1226031Sstas 2226031Sstas 3226031Sstas 4226031Sstas 5226031Sstas 6226031Sstas 7226031SstasNetwork Working Group K. Zeilenga 8226031SstasRequest for Comments: 4013 OpenLDAP Foundation 9226031SstasCategory: Standards Track February 2005 10226031Sstas 11226031Sstas 12226031Sstas SASLprep: Stringprep Profile for User Names and Passwords 13226031Sstas 14226031SstasStatus of This Memo 15226031Sstas 16226031Sstas This document specifies an Internet standards track protocol for the 17226031Sstas Internet community, and requests discussion and suggestions for 18226031Sstas improvements. Please refer to the current edition of the "Internet 19226031Sstas Official Protocol Standards" (STD 1) for the standardization state 20226031Sstas and status of this protocol. Distribution of this memo is unlimited. 21226031Sstas 22226031SstasCopyright Notice 23226031Sstas 24226031Sstas Copyright (C) The Internet Society (2005). 25226031Sstas 26226031SstasAbstract 27226031Sstas 28226031Sstas This document describes how to prepare Unicode strings representing 29226031Sstas user names and passwords for comparison. The document defines the 30226031Sstas "SASLprep" profile of the "stringprep" algorithm to be used for both 31226031Sstas user names and passwords. This profile is intended to be used by 32226031Sstas Simple Authentication and Security Layer (SASL) mechanisms (such as 33226031Sstas PLAIN, CRAM-MD5, and DIGEST-MD5), as well as other protocols 34226031Sstas exchanging simple user names and/or passwords. 35226031Sstas 36226031Sstas1. Introduction 37226031Sstas 38226031Sstas The use of simple user names and passwords in authentication and 39226031Sstas authorization is pervasive on the Internet. To increase the 40226031Sstas likelihood that user name and password input and comparison work in 41226031Sstas ways that make sense for typical users throughout the world, this 42226031Sstas document defines rules for preparing internationalized user names and 43226031Sstas passwords for comparison. For simplicity and implementation ease, a 44226031Sstas single algorithm is defined for both user names and passwords. 45226031Sstas 46226031Sstas The algorithm assumes all strings are comprised of characters from 47226031Sstas the Unicode [Unicode] character set. 48226031Sstas 49226031Sstas This document defines the "SASLprep" profile of the "stringprep" 50226031Sstas algorithm [StringPrep]. 51226031Sstas 52226031Sstas The profile is designed for use in Simple Authentication and Security 53226031Sstas Layer ([SASL]) mechanisms, such as [PLAIN], [CRAM-MD5], and 54226031Sstas [DIGEST-MD5]. It may be applicable where simple user names and 55226031Sstas 56226031Sstas 57226031Sstas 58226031SstasZeilenga Standards Track [Page 1] 59226031Sstas 60226031SstasRFC 4013 SASLprep February 2005 61226031Sstas 62226031Sstas 63226031Sstas passwords are used. This profile is not intended for use in 64226031Sstas preparing identity strings that are not simple user names (e.g., 65226031Sstas email addresses, domain names, distinguished names), or where 66226031Sstas identity or password strings that are not character data, or require 67226031Sstas different handling (e.g., case folding). 68226031Sstas 69226031Sstas This document does not alter the technical specification of any 70226031Sstas existing protocols. Any specification that wishes to use the 71226031Sstas algorithm described in this document needs to explicitly incorporate 72226031Sstas this document and provide precise details as to where and how this 73226031Sstas algorithm is used by implementations of that specification. 74226031Sstas 75226031Sstas2. The SASLprep Profile 76226031Sstas 77226031Sstas This section defines the "SASLprep" profile of the "stringprep" 78226031Sstas algorithm [StringPrep]. This profile is intended for use in 79226031Sstas preparing strings representing simple user names and passwords. 80226031Sstas 81226031Sstas This profile uses Unicode 3.2 [Unicode]. 