Re: [Ietf-krb-wg] WG Review: Stringprep after IDNA2008 WG (newprep)

Alan DeKok <aland@deployingradius.com> Wed, 19 May 2010 21:06 UTC

Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@core3.amsl.com
Delivered-To: ietfarch-krb-wg-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 712453A6816 for <ietfarch-krb-wg-archive@core3.amsl.com>; Wed, 19 May 2010 14:06:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.764
X-Spam-Level:
X-Spam-Status: No, score=-2.764 tagged_above=-999 required=5 tests=[AWL=3.835, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3cLQqLJYD5C4 for <ietfarch-krb-wg-archive@core3.amsl.com>; Wed, 19 May 2010 14:06:15 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by core3.amsl.com (Postfix) with ESMTP id 751443A69D3 for <krb-wg-archive@lists.ietf.org>; Wed, 19 May 2010 14:06:11 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id CC597A9; Wed, 19 May 2010 16:05:58 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id 70C20CB; Wed, 19 May 2010 16:05:56 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 418002CC08A; Wed, 19 May 2010 16:05:55 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by lists.anl.gov (Postfix) with ESMTP id 058B680E30 for <ietf-krb-wg@lists.anl.gov>; Wed, 19 May 2010 10:26:33 -0500 (CDT)
Received: by mailhost.anl.gov (Postfix) id F0E7D28; Wed, 19 May 2010 10:26:32 -0500 (CDT)
Delivered-To: ietf-krb-wg@anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id EB63611 for <ietf-krb-wg@anl.gov>; Wed, 19 May 2010 10:26:32 -0500 (CDT)
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by mailhost.anl.gov (Postfix) with ESMTP id E50D428 for <ietf-krb-wg@anl.gov>; Wed, 19 May 2010 10:26:32 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id D0CF17CC05C; Wed, 19 May 2010 10:26:32 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 13934-04; Wed, 19 May 2010 10:26:32 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id AD2907CC054 for <ietf-krb-wg@anl.gov>; Wed, 19 May 2010 10:26:32 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AkYKAIWf80tYv0yA/2dsb2JhbACRYYRJh0hxvjGFEAQ
X-IronPort-AV: E=Sophos;i="4.53,263,1272862800"; d="scan'208";a="41783137"
Received: from liberty.deployingradius.com ([88.191.76.128]) by mailgateway.anl.gov with ESMTP; 19 May 2010 10:26:32 -0500
Message-ID: <4BF40326.4050101@deployingradius.com>
Date: Wed, 19 May 2010 17:26:30 +0200
From: Alan DeKok <aland@deployingradius.com>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: newprep@ietf.org
References: <20100511173002.3EB993A6D0F@core3.amsl.com> <tslzkzxjfmh.fsf@mit.edu>
In-Reply-To: <tslzkzxjfmh.fsf@mit.edu>
X-Enigmail-Version: 0.96.0
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
X-Mailman-Approved-At: Wed, 19 May 2010 16:05:54 -0500
Cc: ietf-krb-wg@anl.gov
Subject: Re: [Ietf-krb-wg] WG Review: Stringprep after IDNA2008 WG (newprep)
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-krb-wg-bounces@lists.anl.gov
Errors-To: ietf-krb-wg-bounces@lists.anl.gov

Sam Hartman wrote:
> The first is RFC 4282.  RFC 4282 section 2.4 discusses
> internationalization strategies based on stringprep and IDNA2003.  It
> does not define its own profile.  Apparently, in addition to all the
> reasons you would probably want to update anything based on IDNA 2003,
> RFC 4282 does not meet the needs of the implementor community.  One
> proposal for addressing RFC 4282 is draft-dekok-radext-nai-01.txt I
> think any proposal in this space will require both help from newprep and
> from the radext/aaa community.  Based on my past experience in emu, the
> aaa community, like the rest of the IETF, can use i18n help.

  The intent of 4282 was to standardize the usage of "realms" (i.e. most
commonly DNS domain names) within AAA protocols.  Other goals were
general i18n issues, and not creating another registry.

  The result contained a lot of i18n text, which IMHO doesn't really
belong.  The AAA and EAP supplicant implementors seem to have agreed, as
they've uniformly ignored the i18n suggestions in 4282.

  The needs of the AAA community (IMHO) are reflected in updated
document.  The authors of 4282 generally agree with the attitude of that
document.

  What this means for stringprep is simple: the needs of the AAA
community can likely be addressed by serving the needs of DNS, and
general user data entry.  The AAA community will probably leverage that
work to carry i18n strings "verbatim" in their protocols.

  i.e. AAA proxies have *no business* doing anything with names they
carry, other than comparing them for byte-by-byte equality or
inequality.  The proxy is an intermediary, and knows nothing about the
end user or the home authentication system.

  Alan DeKok.
_______________________________________________
ietf-krb-wg mailing list
ietf-krb-wg@lists.anl.gov
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg