1

2

3

4

5

6

7
Network Working Group                                         P. Hoffman
8
Request for Comments: 3491                                    IMC & VPNC
9
Category: Standards Track                                    M. Blanchet
10
                                                                Viagenie
11
                                                              March 2003
12

13

14
                   Nameprep: A Stringprep Profile for
15
                  Internationalized Domain Names (IDN)
16

17
Status of this Memo
18

19
   This document specifies an Internet standards track protocol for the
20
   Internet community, and requests discussion and suggestions for
21
   improvements.  Please refer to the current edition of the "Internet
22
   Official Protocol Standards" (STD 1) for the standardization state
23
   and status of this protocol.  Distribution of this memo is unlimited.
24

25
Copyright Notice
26

27
   Copyright (C) The Internet Society (2003).  All Rights Reserved.
28

29
Abstract
30

31
   This document describes how to prepare internationalized domain name
32
   (IDN) labels in order to increase the likelihood that name input and
33
   name comparison work in ways that make sense for typical users
34
   throughout the world.  This profile of the stringprep protocol is
35
   used as part of a suite of on-the-wire protocols for
36
   internationalizing the Domain Name System (DNS).
37

38
1. Introduction
39

40
   This document specifies processing rules that will allow users to
41
   enter internationalized domain names (IDNs) into applications and
42
   have the highest chance of getting the content of the strings
43
   correct.  It is a profile of stringprep [STRINGPREP].  These
44
   processing rules are only intended for internationalized domain
45
   names, not for arbitrary text.
46

47
   This profile defines the following, as required by [STRINGPREP].
48

49
   -  The intended applicability of the profile: internationalized
50
      domain names processed by IDNA.
51

52
   -  The character repertoire that is the input and output to
53
      stringprep:  Unicode 3.2, specified in section 2.
54

55

56

57

58
Hoffman & Blanchet          Standards Track                     [Page 1]
59

60
RFC 3491                      IDN Nameprep                    March 2003
61

62

63
   -  The mappings used: specified in section 3.
64

65
   -  The Unicode normalization used: specified in section 4.
66

67
   -  The characters that are prohibited as output: specified in section
68
      5.
69

70
   -  Bidirectional character handling: specified in section 6.
71

72
1.1 Interaction of protocol parts
73

74
   Nameprep is used by the IDNA [IDNA] protocol for preparing domain
75
   names; it is not designed for any other purpose.  It is explicitly
76
   not designed for processing arbitrary free text and SHOULD NOT be
77
   used for that purpose.  Nameprep is a profile of Stringprep
78
   [STRINGPREP].  Implementations of Nameprep MUST fully implement
79
   Stringprep.
80

81
   Nameprep is used to process domain name labels, not domain names.
82
   IDNA calls nameprep for each label in a domain name, not for the
83
   whole domain name.
84

85
1.2 Terminology
86

87
   The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
88
   in this document are to be interpreted as described in BCP 14, RFC
89
   2119 [RFC2119].
90

91
2. Character Repertoire
92

93
   This profile uses Unicode 3.2, as defined in [STRINGPREP] Appendix A.
94

95
3. Mapping
96

97
   This profile specifies mapping using the following tables from
98
   [STRINGPREP]:
99

100
   Table B.1
101
   Table B.2
102

103
4. Normalization
104

105
   This profile specifies using Unicode normalization form KC, as
106
   described in [STRINGPREP].
107

108

109

110

111

112

113

114
Hoffman & Blanchet          Standards Track                     [Page 2]
115

116
RFC 3491                      IDN Nameprep                    March 2003
117

118

119
5. Prohibited Output
120

121
   This profile specifies prohibiting using the following tables from
122
   [STRINGPREP]:
123

124
   Table C.1.2
125
   Table C.2.2
126
   Table C.3
127
   Table C.4
128
   Table C.5
129
   Table C.6
130
   Table C.7
131
   Table C.8
132
   Table C.9
133

134
   IMPORTANT NOTE: This profile MUST be used with the IDNA protocol.
135
   The IDNA protocol has additional prohibitions that are checked
136
   outside of this profile.
137

138
6. Bidirectional characters
139

140
   This profile specifies checking bidirectional strings as described in
141
   [STRINGPREP] section 6.
142

143
7. Unassigned Code Points in Internationalized Domain Names
144

145
   If the processing in [IDNA] specifies that a list of unassigned code
146
   points be used, the system uses table A.1 from [STRINGPREP] as its
147
   list of unassigned code points.
148

149
8. References
150

151
8.1 Normative References
152

153
   [RFC2119]    Bradner, S., "Key words for use in RFCs to Indicate
154
                Requirement Levels", BCP 14, RFC 2119, March 1997.
155

156
   [STRINGPREP] Hoffman, P. and M. Blanchet, "Preparation of
157
                Internationalized Strings ("stringprep")", RFC 3454,
158
                December 2002.
159

160
   [IDNA]       Faltstrom, P., Hoffman, P. and A. Costello,
161
                "Internationalizing Domain Names in Applications
162
                (IDNA)", RFC 3490, March 2003.
163

