Re: [I18nrp] Additional input needed for i18nRP BOF
Larry Masinter <LMM@acm.org> Fri, 08 June 2018 23:43 UTC
Return-Path: <masinter@gmail.com>
X-Original-To: i18nrp@ietfa.amsl.com
Delivered-To: i18nrp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id A6B9D130DE0
for <i18nrp@ietfa.amsl.com>; Fri, 8 Jun 2018 16:43:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.392
X-Spam-Level:
X-Spam-Status: No, score=-1.392 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001,
HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001,
RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001,
T_KAM_HTML_FONT_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 0gyhiSUL2_bc for <i18nrp@ietfa.amsl.com>;
Fri, 8 Jun 2018 16:43:16 -0700 (PDT)
Received: from mail-pl0-x229.google.com (mail-pl0-x229.google.com
[IPv6:2607:f8b0:400e:c01::229])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 51B0A130DC0
for <i18nrp@ietf.org>; Fri, 8 Jun 2018 16:43:16 -0700 (PDT)
Received: by mail-pl0-x229.google.com with SMTP id a7-v6so6618732plp.3
for <i18nrp@ietf.org>; Fri, 08 Jun 2018 16:43:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=sender:from:to:references:in-reply-to:subject:date:message-id
:mime-version:thread-index:content-language;
bh=cwxeC/UjPB6rj1/SvzKTfwAdj3wtK7gvv8yWeMONOVo=;
b=ZpftxEq06xLZFxJcqSAC71mtJfVqOA2ATpT5gJNfHl0slRYmH9tF/1hW/PZ2U23a7K
yH/UB1IGQhrLAqwGTXuhaMOlsNIs0dyLlDzGD+ffRVsaesFN9MM0/qgeD7bLtYZ6vpvU
cycGRT5TYyPDfgX95AowoPJc9t22KwTFfx+8wDH1LXo2jxVfMHigbxMYwvNTCgKrIEX2
1ayiKMdlmEwG7tgmN/+YI9Eq/iXsXsfcg3r86bkfjN16fFcRIOEC3YOOyw6asvRvYPOJ
uV3+5qvIqUvHACnvkSK5IHKp2uHySx28+mx7mhlFtm28C7BJyfUp17Ck/vQgfX3IeyJM
xa+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:sender:from:to:references:in-reply-to:subject
:date:message-id:mime-version:thread-index:content-language;
bh=cwxeC/UjPB6rj1/SvzKTfwAdj3wtK7gvv8yWeMONOVo=;
b=t/JIPArIU6SmJgLKG3imAzTlRj5Rb5y5bFIpKcLqKAI/csNh9USHJ4/vHEqC8Iom4L
NYDWaOqSNSAf+O5VK4S0cA05MFFqW7TjkhIx/ORtrGiD6lfqs0gOh3S2XONuIZ3oB51j
A2zxYtqc1YHiMmgRHVkpS0HVWs84VaNoUx43BZUENQiHdTfY5To+buqn+UFwiVcmA2rB
Rp3MjQr/OX5EvYy0Ftc4T3VRZ4Gk304+nwio55Qi1SdZ407AMD6NWr9R5dED1jLM1dvO
Sd2Uiflfk4kES1qhTU87ZxvPlRXuJkQwUWLi6NQ/PzXorxpVJPcybf7QbX+LJMWlVDoU
bgnA==
X-Gm-Message-State: APt69E1kr+4OGsQ57/7HG2DOdOEota5r78qJr8+DG6zT5W1gHSEwUC+m
a9FjrvYOMFxPqjxOyg4Sn7a+M514
X-Google-Smtp-Source: ADUXVKIWmwo2k+eL7bjrNN4O3sCcIiSzCn8MAgB9CzjKgSsfvTux42DcnrJ9gT0i7/ucAA6nnvP17A==
X-Received: by 2002:a17:902:7d09:: with SMTP id
z9-v6mr8479681pll.233.1528501395839;
Fri, 08 Jun 2018 16:43:15 -0700 (PDT)
Received: from TVPC (c-24-6-174-39.hsd1.ca.comcast.net. [24.6.174.39])
by smtp.gmail.com with ESMTPSA id q19-v6sm9551490pff.9.2018.06.08.16.43.13
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 08 Jun 2018 16:43:14 -0700 (PDT)
Sender: Larry Masinter <masinter@gmail.com>
From: Larry Masinter <LMM@acm.org>
X-Google-Original-From: "Larry Masinter" <lmm@acm.org>
To: "'Adam Roach'" <adam@nostrum.com>, "'John C Klensin'" <john-ietf@jck.com>,
<i18nrp@ietf.org>
References: <f997170c-3062-0241-e58d-7a3415fba983@nostrum.com>
<CE6F76BB323F1555D6B217A5@PSB> <013f01d3ff5c$4aa68ee0$dff3aca0$@acm.org>
<8f595761-129a-f1ab-9346-0e09706fbdbf@nostrum.com>
In-Reply-To: <8f595761-129a-f1ab-9346-0e09706fbdbf@nostrum.com>
Date: Fri, 8 Jun 2018 16:43:14 -0700
Message-ID: <01d701d3ff82$788c7a60$69a56f20$@acm.org>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_01D8_01D3FF47.CC2E65B0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQI/lRMnlZ0H8fBxFRZNABPbeBrOuQIlorxJAYcnC8UBfQWsG6NWfBkQ
Content-Language: en-us
Archived-At: <https://mailarchive.ietf.org/arch/msg/i18nrp/eF7Uk_bsRgIbTJ-9V_Ya_wGJxIw>
Subject: Re: [I18nrp] Additional input needed for i18nRP BOF
X-BeenThere: i18nrp@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Internationalization Review Procedures <i18nrp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i18nrp>,
