Re: Possible BofF question -- I18n
Nico Williams <nico@cryptonector.com> Sun, 03 June 2018 06:22 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83358126B7E for <ietf@ietfa.amsl.com>; Sat, 2 Jun 2018 23:22:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UBuWdepWbYyK for <ietf@ietfa.amsl.com>; Sat, 2 Jun 2018 23:22:22 -0700 (PDT)
Received: from homiemail-a128.g.dreamhost.com (homie-sub4.mail.dreamhost.com [69.163.253.135]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95ED91267BB for <ietf@ietf.org>; Sat, 2 Jun 2018 23:22:22 -0700 (PDT)
Received: from homiemail-a128.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a128.g.dreamhost.com (Postfix) with ESMTP id 336AA30030403; Sat, 2 Jun 2018 23:22:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=+pWU6gzmZm4QvF aqXnBYANV/pdM=; b=PlJWO0iLMSkfbnue8HL1GpwqJALUWOJPRyv0k1Vm/5EaIr SG3ZxZkLwVMzc7wpVl8vmcQAyJzfzC3dgpvtrBv9MXYq2j9ebTc1JsCl9z/g1FxB +4HeZogqZdCu+qKcLm698Z52hvd3w7kDxDXtRPUuCZqHSiveomRcLfeCK+fC0=
Received: from localhost (50-232-84-66-static.hfc.comcastbusiness.net [50.232.84.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a128.g.dreamhost.com (Postfix) with ESMTPSA id 8AB7730030401; Sat, 2 Jun 2018 23:22:21 -0700 (PDT)
Date: Sun, 03 Jun 2018 01:22:19 -0500
From: Nico Williams <nico@cryptonector.com>
To: John R Levine <johnl@taugh.com>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, IETF general list <ietf@ietf.org>
Subject: Re: Possible BofF question -- I18n
Message-ID: <20180603062218.GN14446@localhost>
References: <20180531172228.GF14446@localhost> <383c2404-7beb-63e9-b2b2-e75fd1b174f1@mozilla.com> <20180601041949.GH14446@localhost> <A13FFF23-49BD-459D-8B5B-D3448154EEBC@frobbit.se> <20180601151053.GI14446@localhost> <2584adb9-1622-8b49-7236-ecc7dd374974@mozilla.com> <alpine.OSX.2.21.1806011219340.7621@ary.qy> <CAK3OfOgv33SJiPJ6ypo8k5hcpnjcJdRso6EXb9b12YNcdDgMUg@mail.gmail.com> <6c5d5618-74a5-dcc8-d818-89243a41f307@gmail.com> <alpine.OSX.2.21.1806020948160.10640@ary.qy>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <alpine.OSX.2.21.1806020948160.10640@ary.qy>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/mJxkmlm2oDPGboiyN7q0kXp0nv4>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Jun 2018 06:22:24 -0000
On Sat, Jun 02, 2018 at 09:56:32AM -0400, John R Levine wrote: > On Sat, 2 Jun 2018, Brian E Carpenter wrote: > >If a dark art is one that involves combinatorial degrees of complexity > >mixed with human perception, judgment and emotion, then I fear that I18N > >*is* a dark art. We can perhaps manage such complexity by limiting the > >scope of what we try to do in our protocols, but I for one would very > >much appreciate having an I18N directorate reviewing everything. > > Thanks, that was what I was trying to get at. It would be great if more > people learned about I18n issues, but I worry about expertise at the level > of security experts telling people to memorize all their passwords and > change them every month. > > "Confusables", different characters that look exactly or approximately the > same is a good example. I used to think that one could make sets of > confusable characters and avoid security problems by disallowing strings > that differed only in confusables. Unfortunately, what is confusable is > highly context dependent. For example, an Arabic digit 5 looks a lot like a > lower case letter o, so depending on who and where you are you might think > it looks like o or 0 or you might think it looks like 5 or you might think > it looks like both. I didn't realize that until I talked to native Arabic > speakers and tried to read speed limit signs in Abu Dhabi. Don't get me > started on composable emoji and skin tones. Yes, confusability is in the eye of the beholder, but a first approximation set of confusable mappings can be constructed (and has been). We don't need perfection, but we could apply AI techniques to look for more confusables and get closer to perfection. Registries don't need us to tell them that any of this is a good idea (though we should). > I'm not saying it's hopeless, but we need to be careful assuming that some > knowledge always leads to better analyses than none. Remember all those > passwords they force you to change every month. It's hard to argue that more knowledge makes things worse. Sure, it can (e.g., by raising one's cognitive burdens), but mostly it's not the case. I'm not afraid of assuming that more knowledge will help. But if you are... then our supposed lack of I18N expertise should be a boon! Nico --
- Possible OBF question -- I18n John C Klensin
- Re: Possible OBF question -- I18n John Levine
- Re: Possible BofF question -- I18n (was: Re: Poss… John C Klensin
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- Re: Possible BofF question -- I18n (was: Re: Poss… John R Levine
- Re: Possible BofF question -- I18n (was: Re: Poss… John C Klensin
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- Re: Possible BofF question -- I18n (was: Re: Poss… tom p.
