Re: [I18ndir] I18ndir early review of draft-ietf-dispatch-javascript-mjs-07

Barry Leiba <barryleiba@computer.org> Mon, 11 May 2020 22:57 UTC

Return-Path: <barryleiba@gmail.com>
X-Original-To: i18ndir@ietfa.amsl.com
Delivered-To: i18ndir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF7043A0DC4; Mon, 11 May 2020 15:57:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.398
X-Spam-Level:
X-Spam-Status: No, score=-1.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FxTNYpeKGhbp; Mon, 11 May 2020 15:57:29 -0700 (PDT)
Received: from mail-il1-f170.google.com (mail-il1-f170.google.com [209.85.166.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A70E43A0D82; Mon, 11 May 2020 15:57:28 -0700 (PDT)
Received: by mail-il1-f170.google.com with SMTP id b71so3556524ilg.8; Mon, 11 May 2020 15:57:28 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Kp521LaELJvYUdXwZMn+yRywltR9LHVMPMAAhf3eByU=; b=pfWBxe/Fr8/q3dBPP+NV8J1JKUnY4eMKofnxLDi5CkqogOTT/9SM/mANyeNDzooYPo Zq0eD+snJwFaAqLdsk42Pzqtcs986D5bZPgWfW1j8ZIMv4mTH2pDvyso5INhg7rSULQw MP33K60OdlQS5TzvpXRe3nkgNx5/z3SchGV5gUbWb+km+gtLNhwlo6eD845IV6+UkFv+ KcKnxz39YTO5BMsnQW3tVRhAHUblCLif3lhbOJeYuy3jpTKJrLp9uGdwtlm1vpAwiKDT Qo0XVFvhX+iqYcTkbh3CtsMFt8gLudoWLEJcis2VF7jRVGAcWkaR+fSKrCiUBiAcblQb ig3Q==
X-Gm-Message-State: AGi0PuZcKSUVmC6caMhkIsyV3WiybYL9TA6ISzSORSTC5FAJfzxZN/1a JnhMHMX8sycytselznfBDo1J2Nn0sNIVgKVaTyY=
X-Google-Smtp-Source: APiQypITC48M23pM/0L59zNKoXW/b9I8muXtqsbikg5KoCxfJHk1se5NLCLYa4OYr8M/F3e5Lwk/LNPp0lrI6IEpNLM=
X-Received: by 2002:a05:6e02:12a2:: with SMTP id f2mr12682185ilr.140.1589237847558; Mon, 11 May 2020 15:57:27 -0700 (PDT)
MIME-Version: 1.0
References: <158896904545.17044.5288882047334991439@ietfa.amsl.com> <CAD7Fb3diej1-3fAgqZsS_E9wOs1KC=OwVWbvxV5mVjOdQEQm5g@mail.gmail.com> <alpine.OSX.2.22.407.2005081926580.81728@ary.qy> <C6B94276-EB9F-4A5B-9E1B-0DE170A05EBC@frobbit.se> <alpine.OSX.2.22.407.2005091233350.84818@ary.qy> <CADizRgbDAYBEarwSippGrL3VYzM=n4aH0OSWMWvRUFTaGVmvVg@mail.gmail.com> <alpine.OSX.2.22.407.2005111250001.4953@ary.qy> <841F372D6CFE1C52B07D0A25@PSB> <CANnEKUY0aN=hoQg0BVoV3i5op5MJQJpH2GU6j7PYVp-4zv0mxQ@mail.gmail.com>
In-Reply-To: <CANnEKUY0aN=hoQg0BVoV3i5op5MJQJpH2GU6j7PYVp-4zv0mxQ@mail.gmail.com>
From: Barry Leiba <barryleiba@computer.org>
Date: Mon, 11 May 2020 18:57:16 -0400
Message-ID: <CALaySJ+VnD38qcEx_LvHjn96VO3g3e3ZOY0Vcb5cXCjViKLoMA@mail.gmail.com>
To: Bradley Farias <bradley.meck@gmail.com>
Cc: DISPATCH WG <dispatch@ietf.org>, John C Klensin <john-ietf@jck.com>, John R Levine <johnl@taugh.com>, Mathias Bynens <mths@google.com>, draft-ietf-dispatch-javascript-mjs.all@ietf.org, i18ndir@ietf.org
Content-Type: multipart/alternative; boundary="0000000000005e11d905a5674573"
Archived-At: <https://mailarchive.ietf.org/arch/msg/i18ndir/Cbuj49PpXrh5DHTVQnhbNMUdGrE>
Subject: Re: [I18ndir] I18ndir early review of draft-ietf-dispatch-javascript-mjs-07
X-BeenThere: i18ndir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Internationalization Directorate <i18ndir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i18ndir>, <mailto:i18ndir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i18ndir/>
List-Post: <mailto:i18ndir@ietf.org>
List-Help: <mailto:i18ndir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i18ndir>, <mailto:i18ndir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 May 2020 22:57:34 -0000

