, Mark Davis, Alan DeKok,
Martin Duerst, Patrik Faltstrom, Ted Hardie, Joe Hildebrand, Paul Martin Duerst, Patrik Faltstrom, Ted Hardie, Joe Hildebrand, Paul
Hoffman, Jeffrey Hutzelman, Simon Josefsson, John Klensin, Alexey Hoffman, Jeffrey Hutzelman, Simon Josefsson, John Klensin, Alexey
Melnikov, Yoav Nir, Mike Parker, Pete Resnick, Andrew Sullivan, Dave Melnikov, Takahiro Nemoto, Yoav Nir, Mike Parker, Pete Resnick,
Thaler, and Yoshiro Yoneya. Andrew Sullivan, Dave Thaler, and Yoshiro Yoneya.
Some algorithms and textual descriptions have been borrowed from Some algorithms and textual descriptions have been borrowed from
[RFC5892]. Some text regarding security has been borrowed from [RFC5892]. Some text regarding security has been borrowed from
[RFC5890] and [I-D.ietf-xmpp-6122bis]. [RFC5890] and [I-D.ietf-xmpp-6122bis].
Authors' Addresses Authors' Addresses
Peter Saint-Andre Peter Saint-Andre
Cisco Systems, Inc. Cisco Systems, Inc.
1899 Wynkoop Street, Suite 600 1899 Wynkoop Street, Suite 600
 End of changes. 104 change blocks. 
363 lines changed or deleted 457 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/