IETF Logo Mail Archive

Re: Possible BofF question -- I18n (was: Re: Possible OBF question -- I18n)

Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Sat, 02 June 2018 01:14 UTC

Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35002120721; Fri, 1 Jun 2018 18:14:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a2JasnesXOxd; Fri, 1 Jun 2018 18:14:38 -0700 (PDT)
Received: from mail-yb0-x242.google.com (mail-yb0-x242.google.com [IPv6:2607:f8b0:4002:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B6B312E8D4; Fri, 1 Jun 2018 18:14:38 -0700 (PDT)
Received: by mail-yb0-x242.google.com with SMTP id i1-v6so9339122ybe.1; Fri, 01 Jun 2018 18:14:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=L6zBwWiFihPEWq8W4G4AltTZ+FSi+qQfxRHIigKwdsw=; b=IU7TyDXxmwOxCtwmbB6UDnRIJZw6jVV4TTCT6o/+aRtsRRllOADdX3+bITnMQ/mV4f rtbYSoFYROXKkDwGPwPR0VtDLeTQcBfzH9t/3H8H6bG55UN3yJ3wjKH4y/QB7tdVCXY1 FD68/ij6nqALxt/hQFEJgqyVhr/JSg27ilZhSBXefedtylwzviwElbqhhtU/HRXl5su4 cLwLlLfbAOt9XYNldmCPReG1vi6JCEDbFm26bvoPcydPPxVGq5q/DuKkg/0T2Tnw4ZtI 3EVhUNAHKt71l2HjFDC7OUKX7qByBVB/yrF/bZrY3o6CfwWeeapCNo/qkjSm1AWzPkVT d6kg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=L6zBwWiFihPEWq8W4G4AltTZ+FSi+qQfxRHIigKwdsw=; b=oz8EJwBSxRbzbk5o7/Zey5Evi7M5GoSBHKG39a48Uoa6Q5+j9ZHRZU/eo7ZwO9PASO Kik3SZODjAT+eDl+3cGX5XTNYkD7J0VPDFKJpJ6Sd1mOaa+6DIKNTokBaxKuvlGvM9Iu EWKfJBAsfMZhI3rjhw+mO1qIpz74YZ7sjG2SWzmlM4vz9oxFP/81nV5FsxvRBQ3VIOVs bNQMTCOBVYBrDd7SBjtx/VtsCXypflp939zmQFBKH6ApOUTRrBWGh3NLzwhvITZxzXGg tp6zq9nNbUv/S0ewbFsN48s+2qrEA6EdIicCUKvh7ZhXY3N3vkl4x+fzY1nDvjJ287+p lo+A==
X-Gm-Message-State: ALKqPwflLg9EVTllaXXg7/+0sYCYEypnWX+McfA+y/sAY5dKEQ2J18qt RdKJeOavE3QXaWh/NrzG/EENrB5MS1dlv075zik=
X-Google-Smtp-Source: ADUXVKKYGugh6daY4cc+NqemXUeDU2RibaRhcmNYpSm1SE8iug2TqlIg2rBZGFjnfvC46dgvD7uwnIMH2Ngw6sAC24M=
X-Received: by 2002:a25:b212:: with SMTP id i18-v6mr7217024ybj.471.1527902077283; Fri, 01 Jun 2018 18:14:37 -0700 (PDT)
MIME-Version: 1.0
References: <862E5704FEE30E9EFA684961@PSB> <20180602000921.GJ14446@localhost>
In-Reply-To: <20180602000921.GJ14446@localhost>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Date: Fri, 01 Jun 2018 20:14:24 -0500
Message-ID: <CAKKJt-dh4azxgGe=4wnZT+dYDXtP3zsNCSBV4V1d8uTrGiEiSg@mail.gmail.com>
Subject: Re: Possible BofF question -- I18n (was: Re: Possible OBF question -- I18n)
To: Nico Williams <nico@cryptonector.com>
Cc: John C Klensin <john-ietf@jck.com>, art-ads@ietf.org, IETF general list <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000917444056d9e6cb9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/rGYKZvw7FQ4xVdbZ2n_qeq3iQxA>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Jun 2018 01:14:42 -0000

Ok, I own this part ... please see below.