Thanks for this, Bradley.  A couple of clarifications, to make sure we’re
together on this:

The IETF crowd can tend to be blunt — sorry for that.  If it helps, keep in
mind that the purpose in that bluntness is not to insult, but to aim for
the highest quality documents we can get.

As to the higher bar for non-WG documents, it’s not that there’s a higher
bar for the document content — we’re looking, as I say, for high quality in
general — but a higher bar for getting reviews at this stage.  Working
group documents have time in working group development and review, and the
IETF last call process is bringing the document to the community beyond the
working group for final review.  Non-WG documents lack the work and review
in the working group, and, frequently, the first significant review is
during last call.  There is, consequently, a stronger-than-usual desire to
ensure thorough review at this stage.

I, as the sponsoring AD, am aware of the work that’s been done on the
document already, and am not concerned, in general, about the quality of
that.    That said, this particular review is from experts in
internationalization issues, and that’s a quite specialized skill set held
by a relatively few participants.  It’s really important to get this part
right, and I very much appreciate their review and discussion.  I hope we
can put all this together to make the document even better.

Barry, ART AD

On Mon, May 11, 2020 at 6:21 PM Bradley Farias <bradley.meck@gmail.com>
wrote:

> Forgive me, but the tone appears to be rather harsh against people who
> have spent quite a few years waiting on this document to even get to a
> visibility that we can discuss things. Per Adam Roach's recommendation we
> did not go through a WG when I made this document years ago. The past few
> emails seem rather derisive against such decisions, but I am still new to
> IETF workings and would love help through the process; there seems to be
> issues that cause me some personal confusion on the intent of a review.
>
> Is there a way we can follow or be aided such that we can reach the
> "higher bar" that we are unaware we were missing here such that we can go
> for a normative change? I'm unclear but it seems like there is a desire to
> design some solution for concerns about ECMA262 in host environments
> but I'm unclear on this being the venue to do so and would be appreciative
> of guidance on how to proceed.
>
> Additionally, I have concerns with shipping things like MIMEs that are not
> supported in any environment and are not discussed in the host venues they
> intend to be used in and without any buy in from a host. This document is
> trying to be normative to match the environment scenarios of not just
> browsers but other environments that run ECMAScript such as server side
> environments like Node.js are using text/javascript as the preferred
> non-obsoleted form in order to coalesce around a standard that matches the
> browser recommendations. The reversal of the application/javascript as the
> preferred MIME was intentionally discussed in those environments. I'm
> unclear on how creation of a new MIME would help here given we cannot
> remove support for the status quo; creation of a new MIME seems like it
> would require implementer interest to be a viable replacement.
>
> Per things like hash bang comments and concerns about the language being
> different from when older RFCs existed; I would view this document as being
> a way to catch up to at least the status quo; creation of
> unrelated evolution of standards paths that are not intended to match the
> status quo likely won't be useful without other standards groups buy in. In
> the future I'm sure people with such varied interests in the evolution of
> ECMAScript certainly could participate in the evolution of the language if
> they want to, but that was not the intent of this document. It seems like
> an additional RFC might be desirable for other issues we are seeing brought
> up here? Once again, I'm less familiar with IETF process and am unclear if
> all possible design decisions need to be made in this document.
>
> On Mon, May 11, 2020 at 2:16 PM John C Klensin <john-ietf@jck.com> wrote:
>
>>
>>
