One document matched: draft-saintandre-username-interop-00.txt
Network Working Group P. Saint-Andre
Internet-Draft Cisco Systems, Inc.
Intended status: Informational May 8, 2013
Expires: November 9, 2013
Username Interoperability
draft-saintandre-username-interop-00
Abstract
Various Internet protocols have defined constructs for usernames.
This document describes a subset of characters to allow in usernames
for maximal interoperability across Internet protocols. The subset
might prove useful in cases where a provider offers multiple services
using the same underlying identifier.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 9, 2013.
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Saint-Andre Expires November 9, 2013 [Page 1]
Internet-Draft Username Interoperability May 2013
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Subset . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Security Considerations . . . . . . . . . . . . . . . . . . . . 3
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 3
5. Informative References . . . . . . . . . . . . . . . . . . . . 3
Appendix A. Analysis . . . . . . . . . . . . . . . . . . . . . . . 5
Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . . 9
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 9
Saint-Andre Expires November 9, 2013 [Page 2]
Internet-Draft Username Interoperability May 2013
1. Introduction
Various Internet protocols have defined constructs for usernames.
This document describes a subset of characters to allow in usernames
for maximal interoperability across Internet protocols. The subset
might prove useful in cases where a provider offers multiple services
using the same underlying identifier.
2. Subset
The following definition, in Augmented Backus-Naur Form (ABNF)
[RFC5234], describes an interoperable subset of characters for
localparts / usernames:
localpart = 1*(interopchar)
interopchar = ALPHA / DIGIT / "!" / "$" / "*" / "+"
/ "-" / "=" / "_" / "`" / "|" / "~"
The reasoning behind this subset is provided in Appendix A.
An internationalized version would add the 'ucschar' rule from
[RFC3987]. However, note that allowing characters outside the ASCII
range [RFC20] can introduce numerous complexities; such issues are
discussed in [I-D.ietf-precis-framework] among other specifications.
3. Security Considerations
Deploying usernames that are interoperable across multiple protocols
could potentially give malicious entities multiple ways to attack an
account or user.
4. IANA Considerations
This document has no actions for the IANA.
5. Informative References
[I-D.ietf-appsawg-acct-uri]
Saint-Andre, P., "The 'acct' URI Scheme",
draft-ietf-appsawg-acct-uri-04 (work in progress),
May 2013.
[I-D.ietf-precis-framework]
Saint-Andre, P. and M. Blanchet, "Precis Framework:
Saint-Andre Expires November 9, 2013 [Page 3]
Internet-Draft Username Interoperability May 2013
Handling Internationalized Strings in Protocols",
draft-ietf-precis-framework-06 (work in progress),
September 2012.
[RFC20] Cerf, V., "ASCII format for network interchange", RFC 20,
October 1969.
[RFC821] Postel, J., "Simple Mail Transfer Protocol", STD 10,
RFC 821, August 1982.
[RFC2822] Resnick, P., "Internet Message Format", RFC 2822,
April 2001.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002.
[RFC3856] Rosenberg, J., "A Presence Event Package for the Session
Initiation Protocol (SIP)", RFC 3856, August 2004.
[RFC3860] Peterson, J., "Common Profile for Instant Messaging
(CPIM)", RFC 3860, August 2004.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, January 2005.
[RFC3987] Duerst, M. and M. Suignard, "Internationalized Resource
Identifiers (IRIs)", RFC 3987, January 2005.
[RFC4120] Neuman, C., Yu, T., Hartman, S., and K. Raeburn, "The
Kerberos Network Authentication Service (V5)", RFC 4120,
July 2005.
[RFC4282] Aboba, B., Beadles, M., Arkko, J., and P. Eronen, "The
Network Access Identifier", RFC 4282, December 2005.
[RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", STD 68, RFC 5234, January 2008.
[RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322,
October 2008.
[RFC6120] Saint-Andre, P., "Extensible Messaging and Presence
Protocol (XMPP): Core", RFC 6120, March 2011.
Saint-Andre Expires November 9, 2013 [Page 4]
Internet-Draft Username Interoperability May 2013
Appendix A. Analysis
This document takes the following username constructs into
consideration:
o Email addresses [RFC5322]
o Kerberos Principal Names [RFC4120]
o Network Address Identifiers [RFC4282]
o SIP URIs [RFC3261]
o Instant messaging URIs [RFC3860] and presence URIs [RFC3856]
o XMPP addresses (a.k.a. Jabber Identifiers) [RFC6120]
o Account URIs [I-D.ietf-appsawg-acct-uri]
Each of those address formats defines something that can be used as
the "local part" of an address.
The local part of an email address uses either the "local-part" or
the "dot-atom-text" rule in [RFC5322]. Here we make the simplifying
assumption that the "dot-atom-text" rule applies:
dot-atom-text = 1*atext *("." 1*atext)
atext = ALPHA / DIGIT / ; Any character except
"!" / "#" / "$" / ; controls, SP, and
"%" / "&" / "'" / ; specials. Used for
"*" / "+" / "-" / ; atoms.
"/" / "=" / "?" /
"^" / "_" / "`" /
"{" / "|" / "}" /
"~"
We make the same simplifying assumption for im: and pres: URIs
(although their specifications reference [RFC2822]).
A Kerberos Principal Name is a sequence of strings of type
KerberosString, where each KerberosString is a GeneralString that is
constrained to contain only characters in IA5String.