- Re: Possible BofF question -- I18n (was: Re: Poss… John R Levine
- Re: Possible BofF question -- I18n (was: Re: Poss… John C Klensin
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n (was: Re: Poss… Peter Saint-Andre
- Re: Possible BofF question -- I18n (was: Re: Poss… Donald Eastlake
- Re: Possible BofF question -- I18n (was: Re: Poss… John C Klensin
- Re: Possible BofF question -- I18n (was: Re: Poss… John C Klensin
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- Re: Possible BofF question -- I18n (was: Re: Poss… Spencer Dawkins at IETF
- Re: Possible BofF question -- I18n Adam Roach
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n Brian E Carpenter
- RE: Possible BofF question -- I18n (was: Re: Poss… Larry Masinter
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- RE: Possible BofF question -- I18n (was: Re: Poss… John C Klensin
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- Re: Possible BofF question -- I18n (was: Re: Poss… Benjamin Kaduk
- Re: Possible BofF question -- I18n (was: Re: Poss… Peter Saint-Andre
- Re: Possible BofF question -- I18n (was: Re: Poss… Niels ten Oever
- Re: Possible BofF question -- I18n (was: Re: Poss… John R Levine
- Re: Possible BofF question -- I18n (was: Re: Poss… Peter Saint-Andre
- Re: Possible BofF question -- I18n (was: Re: Poss… John R Levine
- Re: Possible BofF question -- I18n (was: Re: Poss… Spencer Dawkins at IETF
- Re: Possible BofF question -- I18n (was: Re: Poss… Spencer Dawkins at IETF
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n (was: Re: Poss… Stephen Farrell
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n (was: Re: Poss… John C Klensin
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- Re: Possible BofF question -- I18n (was: Re: Poss… Spencer Dawkins at IETF
- Re: Possible BofF question -- I18n (was: Re: Poss… Peter Saint-Andre
- Re: Possible BofF question -- I18n (was: Re: Poss… John C Klensin
- Re: Possible BofF question -- I18n (was: Re: Poss… Spencer Dawkins at IETF
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n (was: Re: Poss… Spencer Dawkins at IETF
- Re: Possible BofF question -- I18n Brian E Carpenter
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- Re: Possible BofF question -- I18n John R Levine
- Re: Possible BofF question -- I18n (was: Re: Poss… John C Klensin
- Re: Possible BofF question -- I18n (was: Re: Poss… Nico Williams
- Re: Possible BofF question -- I18n Nico Williams
- Re: Possible BofF question -- I18n Nico Williams
- Re: Possible BofF question -- I18n (was: Re: Poss… Patrik Fältström
- Re: Possible BofF question -- I18n Brian E Carpenter
- Re: Possible BofF question -- I18n Nico Williams
- Re: Possible BofF question -- I18n Barry Leiba
- Re: Possible BofF question -- I18n Viktor Dukhovni
- Re: Possible BofF question -- I18n Christian Huitema
- Re: Possible BofF question -- I18n Nico Williams
- Re: Possible BofF question -- I18n tom p.
- Re: Possible BofF question -- I18n Barry Leiba
- Re: Possible BofF question -- I18n ned+ietf
- Re: Possible BofF question -- I18n ned+ietf