Re: [Idna-update] Expiration impending: <draft-klensin-idna-rfc5891bis-01.txt>

["Patrik Fältström " <paf@frobbit.se>]

Francisco,

I see a few problems with your note, and will summarize them here. I will tomorrow start travelling to Puerto Rico and am happy to talk more about it there.

- The question is not whether "a vast majority" or "almost all" or such implement the guidelines. The fact is that not every registry do. And we do not only talk about gTLDs, we talk about TLD registries. And as long as one registry do, and on top of that show they "sell" code points not only violating IDNA2008 and because of that the ICANN recommendations, but also do sell code points not yet allocated to Unicode and worse, they fail to run a clean process and sell the same 2nd level domain to multiple parties -- that not only is evidence there is a market, but also broken market regarding IDN. And as you see below, ICANN Board have now asked the community (in plain english): "What are you doing about it?". I could translate the words I read into much more clear language but prefer as a swede saying such things and not typing it.

- The issues have once again brought light onto the question whether ICANN is only a home for the processes related to contracted parties or if ICANN also deal with non-contracted parties like ccTLDs. And if ccNSO or GAC control ccTLDs. And of course at the moment in UN due to PP18 elevated to the question why GAC exists and not the role of GAC is a body of ITU-T. This can kind of quickly evolve to questions who decides what goes into the root zone, wether the ccNSO and the ASO should be part of ICANN or not. Remember we already closed the PSO.

- ICANN Board have (finally) on 2nd of November 2017 taken this seriously by asking ccNSO and GNSO to take the issues on board. <https://features.icann.org/ssac-advisory-use-emoji-domain-names> and I quote:

> Resolved (2017.11.02.09), the Board hereby directs that conformance to IDNA2008 and its successor will continue to be a necessary condition to determine valid IDN TLD labels.
>
> Resolved (2017.11.02.10), the Board requests that the Country Code Names Supporting Organization (ccNSO) and the Generic Names Supporting Organization (GNSO) engage with the SSAC to more fully understand the risks and consequences of using a domain name that includes emoji in any of its labels, and inform their respective communities about these risks.
>
> Resolved (2017.11.02.11), the Board requests that the ccNSO and GNSO integrate conformance with IDNA2008 and its successor into their relevant policies so as to safeguard security, stability, resiliency and interoperability of domain names.
>
> Resolved (2017.11.02.12), the Board directs the ICANN CEO, or his designee(s), to engage with gTLD and ccTLD communities on the findings and recommendations in SAC095.

- SSAC will via myself initiate work with ccNSO already in Puerto Rico, ICANN has reached out to IAB that do take this very seriously (as it seems -- and this discussion and active participation by IAB members is to me a sign of this). Exactly how GNSO will take this on board I do not know but will as the person in SSAC that holds the flag will investigate this next week.

- You are ICANN Staff, and having you choose the words the way you did is to me troublesome, specifically in the light of what I explain above. I hope I misunderstand you. Explaining the compliance process is one thing, but whether it should be executed or not is a decision by the policy that is to be implemented, and if you as ICANN Staff do believe the policy is not clear enough it should be bounced back to the community. Something I (see above) believe ICANN Board just did.

Once again, I hope I misread your words, and I am happy to talk about this in Puerto Rico.

This is serious.

   Patrik

On 7 Mar 2018, at 3:06, Francisco Arias wrote:

> Except for a couple of legacy gTLDs that do not yet have that requirement, for the vast majority of the gTLDs, compliance with the IDN Implementation Guidelines is mandatory.
>
> If there were a requirement on this regard in the guidelines, compliance could be checked when new tables are submitted to ICANN for approval. If needed, an active monitoring could also be done.
>
> -- 
> Francisco
>
> On 3/6/18, 2:32 AM, "IDNA-UPDATE on behalf of Patrik Fältström" <idna-update-bounces@ietf.org on behalf of paf@frobbit.se> wrote:
>
>     How do you believe this is to be implemented in all TLDs? I.e. what do you believe is the enforcement mechanism?
>
>        Patrik
>
>     On 5 Mar 2018, at 23:22, Francisco Arias wrote:
>
>     > Following on Asmus' comment below, perhaps the IDN Implementation Guidelines could help as a way to reach out to TLD registries?
>     >
>     > https://www.icann.org/resources/pages/implementation-guidelines-2012-02-25-en
>     >
>     > I believe the process to update them is ongoing https://community.icann.org/display/IDN/IDN+Implementation+Guidelines
>     >
>     > Regards,
>     >
>     > --
>     > Francisco
>     >
>     > On 3/5/18, 2:12 PM, "IDNA-UPDATE on behalf of Asmus Freytag" <idna-update-bounces@ietf.org on behalf of asmusf@ix.netcom.com> wrote:
>     >
>     >     Secondary to that is finding a way to communicate the to consumers of
>     >     these tables that simply allowing all PVALID code points isn't a robust
>     >     solution for many writing systems and additional due diligence needs to
>     >     be preformed - for example along the same lines as is being done now for
>     >     the Root Zone (which is quickly defining the state of the art in that
>     >     respect).
>     >
>     >
>     > _______________________________________________
>     > IDNA-UPDATE mailing list
>     > IDNA-UPDATE@ietf.org
>     > https://www.ietf.org/mailman/listinfo/idna-update
>
>
> _______________________________________________
> IDNA-UPDATE mailing list
> IDNA-UPDATE@ietf.org
> https://www.ietf.org/mailman/listinfo/idna-update