On Fri, Jun 1, 2018, 19:10 Nico Williams <nico@cryptonector.com> wrote:

> On Fri, Jun 01, 2018 at 05:14:08PM -0400, John C Klensin wrote:
> > Now a few comments on recent postings (after I went to work on
> > the template).
>
> > * I think it would be a just dandy idea to require an "I18N
> > Considerations" section in every I-D or RFC.  I see only two
> > problems with it.  One is that we've had such a requirement for
> > documents that do have i18n issues for 20+ years and it hasn't
> > helped.  [...]
>
> Please be specific.  What failures have we had.
>
> > * Crypto expert mindsets -- I agree with John Levine on this.
> > FWIW, a few of us have made the observation that this i18n area
> > is easy to learn about for one class of people.  Not impossible
>
> The condescension is thick in this one.
>
> > * Mentions of UTR#46 in general I18N contexts may be close to
>
> Finally.  900 words and this is the one specific thing, but not that
> specific either:
>
> > mentioning Hitler under Godwin's Law.  It is strictly about IDNs
> > and not the general problem; its current version makes
> > assumptions equivalent to domain names not needing to be treated
> > as having important properties of identifiers; etc.  As I said,
> > I don't think this BOF effort is about particular protocol
> > issues.  However, as a non-protocol issue (and maybe the point
> > John Levine was trying to make) due in no small measure to
> > UTR#46 and the homebrew updates to IDNA2003 it has encouraged,
> > we have a large number (perhaps dozens) of interpretations about
> > what IDNA is "really" about and what the requirements "really"
> > are.   That is an operational and user predictability problem, a
> > security problem, etc.
> >
> > "No urgency"?  Only if one wants to see the IDN situation
> > deteriorate to the point that systems that are concerned about
> > privacy, malware, etc., will simply filter out all of them as a
> > good tradeoff against the risks.
> >
> > And, again, I see IDNs as one issue here among many, not the
> > only or even the key issue.
>
> Is this an elliptical way of alluding to confusables issues?
>
> Can you boil things down to a small set of bullet items?
>
>  - IDNs and confusables?
>
>  - I18N and human rights?
>

I pointed out that the Human Rights Review Team included consideration of
i18n when they reviewed an IAB draft I'm editing, within the past month. My
understanding was that people were looking for ways to get i18n reviews,
and that's the only formal mechanism I've encountered since the IAB
concluded their internationalization program over a year ago.

Perhaps that wasn't helpful. As far as I can see, it wasn't.

I'll wait for the BoF.

Spencer

  (what's that got to do with Internet protocols?  sure we have to make
>    sure they internationalize, but we already knew that long before
>    anyone made the connection to human rights)
>
>  - something else?  what?
>
> Please also list any high-profile failures of the IETF in this space.
>
> Keep it brief out of consideration for your readers' time.
>
> BTW, regarding IDNs and confusables, I'm going to restate my previous
> position on that:
>
> a) it _is_ possible to write code to detect confusables issues (lots of
>    people are doing this; I've seen several repos in github implementing
>    Unicode confusable detection)
>
>    Of course, confusable detection is best done with UC standards (there
>    is one, but is it complete?).  There is no role for the IETF in this
>    one.
>
> b) we can't make the registrars do the right thing
>
> c) we can't make the registries make the registrars do the right thing
>
> d) we can't make ICANN make the registries make the registrars do the
>    right thing
>
> e) we _can_ give advice to ICANN and the registries, and the advice
>    should be that they make up registry-specific policies as to
>    confusables, and we should make up some sample policies
>
> f) besides giving ICANN and the registries advice, there is nothing for
>    us to do here.
>
>    It isn't possible to construct a one-size-fits-all-registries policy
>    for IDNA -- the registries would reject such a thing.  Dictating such
>    a policy in IDNA would be inappropriate and very unpopular -- don't
>    do it.
>
> g) the best default policy would be to construct a "canonicalized" form
>    of any proposed domain and allow only one domain for each
>    "canonicalized" form
>
>    For example, "paypal" and "paypa1" could be considered equivalent in
>    some policy, with "paypal" the canonical form, and only one of those
>    two allowed in the given registry.  A registrant could be allowed to
>    have all equivalent forms of a domain's canonical form.
>
>    Note that such a policy can be implemented (see (a)), but also that
>    the uniqueness check can only be made by the registry, therefore we
>    cannot dictate this in IDNA.
>
> Nico
> --
>
>

v2.23.0 | Report a Bug | By Email