Stringprep Revision and Problem Statement for the Preparation and Comparison of Internationalized Strings (PRECIS)

Blanchet, Marc; Sullivan, Andrew

doi:10.17487/rfc6885

Cited by 4 publications

(8 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Many important terms used in this document are defined in [RFC5890], [RFC6365], [RFC6885], and [Unicode]. The terms "left-to-right" (LTR) and "right-to-left" (RTL) are defined in Unicode Standard Annex #9 [UAX9].…”

Section: Terminologymentioning

confidence: 99%

“…As described in the PRECIS problem statement [RFC6885], many IETF protocols have used the Stringprep framework [RFC3454] as the basis for preparing, enforcing, and comparing protocol strings that contain Unicode code points, especially code points outside the ASCII range [RFC20]. The Stringprep framework was developed during work on the original technology for internationalized domain names (IDNs), here called "IDNA2003" [RFC3490], and Nameprep [RFC3491] was the Stringprep profile for IDNs.…”

Section: Introductionmentioning

confidence: 99%

“…This migration away from Stringprep for IDNs prompted other "customers" of Stringprep to consider new approaches to the preparation, enforcement, and comparison of internationalized strings, as described in [RFC6885].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols

Blanchet¹,

Saint-Andre²

2017

Self Cite

View full text Add to dashboard Cite

show abstract

Section: Terminologymentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols

Blanchet¹,

Saint-Andre²

2017

Self Cite

View full text Add to dashboard Cite

show abstract

“…As described in the PRECIS problem statement [RFC6885], many IETF protocols have used the Stringprep framework [RFC3454] as the basis for preparing, enforcing, and comparing protocol strings that contain Unicode characters, especially characters outside the ASCII range [RFC20]. The Stringprep framework was developed during work on the original technology for internationalized domain names (IDNs), here called "IDNA2003" [RFC3490], and Nameprep [RFC3491] was the Stringprep profile for IDNs.…”

Section: Introductionmentioning

confidence: 99%

“…Therefore, the newer IDNA specifications, here called "IDNA2008" ([RFC5890], [RFC5891], [RFC5892], [RFC5893], [RFC5894]), no longer use Stringprep and Nameprep. This migration away from Stringprep for IDNs prompted other "customers" of Stringprep to consider new approaches to the preparation, enforcement, and comparison of internationalized strings, as described in [RFC6885].…”

Section: Introductionmentioning

confidence: 99%

PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols

Saint-Andre¹,

Blanchet²

2015

Self Cite

View full text Add to dashboard Cite

show abstract

Issues in Identifier Comparison for Security Purposes

Thaler¹

2013

View full text Add to dashboard Cite

Identifiers such as hostnames, URIs, IP addresses, and email addresses are often used in security contexts to identify security principals and resources. In such contexts, an identifier presented via some protocol is often compared using some policy to make security decisions such as whether the security principal may access the resource, what level of authentication or encryption is required, etc. If the parties involved in a security decision use different algorithms to compare identifiers, then failure scenarios ranging from denial of service to elevation of privilege can result. This document provides a discussion of these issues that designers should consider when defining identifiers and protocols, and when constructing architectures that use multiple protocols. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Architecture Board (IAB) and represents information that the IAB has deemed valuable to provide for permanent record. It represents the consensus of the Internet Architecture Board (IAB). Documents approved for publication by the IAB are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6943.

show abstract

Stringprep Revision and Problem Statement for the Preparation and Comparison of Internationalized Strings (PRECIS)

Abstract: If a protocol expects to compare two strings and is prepared only for those strings to be ASCII, then using Unicode code points in those strings requires they be prepared somehow. Internationalizing Domain Names in Applications

Cited by 4 publications

References 6 publications

PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols

PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols

PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols

Issues in Identifier Comparison for Security Purposes

Contact Info

Product

Resources

About