82226031Sstas 83226031Sstas Character names in this document use the notation for code points and 84226031Sstas names from the Unicode Standard [Unicode]. For example, the letter 85226031Sstas "a" may be represented as either <U+0061> or <LATIN SMALL LETTER A>. 86226031Sstas In the lists of mappings and the prohibited characters, the "U+" is 87226031Sstas left off to make the lists easier to read. The comments for 88226031Sstas character ranges are shown in square brackets (such as "[CONTROL 89226031Sstas CHARACTERS]") and do not come from the standard. 90226031Sstas 91226031Sstas Note: A glossary of terms used in Unicode can be found in [Glossary]. 92226031Sstas Information on the Unicode character encoding model can be found in 93226031Sstas [CharModel]. 94226031Sstas 95226031Sstas2.1. Mapping 96226031Sstas 97226031Sstas This profile specifies: 98226031Sstas 99226031Sstas - non-ASCII space characters [StringPrep, C.1.2] that can be 100226031Sstas mapped to SPACE (U+0020), and 101226031Sstas 102226031Sstas - the "commonly mapped to nothing" characters [StringPrep, B.1] 103226031Sstas that can be mapped to nothing. 104226031Sstas 105226031Sstas2.2. Normalization 106226031Sstas 107226031Sstas This profile specifies using Unicode normalization form KC, as 108226031Sstas described in Section 4 of [StringPrep]. 109226031Sstas 110226031Sstas 111226031Sstas 112226031Sstas 113226031Sstas 114226031SstasZeilenga Standards Track [Page 2] 115226031Sstas 116226031SstasRFC 4013 SASLprep February 2005 117226031Sstas 118226031Sstas 119226031Sstas2.3. Prohibited Output 120226031Sstas 121226031Sstas This profile specifies the following characters as prohibited input: 122226031Sstas 123226031Sstas - Non-ASCII space characters [StringPrep, C.1.2] 124226031Sstas - ASCII control characters [StringPrep, C.2.1] 125226031Sstas - Non-ASCII control characters [StringPrep, C.2.2] 126226031Sstas - Private Use characters [StringPrep, C.3] 127226031Sstas - Non-character code points [StringPrep, C.4] 128226031Sstas - Surrogate code points [StringPrep, C.5] 129226031Sstas - Inappropriate for plain text characters [StringPrep, C.6] 130226031Sstas - Inappropriate for canonical representation characters 131226031Sstas [StringPrep, C.7] 132226031Sstas - Change display properties or deprecated characters 133226031Sstas [StringPrep, C.8] 134226031Sstas - Tagging characters [StringPrep, C.9] 135226031Sstas 136226031Sstas2.4. Bidirectional Characters 137226031Sstas 138226031Sstas This profile specifies checking bidirectional strings as described in 139226031Sstas [StringPrep, Section 6]. 140226031Sstas 141226031Sstas2.5. Unassigned Code Points 142226031Sstas 143226031Sstas This profile specifies the [StringPrep, A.1] table as its list of 144226031Sstas unassigned code points. 145226031Sstas 146226031Sstas3. Examples 147226031Sstas 148226031Sstas The following table provides examples of how various character data 149226031Sstas is transformed by the SASLprep string preparation algorithm 150226031Sstas 151226031Sstas # Input Output Comments 152226031Sstas - ----- ------ -------- 153226031Sstas 1 I<U+00AD>X IX SOFT HYPHEN mapped to nothing 154226031Sstas 2 user user no transformation 155226031Sstas 3 USER USER case preserved, will not match #2 156226031Sstas 4 <U+00AA> a output is NFKC, input in ISO 8859-1 157226031Sstas 5 <U+2168> IX output is NFKC, will match #1 158226031Sstas 6 <U+0007> Error - prohibited character 159226031Sstas 7 <U+0627><U+0031> Error - bidirectional check 160226031Sstas 161226031Sstas4. Security Considerations 162226031Sstas 163226031Sstas This profile is intended to prepare simple user name and password 164226031Sstas strings for comparison or use in cryptographic functions (e.g., 165226031Sstas message digests). The preparation algorithm was specifically 166226031Sstas designed such that its output is canonical, and it is well-formed. 