>> --On Monday, May 11, 2020 12:55 -0400 John R Levine
>> <johnl@taugh.com> wrote:
>>
>> >> At this point, I'm afraid the ship has sailed. Introducing
>> >> yet another MIME type *now* is unlikely to gain adoption in
>> >> the HTML Standard, browsers, or on the web (because it
>> >> wouldn't be backwards compatible). Let's not publish
>> >> specs that intentionally conflict with both the HTML Standard
>> >> and web reality.
>> >
>> > It actually would be backward compatible because of the advice
>> > to use Accept media types to tell when to send which media
>> > type, but if browsers aren't going to do it, I guess we put a
>> > warning in the security section and give up.
>>
>> Well, just a minute.  Despite approval by DISPATCH for further
>> discussion and processing, this is basically an individual
>> submission, not a draft developed by a WG.  With the
>> understanding that what I'm about to say is not I18n-specific
>> and therefore should perhaps go on the agenda of the next
>> DISPATCH meeting or wait for IETF Last Call, the IETF has, as
>> Patrik has pointed out, both a collection of standards-track and
>> BCP specifications in these areas and experience with what
>> happens when other approaches (like reliance on name suffixes)
>> are used instead.  Recommending something else is not just a
>> matter of Security Considerations and, fwiw, I note that at
>> least one document has been stuck after IETF Last Call completed
>> in September because the IESG had DISCUSS-level concerns about
>> telling implementers what they should do if they chose to not
>> conform to the IETF's normative recommendations.   If this is
>> really just a description of what browser vendors are doing or
>> will do now and in the future, then we have a long history of
>> publishing "for the information of the community, this is what
>> some vendor or cluster of vendors are doing" descriptive
>> Informational documents.  They are not standards track, they do
>> not use normative language (2119/8174 terminology included),
>> they just describe what is being done and are quite explicit
>> about that.
>>
>> So, if the decision criteria for what belongs in this I-D is
>> "whatever the browser vendors are going to do whether the IETF
>> thinks it is a good idea or not", then let's see it recast as a
>> "what is being done in practice" description, with the normative
>> language removed or transformed into "if you want to do what the
>> vendors are doing, then this is what you need to do" (or even
>> "should" do - noting lower case).  If that means updating the
>> registration for text/javascript (which, I note, is in the
>> registry at
>> https://www.iana.org/assignments/media-types/media-types.xhtml#text
>> as "OBSOLETED in favor of application/javascript" -- exactly the
>> opposite of which this I-D proposes) and application/javascript
>> to treat them as vendor registrations (applying the exception
>> for non-faceted names allowed by Appendix A of RFC 6838) then so
>> be it... because that is, apparently, the truth of the matter.
>>
>> Sorry, but it seems to me that this document is trying to have
>> it both (or all three) ways: to be a normative document without
>> meeting the higher bar the IETF usually applies for standards
>> track documents, to be a vendor specification without making
>> that clear in the text (and noting that vendor specifications
>> are still expected to have accurate Security Considerations
>> sections), and to make requirements that are at variances with
>> significant community experience about bad results when similar
>> things have been done in only slightly different areas and still
>> expect IETF consensus for the document.  I don't think that
>> works.  YMMD.
>>
>> And...
>>
>> >> It's not entirely harmless. The following JS program
>> >> behaves differently if it's preceded by a BOM:
>> >>
>> >> # !/usr/bin/env bash
>> >
>> > I really don't want to know when self-running shell scripts
>> > became part of Ecmascript.
>>
>> Presumably, by an extension of the comments that caused the rant
>> above, whatever "part of ECMAscript" means, they are a
>> consideration because some or all browser vendors decided to
>> treat them as if they were.
>>
>>     john
>>
>>