164

165

166

167

168

169

170
Hoffman & Blanchet          Standards Track                     [Page 3]
171

172
RFC 3491                      IDN Nameprep                    March 2003
173

174

175
8.2 Informative references
176

177
   [STD13]      Mockapetris, P., "Domain names - concepts and
178
                facilities", STD 13, RFC 1034, and "Domain names -
179
                implementation and specification", STD 13, RFC 1035,
180
                November 1987.
181

182
9. Security Considerations
183

184
   The Unicode and ISO/IEC 10646 repertoires have many characters that
185
   look similar.  In many cases, users of security protocols might do
186
   visual matching, such as when comparing the names of trusted third
187
   parties.  Because it is impossible to map similar-looking characters
188
   without a great deal of context such as knowing the fonts used,
189
   stringprep does nothing to map similar-looking characters together
190
   nor to prohibit some characters because they look like others.
191

192
   Security on the Internet partly relies on the DNS.  Thus, any change
193
   to the characteristics of the DNS can change the security of much of
194
   the Internet.
195

196
   Domain names are used by users to connect to Internet servers.  The
197
   security of the Internet would be compromised if a user entering a
198
   single internationalized name could be connected to different servers
199
   based on different interpretations of the internationalized domain
200
   name.
201

202
   Current applications might assume that the characters allowed in
203
   domain names will always be the same as they are in [STD13].  This
204
   document vastly increases the number of characters available in
205
   domain names.  Every program that uses "special" characters in
206
   conjunction with domain names may be vulnerable to attack based on
207
   the new characters allowed by this specification.
208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226
Hoffman & Blanchet          Standards Track                     [Page 4]
227

228
RFC 3491                      IDN Nameprep                    March 2003
229

230

231
10. IANA Considerations
232

233
   This is a profile of stringprep.  It has been registered by the IANA
234
   in the stringprep profile registry
235
   (www.iana.org/assignments/stringprep-profiles).
236

237
      Name of this profile:
238
         Nameprep
239

240
      RFC in which the profile is defined:
241
         This document.
242

243
      Indicator whether or not this is the newest version of the
244
      profile:
245
         This is the first version of Nameprep.
246

247
11. Acknowledgements
248

249
   Many people from the IETF IDN Working Group and the Unicode Technical
250
   Committee contributed ideas that went into this document.
251

252
   The IDN Nameprep design team made many useful changes to the
253
   document.  That team and its advisors include:
254

255
      Asmus Freytag
256
      Cathy Wissink
257
      Francois Yergeau
258
      James Seng
259
      Marc Blanchet
260
      Mark Davis
261
      Martin Duerst
262
      Patrik Faltstrom
263
      Paul Hoffman
264

265
   Additional significant improvements were proposed by:
266

267
      Jonathan Rosenne
268
      Kent Karlsson
269
      Scott Hollenbeck
270
      Dave Crocker
271
      Erik Nordmark
272
      Matitiahu Allouche
273

274

275

276

277

278

279

280

281

282
Hoffman & Blanchet          Standards Track                     [Page 5]
283

284
RFC 3491                      IDN Nameprep                    March 2003
285

286

287
12. Authors' Addresses
288

289
   Paul Hoffman
290
   Internet Mail Consortium and VPN Consortium
291
   127 Segre Place
292
   Santa Cruz, CA  95060 USA
293

294
   EMail: [email protected] and [email protected]
295

296

297
   Marc Blanchet
298
   Viagenie inc.
299
   2875 boul. Laurier, bur. 300
300
   Ste-Foy, Quebec, Canada, G1V 2M2
301

302
   EMail: [email protected]
303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338
Hoffman & Blanchet          Standards Track                     [Page 6]
339

340
RFC 3491                      IDN Nameprep                    March 2003
341

342

343
13.  Full Copyright Statement
344

345
   Copyright (C) The Internet Society (2003).  All Rights Reserved.
346

347
   This document and translations of it may be copied and furnished to
348
   others, and derivative works that comment on or otherwise explain it
349
   or assist in its implementation may be prepared, copied, published
350
   and distributed, in whole or in part, without restriction of any
351
   kind, provided that the above copyright notice and this paragraph are
352
   included on all such copies and derivative works.  However, this
353
   document itself may not be modified in any way, such as by removing
354
   the copyright notice or references to the Internet Society or other
355
   Internet organizations, except as needed for the purpose of
356
   developing Internet standards in which case the procedures for
357
   copyrights defined in the Internet Standards process must be
358
   followed, or as required to translate it into languages other than
359
   English.
360

361
   The limited permissions granted above are perpetual and will not be
362
   revoked by the Internet Society or its successors or assigns.
363

364
   This document and the information contained herein is provided on an
365
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
366
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
367
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
368
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
369
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
370

371
Acknowledgement
372

373
   Funding for the RFC Editor function is currently provided by the
374
   Internet Society.
375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394
Hoffman & Blanchet          Standards Track                     [Page 7]
395

396

397