Re: [apps-discuss] CONTEXTJ in TLD DNS-Labels (draft-liman-tld-names-05)

Paul Hoffman <paul.hoffman@vpnc.org> Tue, 19 July 2011 14:56 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9825D21F889D for <apps-discuss@ietfa.amsl.com>; Tue, 19 Jul 2011 07:56:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.494
X-Spam-Level:
X-Spam-Status: No, score=-102.494 tagged_above=-999 required=5 tests=[AWL=-0.195, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YuIN1YOVT5sD for <apps-discuss@ietfa.amsl.com>; Tue, 19 Jul 2011 07:56:08 -0700 (PDT)
Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id 9343C21F873D for <apps-discuss@ietf.org>; Tue, 19 Jul 2011 07:56:03 -0700 (PDT)
Received: from [10.20.30.101] (50-0-66-4.dsl.dynamic.fusionbroadband.com [50.0.66.4]) (authenticated bits=0) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p6JEtVvO023893 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 19 Jul 2011 07:55:32 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset=iso-8859-1
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <5AC1318B-A219-4056-BD14-C90BEE85669E@frobbit.se>
Date: Tue, 19 Jul 2011 07:55:44 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <8159C20D-BF2B-42CB-9529-C870A2AD1572@vpnc.org>
References: <B464B2C6607E04FD0572AA74@192.168.1.128> <CANp6Ttw4MaAJy2VRvZ8929oBju9jL3b69PkSyFLi-SC4YaNTnw@mail.gmail.com> <5AC1318B-A219-4056-BD14-C90BEE85669E@frobbit.se>
To: =?iso-8859-1?Q?Patrik_F=E4ltstr=F6m?= <patrik@frobbit.se>
X-Mailer: Apple Mail (2.1084)
Cc: apps-discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] CONTEXTJ in TLD DNS-Labels (draft-liman-tld-names-05)
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2011 14:56:08 -0000

On Jul 18, 2011, at 10:25 PM, Patrik Fältström wrote:

> On 19 jul 2011, at 03.01, Behnam Esfahbod wrote:
> 
>> 2. If ZWNJ is claimed to cause confusion and phishing problems beyond what is
>>  normally acceptable for other symbols, it is up to the claimants to
>>  demonstrate this claim.
> 
> Actually, no.
> 
> When discussing security and stability of the Internet as a whole, it is the other way around. The first general principle is to ensure you do no harm. Then one can discuss whether the change is actually valuable.
> 
> So the burden of convincing the community is on the ones that do think a character like ZWNJ is to be allowed or not that the need for the character is greater than the potential harm in _any_ context it might be used in.

I am going to push back here, hard. The draft is about names used in exactly one zone, and that zone has exactly one administrator. Your statement about "_any_ context" is inappropriate for this draft.

As a zone administrator considers what it can safely put in its zone, it follows policies. Most zone administrators in the world have no policies whatsoever, and thus the IETF should make it less likely that they will do something dangerous. However, that is not a concern for this zone administrator. They have policies up the wazoo and literally hundreds (probably thousands) of people helping make those policies and being sure they are implemented.

So, for this draft, restrictions that are being made because that one administrator might make an unnoticed mistake are harmful. It is fine to give advice about security and stability; in fact, Patrik is already doing this in his role on SSAC. This draft, however, is exactly the wrong place to make statements that apply to any zone other than the one in the title.

Bullet points 2 and 3 in section 4 should be removed.

--Paul Hoffman