[secdir] [New-work] WG Review: Stringprep after IDNA2008 WG (newprep)

IESG Secretary <iesg-secretary@ietf.org> Tue, 11 May 2010 17:30 UTC

Return-Path: <new-work-bounces@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2F0243A6D55; Tue, 11 May 2010 10:30:06 -0700 (PDT)
X-Original-To: new-work@ietf.org
Delivered-To: new-work@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 0) id 4B58E3A6D01; Tue, 11 May 2010 10:30:02 -0700 (PDT)
From: IESG Secretary <iesg-secretary@ietf.org>
To: new-work@ietf.org
Mime-Version: 1.0
Message-Id: <20100511173002.4B58E3A6D01@core3.amsl.com>
Date: Tue, 11 May 2010 10:30:02 -0700 (PDT)
X-BeenThere: new-work@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: new-work-bounces@ietf.org
Errors-To: new-work-bounces@ietf.org
X-Mailman-Approved-At: Tue, 11 May 2010 10:54:01 -0700
Subject: [secdir] [New-work] WG Review: Stringprep after IDNA2008 WG (newprep)
X-BeenThere: secdir@ietf.org
Reply-To: iesg@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 May 2010 17:30:06 -0000

A new IETF working group has been proposed in the Applications Area.  The
IESG has not made any determination as yet. The following draft charter
was submitted, and is provided for informational purposes only. Please
send your comments to the IESG mailing list (iesg@ietf.org) 
by Tuesday, May 18, 2010.                                            

Stringprep after IDNA2008 WG (newprep)
--------------------------------------------------
Current Status: Proposed Working Group

Last modified: 2010-04-23

Chair(s):
  TBD

Applications Area Director(s):
  Alexey Melnikov <alexey.melnikov@isode.com>
  Peter Saint-Andre <stpeter@stpeter.im>

Applications Area Advisor:
  Peter Saint-Andre <stpeter@stpeter.im>

Mailing Lists:
  General Discussion: newprep@ietf.org
  To subscribe: https://www.ietf.org/mailman/listinfo/newprep
  Archive:
http://www.ietf.org/mail-archive/web/newprep/current/maillist.html


Description of Working Group:

Problem Statement

The use of non-ASCII strings in Internet protocols requires additional
processing to be handled properly. As part of the Internationalized
Domain Names (idn) work in 2003, a method for preparation and comparison
of internationalized strings was defined and generalized to be re-used
by other protocols. This "stringprep" method [RFC 3454] defines the
overall framework whereas specific protocols define their own profiles.
Known existing IETF profiles are:

- The Nameprep profile [RFC 3490] for use in Internationalized Domain
Names in Applications (IDNA)

- The iSCSI profile [RFC 3722] for use in Internet Small Computer
Systems Interface (iSCSI) Names

- The Nodeprep and Resourceprep profiles [RFC 3920] for use in the
Extensible Messaging and Presence Protocol (XMPP)

- The Policy MIB profile [RFC 4011] for use in the Simple Network
Management Protocol (SNMP)

- The SASLprep profile [RFC 4013] for use in the Simple Authentication
and Security Layer (SASL)

- The trace profile [RFC 4505] for use with the SASL ANONYMOUS mechanism

- The LDAP profile (RFC 4518] for use with LDAP

The IAB completed a review of IDN and made recommendations for change
[RFC 4690], which triggered a new version of the IDNA protocol called
IDNA2008. Whereas IDNA2003 was tied to Unicode 3.2 via stringprep,
IDNA2008 does not use the stringprep method, but instead uses an
algorithm based on the properties of Unicode characters, which makes it
agile to the Unicode database version. The protocols using stringprep
need Unicode version agility and therefore need to investigate how to
move from the current stringprep approach, with the associated
challenges of backward compatibility and migration.

Objectives

The goal of this group is to assess whether a new method based on the
IDNA2008 algorithmic approach is the appropriate path forward for
existing stringprep protocols as well as for other application protocols
requiring internationalized strings.

The group will evaluate if a new generalized framework based on the
algorithmic approach is appropriate and, if so, define it.

The group will analyze existing stringprep profiles and will do one of
the following with regard to each profile:

1. Develop a replacement for the profile in close collaboration with
the related protocol working group.

2. Collaborate with another active working group which will be
developing the new profile as part of its charter.

3. Advise the authors of profiles for which there is no active working
group how to proceed.

The group will also define a set of best current practices for
preparation and comparison of internationalized strings.

Because the framework, profile replacements, and guidelines are very
much interrelated, work on them will proceed in parallel as much as
possible.

In completing its tasks, the working group should collaborate with other
teams involved in internationalized identifiers, such as the IETF's IRI
and EAI working groups as well as other relevant standards development
organizations (e.g., the Unicode Consortium).

Deliverables

1. Problem statement / analysis of existing stringprep profiles
(Informational).

2. Possible new framework to replace stringprep (Standards Track).

3. Possible replacements for the existing IETF stringprep profiles as
listed earlier in this charter (Standards Track).

4. String preparation and comparison guidelines (BCP).

Milestones

Aug 2010 - Accept problem statement document as a WG item
Nov 2010 - Accept framework document as a WG item
Nov 2010 - Accept new profile documents as WG items
Dec 2010 - Start Working Group Last Call on problem statement document
Jan 2011 - Submit problem statement document to the IESG
Jan 2011 - Accept guidelines document as a WG item
May 2011 - Start Working Group Last Call on framework document
May 2011 - Start Working Group Last Call on new profile documents
Jun 2011 - Submit framework document to the IESG
Jun 2011 - Submit new profile documents to the IESG
Jun 2011 - Start Working Group Last Call on guidelines document
Aug 2011 - Submit guidelines document to the IESG
_______________________________________________
New-work mailing list
New-work@ietf.org
https://www.ietf.org/mailman/listinfo/new-work