IETF Logo Mail Archive

Re: [EAI] Downgrade simplifications

"YAO Jiankang" <yaojk@cnnic.cn> Thu, 06 August 2009 02:35 UTC

Return-Path: <yaojk@cnnic.cn>
X-Original-To: ima@core3.amsl.com
Delivered-To: ima@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 398C33A6CB4 for <ima@core3.amsl.com>; Wed, 5 Aug 2009 19:35:10 -0700 (PDT)
X-Quarantine-ID: <2UNh1L9aC81l>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER, Duplicate header field: "Message-ID"
X-Spam-Flag: NO
X-Spam-Score: 0.365
X-Spam-Level:
X-Spam-Status: No, score=0.365 tagged_above=-999 required=5 tests=[AWL=0.408, BAYES_00=-2.599, MIME_BASE64_TEXT=1.753, MSGID_FROM_MTA_HEADER=0.803]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2UNh1L9aC81l for <ima@core3.amsl.com>; Wed, 5 Aug 2009 19:35:09 -0700 (PDT)
Received: from cnnic.cn (smtp.cnnic.cn [159.226.7.146]) by core3.amsl.com (Postfix) with SMTP id 444403A69B4 for <ima@ietf.org>; Wed, 5 Aug 2009 19:34:42 -0700 (PDT)
Received: (eyou send program); Thu, 06 Aug 2009 10:34:45 +0800
Message-ID: <449526085.20415@cnnic.cn>
X-EYOUMAIL-SMTPAUTH: yaojk@cnnic.cn
Received: from unknown (HELO whatisfuture) (127.0.0.1) by 127.0.0.1 with SMTP; Thu, 06 Aug 2009 10:34:45 +0800
Message-ID: <001701ca163e$742fe600$236ff1da@whatisfuture>
From: YAO Jiankang <yaojk@cnnic.cn>
To: Ernie Dainow <edainow@ca.afilias.info>, ima@ietf.org
References: <449399580.17668@cnnic.cn>
Date: Thu, 06 Aug 2009 10:34:40 +0800
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: base64
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3350
Subject: Re: [EAI] Downgrade simplifications
X-BeenThere: ima@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "EAI \(Email Address Internationalization\)" <ima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ima>, <mailto:ima-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ima>
List-Post: <mailto:ima@ietf.org>
List-Help: <mailto:ima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ima>, <mailto:ima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Aug 2009 02:35:10 -0000

----- Original Message ----- 
From: "Ernie Dainow" <edainow@ca.afilias.info>
To: <ima@ietf.org>
Sent: Tuesday, August 04, 2009 11:25 PM
Subject: [EAI] Downgrade simplifications


>I think there are a number of things we can change to make Downgrade 
> simpler and have less impact on existing email systems yet still provide 
> the key backward compatibility that many people feel is important to the 
> success of EAI.
> 
> The current design of Downgrade is very comprehensive. A lot of clever 
> things were done to provide Downgrade in every possible situation and to 
> provide a complete audit trail through the use of new Downgraded headers 
> that also provide the ability to reconstruct the original UTF8 address 
> information (Downgraded display). We can greatly simplify Downgrade by 
> limiting the design goals to support only essential cases and make clear 
> that Downgrade is an interim feature, is not perfect and does not 
> provide a complete audit trail.
> 
> 1. As recommended in 4.2 of  draft-ietf-eai-email-clients and in various 
> emails on the EAI list, we should consider downgrade of forward-pointing 
> (recipient) addresses as a configuration error and not something that 
> Downgrade needs to support. Then we can remove Alternate Addresses for 
> recipients. I think this would also allow us to redesign Downgrade 
> without the double angle bracket syntax which seems to be the source of 
> a lot of compatibility and security concerns.


this is a good idea. I also wonder whether we need the downgrading for recipient.

in practise, only "downgrade from address" may be useful.


> 
> 2. Implementation of Downgrade is currently an option for MUA, POP/IMAP. 
> Consideration of these cases in draft-ietf-eai-email-clients (3.1.1, 
> 3.2) is that these are unusual configurations. The standard should be 
> explicit and state that Downgrade is only done by MTAs.

this issue need more discussions.


> 
> 3. While an audit trail and ability to display original UTF8 addresses 
> from a Downgraded message is a nice feature, some people consider the 
> case in which this is useful to be a configuration error (an EAI MUA, 
> POP or IMAP behind a non-EAI MTA.). In any case, it is not an essential 
> feature within the revised design goals outlined above. If it is 
> dropped, then all the added "Downgraded-" headers can be dropped.

I remeber that the WG decided to have no upgrading after downgrading.

> 
> 4. Alternate Addresses for the sender can be handled in the "Accounts" 
> setting of the MUA. They can also be provided by the SMTP server, as in 
> draft-yao-eai-deployment. Since there is no interface for the MUA to 
> find out from the server if it needs to provide Alternate Addresses or 
> not, this ambiguity may lead to unexpected behavior in terms of which 
> Alternate Address gets used if it is provided by both. 

+1

the possible phising will be reduced if the alternate address is only provided by smtp server.
if the alternate address is provided by MUA, the user can put any address they want such as administartor@ebay.com or president@usa.gov . 

 
>While the server 
> solution offers a certain amount of transparency to the end user, the 
> MUA solution is more general in that it supports a legacy ASCII Address 
> that may be on a different email provider. 

when you register an email account, you can apply both the ascii email account and non-ascii email account from the same company or organization.

>The standard should resolve 
> this ambiguity and specify that Alternate Address for the sender is 
> provided by the MUA and not the server.

if we decide to have no downgrade issue in RFC5336 5335, then you are right. otherwise, we may consider that only by server, not by MUA.


> 
> 5. Capturing UTF8 addresses in empty groups when Downgrading should be 
> dropped. This has numerous interoperability problems with existing mail 
> clients (3.2.1 in draft-ietf-eai-email-clients).
> 
> To make a clean line between Downgrade and the rest of the EAI standard, 
> so that we can move ahead with standards track of the latter while 
> continuing to work on experimental track Downgrade, all normative 
> requirements relating to Downgrade should be pulled out of the EAI 
> documents and moved into the Downgrade document. So for example, the 
> ALT-ADDRESS parameter should be moved from RFC 5336 to the Downgrade 
> document and the addr-spec for double angle brackets moved out of RFC 
> 5335 into the Downgrade doc (or dropped if 1. above can be achieved).

+1.

I personally agree this suggestion.

Yao Jiankang
CNNIC

> 
>   -Ernie Dainow
> 
> 
> _______________________________________________
> IMA mailing list
> IMA@ietf.org
> https://www.ietf.org/mailman/listinfo/ima

v2.23.0 | Report a Bug | By Email