PrincipalName ::= SEQUENCE {
name-type [0] Int32,
name-string [1] SEQUENCE OF KerberosString
}
KerberosString ::= GeneralString (IA5String)
A Network Address Identifier inherits from [RFC821]. Here we care
only about the "username" rule:
Saint-Andre Expires November 9, 2013 [Page 5]
Internet-Draft Username Interoperability May 2013
username = dot-string
dot-string = string
dot-string =/ dot-string "." string
string = char
string =/ string char
char = c
char =/ "\" x
c = %x21 ; '!' allowed
; '"' not allowed
c =/ %x23 ; '#' allowed
c =/ %x24 ; '$' allowed
c =/ %x25 ; '%' allowed
c =/ %x26 ; '&' allowed
c =/ %x27 ; ''' allowed
; '(', ')' not allowed
c =/ %x2A ; '*' allowed
c =/ %x2B ; '+' allowed
; ',' not allowed
c =/ %x2D ; '-' allowed
; '.' not allowed
c =/ %x2F ; '/' allowed
c =/ %x30-39 ; '0'-'9' allowed
; ';', ':', '<' not allowed
c =/ %x3D ; '=' allowed
; '>' not allowed
c =/ %x3F ; '?' allowed
; '@' not allowed
c =/ %x41-5a ; 'A'-'Z' allowed
; '[', '\', ']' not allowed
c =/ %x5E ; '^' allowed
c =/ %x5F ; '_' allowed
c =/ %x60 ; '`' allowed
c =/ %x61-7A ; 'a'-'z' allowed
c =/ %x7B ; '{' allowed
c =/ %x7C ; '|' allowed
c =/ %x7D ; '}' allowed
c =/ %x7E ; '~' allowed
; DEL not allowed
c =/ %x80-FF ; UTF-8-Octet allowed
x = %x00-FF ; all 128 ASCII characters
The local part of a sip:/sips: URI inherits from the "userinfo" rule
in [RFC3986] with several changes; here we discuss the SIP "user"
rule only:
Saint-Andre Expires November 9, 2013 [Page 6]
Internet-Draft Username Interoperability May 2013
user = 1*( unreserved / escaped / user-unreserved )
user-unreserved = "&" / "=" / "+" / "$" / "," / ";" / "?" / "/"
unreserved = alphanum / mark
mark = "-" / "_" / "." / "!" / "~" / "*" / "'"
/ "(" / ")"
The local part of an XMPP address allows any ASCII character except
space, controls, and the " & ' / : < > @ characters.
The 'acct' URI syntax borrows the 'host', 'pct-encoded', 'sub-
delims', 'unreserved' rules from [RFC3986]:
acctURI = "acct" ":" userpart "@" host
userpart = unreserved / sub-delims
0*( unreserved / pct-encoded / sub-delims )
To summarize the foregoing information, the following table lists the
allowed and disallowed characters in the local part of identifiers
for each protocol (aside from the alphanumeric, space, and control
characters), in order by hexadecimal character number (where each "A"
row shows the allowed characters and each "D" row shows the
disallowed characters).
Saint-Andre Expires November 9, 2013 [Page 7]
Internet-Draft Username Interoperability May 2013
Table 1: Allowed and Disallowed Characters (Non-Alphanumeric)
+---+----------------------------------+
| EMAIL ADDRESSES, IM/PRES URIs |
+---+----------------------------------+
| A | ! #$%&' *+ - / = ? ^_`{|}~ |
| D | " () , . :;< > @[\] |
+---+----------------------------------+
| KERBEROS PRINCIPAL NAMES |
+---+----------------------------------+
| A | !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ |
| D | |
+---+----------------------------------+
| NETWORK ADDRESS IDENTIFIERS |
+---+----------------------------------+
| A | ! #$%&' *+ - / = ? ^_`{|}~ |
| D | " () , . :;< > @[\] |
+---+----------------------------------+
| SIP/SIPS URIs |
+---+----------------------------------+
| A | ! $ &'()*+,-./ ; = ? _ ~ |
| D | "# % : < > @[\]^ `{|} |
+---+----------------------------------+
| XMPP ADDRESSES |
+---+----------------------------------+
| A | ! #$% ()*+,-. ; = ? [\]^_`{|}~ |
| D | " &' /: < > @ |
+---+----------------------------------+
| ACCT URIs |
+---+----------------------------------+
| A | ! $%&'()*+,-. ; = \ ^_`{|}~ |
| D | "# /: < >?@[ ] |
+---+----------------------------------+
The interoperable subset allows only characters that are allows in
all of the foregoing formats, as shown in the following table.
Table 2: Subset Characters (Non-Alphanumeric)
+---+----------------------------------+
| INTEROPERABLE SUBSET |
+---+----------------------------------+
| A | ! $ *+ - = _` | ~ |
| D | "# %&'() , ./:;< >?@[\]^ { } |
+---+----------------------------------+
Saint-Andre Expires November 9, 2013 [Page 8]
Internet-Draft Username Interoperability May 2013
Appendix B. Acknowledgements
Thanks to Sean Turner for inspiring the work on this document.
Author's Address
Peter Saint-Andre
Cisco Systems, Inc.
1899 Wynkoop Street, Suite 600
Denver, CO 80202
USA
Phone: +1-303-308-3282
Email: psaintan@cisco.com
Saint-Andre Expires November 9, 2013 [Page 9]
| PAFTECH AB 2003-2026 | 2026-04-24 01:11:18 |