167226031Sstas 168226031Sstas 169226031Sstas 170226031SstasZeilenga Standards Track [Page 3] 171226031Sstas 172226031SstasRFC 4013 SASLprep February 2005 173226031Sstas 174226031Sstas 175226031Sstas However, due to an anomaly [PR29] in the specification of Unicode 176226031Sstas normalization, canonical equivalence is not guaranteed for a select 177226031Sstas few character sequences. These sequences, however, do not appear in 178226031Sstas well-formed text. This specification was published despite this 179226031Sstas known technical problem. It is expected that this specification will 180226031Sstas be revised before further progression on the Standards Track (after 181226031Sstas [Unicode] and/or [StringPrep] specifications have been updated to 182226031Sstas address this problem). 183226031Sstas 184226031Sstas It is not intended for preparing identity strings that are not simple 185226031Sstas user names (e.g., distinguished names, domain names), nor is the 186226031Sstas profile intended for use of simple user names that require different 187226031Sstas handling (such as case folding). Protocols (or applications of those 188226031Sstas protocols) that have application-specific identity forms and/or 189226031Sstas comparison algorithms should use mechanisms specifically designed for 190226031Sstas these forms and algorithms. 191226031Sstas 192226031Sstas Application of string preparation may have an impact upon the 193226031Sstas feasibility of brute force and dictionary attacks. While the number 194226031Sstas of possible prepared strings is less than the number of possible 195226031Sstas Unicode strings, the number of usable names and passwords is greater 196226031Sstas than as if only ASCII was used. Though SASLprep eliminates some 197226031Sstas Unicode code point sequences as possible prepared strings, that 198226031Sstas elimination generally makes the (canonical) output forms practicable 199226031Sstas and prohibits nonsensical inputs. 200226031Sstas 201226031Sstas User names and passwords should be protected from eavesdropping. 202226031Sstas 203226031Sstas General "stringprep" and Unicode security considerations apply. Both 204226031Sstas are discussed in [StringPrep]. 205226031Sstas 206226031Sstas5. IANA Considerations 207226031Sstas 208226031Sstas This document details the "SASLprep" profile of the [StringPrep] 209226031Sstas protocol. This profile has been registered in the stringprep profile 210226031Sstas registry. 211226031Sstas 212226031Sstas Name of this profile: SASLprep 213226031Sstas RFC in which the profile is defined: RFC 4013 214226031Sstas Indicator whether or not this is the newest version of the 215226031Sstas profile: This is the first version of the SASPprep profile. 216226031Sstas 217226031Sstas6. Acknowledgement 218226031Sstas 219226031Sstas This document borrows text from "Preparation of Internationalized 220226031Sstas Strings ('stringprep')" and "Nameprep: A Stringprep Profile for 221226031Sstas Internationalized Domain Names", both by Paul Hoffman and Marc 222226031Sstas Blanchet. This document is a product of the IETF SASL WG. 223226031Sstas 224226031Sstas 225226031Sstas 226226031SstasZeilenga Standards Track [Page 4] 227226031Sstas 228226031SstasRFC 4013 SASLprep February 2005 229226031Sstas 230226031Sstas 231226031Sstas7. Normative References 232226031Sstas 233226031Sstas [StringPrep] Hoffman, P. and M. Blanchet, "Preparation of 234226031Sstas Internationalized Strings ("stringprep")", RFC 3454, 235226031Sstas December 2002. 236226031Sstas 237226031Sstas [Unicode] The Unicode Consortium, "The Unicode Standard, Version 238226031Sstas 3.2.0" is defined by "The Unicode Standard, Version 239226031Sstas 3.0" (Reading, MA, Addison-Wesley, 2000. ISBN 0-201- 240226031Sstas 61633-5), as amended by the "Unicode Standard Annex 241226031Sstas #27: Unicode 3.1" 242226031Sstas (http://www.unicode.org/reports/tr27/) and by the 243226031Sstas "Unicode Standard Annex #28: Unicode 3.2" 244226031Sstas (http://www.unicode.org/reports/tr28/). 245226031Sstas 246226031Sstas8. Informative References 247226031Sstas 248226031Sstas [Glossary] The Unicode Consortium, "Unicode Glossary", 249226031Sstas <http://www.unicode.org/glossary/>. 