<mailto:i18nrp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i18nrp/>
List-Post: <mailto:i18nrp@ietf.org>
List-Help: <mailto:i18nrp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i18nrp>,
<mailto:i18nrp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jun 2018 23:43:18 -0000
I’m trying to address what I think is a ‘process’ question: Dealing with unintentional confusables is not something that ‘more specifications’ can address, because what makes something confusable depends on too many factors that are transient, because the people who want a name with a problem they might not be aware of won’t care about the other 99% of bad cases, they just want THEIR name. Procedurally: * Stop trying to make standards-track documents about how to normalize names. * Widely available services or tools for avoiding confusable names would be handy, but they can err on the side of caution. * An informational document might be useful, perhaps starting with insightful emails on the list. Dealing with malicious confusables is mainly a security issue. You don’t need to know any of the details of whether something is or isn’t confusable except to acknowledge that the there is no complete agreement on how to compare Unicode strings and agreement is unlikely in the foreseeable future. Procedurally: * Introduction of confusables is part of the attack surface that the “Security Considerations” of any protocol with i18n elements must address. No separate I18N-considerations necessary. * Document how current services deal with confusables and mitigate the problems (phishing, domain name poaching, etc.) in a BCP if you can get some agreement on which Current Practices are Best. I’m trying to address process by suggesting things that IETF might be able to make progress on without new acquisition of expertise. Larry From: Adam Roach [mailto:adam@nostrum.com] Sent: Friday, June 8, 2018 12:34 PM ... Thanks, Larry. It's good to hear from you. This seems like sound advice. I'll point out that we're trying to determine a *process* for addressing i18n issues rather than addressing the actual issues right now.
- Re: [I18nrp] Additional input needed for i18nRP B… John R. Levine
- Re: [I18nrp] Additional input needed for i18nRP B… John C Klensin
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- [I18nrp] Additional input needed for i18nRP BOF Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… Eliot Lear (elear)
- Re: [I18nrp] Additional input needed for i18nRP B… John C Klensin
- Re: [I18nrp] Additional input needed for i18nRP B… Peter Saint-Andre
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… Peter Saint-Andre
- Re: [I18nrp] Additional input needed for i18nRP B… Peter Saint-Andre
- Re: [I18nrp] Additional input needed for i18nRP B… Peter Saint-Andre
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… John C Klensin
- Re: [I18nrp] Additional input needed for i18nRP B… Brian E Carpenter
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… Peter Saint-Andre
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… Benjamin Kaduk
- Re: [I18nrp] Additional input needed for i18nRP B… John C Klensin
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… John C Klensin
- Re: [I18nrp] Additional input needed for i18nRP B… Nico Williams
- Re: [I18nrp] Additional input needed for i18nRP B… Nico Williams
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… Nico Williams
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… Nico Williams
- Re: [I18nrp] Additional input needed for i18nRP B… Nico Williams
- Re: [I18nrp] Additional input needed for i18nRP B… Peter Saint-Andre
- Re: [I18nrp] Additional input needed for i18nRP B… Peter Saint-Andre
- Re: [I18nrp] Additional input needed for i18nRP B… Adam Roach
- Re: [I18nrp] Additional input needed for i18nRP B… Larry Masinter
- Re: [I18nrp] Additional input needed for i18nRP B… Larry Masinter