250226031Sstas 251226031Sstas [CharModel] Whistler, K. and M. Davis, "Unicode Technical Report 252226031Sstas #17, Character Encoding Model", UTR17, 253226031Sstas <http://www.unicode.org/unicode/reports/tr17/>, August 254226031Sstas 2000. 255226031Sstas 256226031Sstas [SASL] Melnikov, A., Ed., "Simple Authentication and Security 257226031Sstas Layer (SASL)", Work in Progress. 258226031Sstas 259226031Sstas [CRAM-MD5] Nerenberg, L., "The CRAM-MD5 SASL Mechanism", Work in 260226031Sstas Progress. 261226031Sstas 262226031Sstas [DIGEST-MD5] Leach, P., Newman, C., and A. Melnikov, "Using Digest 263226031Sstas Authentication as a SASL Mechanism", Work in Progress. 264226031Sstas 265226031Sstas [PLAIN] Zeilenga, K., Ed., "The Plain SASL Mechanism", Work in 266226031Sstas Progress. 267226031Sstas 268226031Sstas [PR29] "Public Review Issue #29: Normalization Issue", 269226031Sstas <http://www.unicode.org/review/pr-29.html>, February 270226031Sstas 2004. 271226031Sstas 272226031SstasAuthor's Address 273226031Sstas 274226031Sstas Kurt D. Zeilenga 275226031Sstas OpenLDAP Foundation 276226031Sstas 277226031Sstas EMail: Kurt@OpenLDAP.org 278226031Sstas 279226031Sstas 280226031Sstas 281226031Sstas 282226031SstasZeilenga Standards Track [Page 5] 283226031Sstas 284226031SstasRFC 4013 SASLprep February 2005 285226031Sstas 286226031Sstas 287226031SstasFull Copyright Statement 288226031Sstas 289226031Sstas Copyright (C) The Internet Society (2005). 290226031Sstas 291226031Sstas This document is subject to the rights, licenses and restrictions 292226031Sstas contained in BCP 78, and except as set forth therein, the authors 293226031Sstas retain all their rights. 294226031Sstas 295226031Sstas This document and the information contained herein are provided on an 296226031Sstas "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 297226031Sstas OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 298226031Sstas ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 299226031Sstas INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 300226031Sstas INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 301226031Sstas WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 302226031Sstas 303226031SstasIntellectual Property 304226031Sstas 305226031Sstas The IETF takes no position regarding the validity or scope of any 306226031Sstas Intellectual Property Rights or other rights that might be claimed to 307226031Sstas pertain to the implementation or use of the technology described in 308226031Sstas this document or the extent to which any license under such rights 309226031Sstas might or might not be available; nor does it represent that it has 310226031Sstas made any independent effort to identify any such rights. Information 311226031Sstas on the IETF's procedures with respect to rights in IETF Documents can 312226031Sstas be found in BCP 78 and BCP 79. 313226031Sstas 314226031Sstas Copies of IPR disclosures made to the IETF Secretariat and any 315226031Sstas assurances of licenses to be made available, or the result of an 316226031Sstas attempt made to obtain a general license or permission for the use of 317226031Sstas such proprietary rights by implementers or users of this 318226031Sstas specification can be obtained from the IETF on-line IPR repository at 319226031Sstas http://www.ietf.org/ipr. 320226031Sstas 321226031Sstas The IETF invites any interested party to bring to its attention any 322226031Sstas copyrights, patents or patent applications, or other proprietary 323226031Sstas rights that may cover technology that may be required to implement 324226031Sstas this standard. Please address the information to the IETF at ietf- 325226031Sstas ipr@ietf.org. 326226031Sstas 327226031Sstas 328226031SstasAcknowledgement 329226031Sstas 330226031Sstas Funding for the RFC Editor function is currently provided by the 331226031Sstas Internet Society. 332226031Sstas 333226031Sstas 334226031Sstas 335226031Sstas 336226031Sstas 337226031Sstas 338226031SstasZeilenga Standards Track [Page 6] 339226031Sstas 340