Re: [netmod] rfc6991bis: inet:host

Ladislav Lhotka <ladislav.lhotka@nic.cz> Wed, 29 July 2020 11:55 UTC

Return-Path: <ladislav.lhotka@nic.cz>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D86BB3A09CF for <netmod@ietfa.amsl.com>; Wed, 29 Jul 2020 04:55:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wt3YF4huwBKL for <netmod@ietfa.amsl.com>; Wed, 29 Jul 2020 04:55:43 -0700 (PDT)
Received: from trail.lhotka.name (trail.lhotka.name [77.48.224.143]) by ietfa.amsl.com (Postfix) with ESMTP id 70FEB3A09D6 for <netmod@ietf.org>; Wed, 29 Jul 2020 04:55:42 -0700 (PDT)
Received: by trail.lhotka.name (Postfix, from userid 109) id 889808600D0; Wed, 29 Jul 2020 13:46:37 +0200 (CEST)
Received: from localhost (unknown [172.29.2.111]) by trail.lhotka.name (Postfix) with ESMTPSA id 509D3860062; Wed, 29 Jul 2020 13:46:35 +0200 (CEST)
From: Ladislav Lhotka <ladislav.lhotka@nic.cz>
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Cc: netmod@ietf.org
In-Reply-To: <20200728151033.wdjojzrlffh6sebu@anna.jacobs.jacobs-university.de>
References: <20200721194434.pvekzgxaus43iihg@anna.jacobs.jacobs-university.de> <AM7PR07MB62482ED4917241DBCD08E7B7A0790@AM7PR07MB6248.eurprd07.prod.outlook.com> <20200722110030.6c7r6utxgjbsilkq@anna.jacobs.jacobs-university.de> <ff42e4cb-957c-a4f0-a88b-333a6565ed8e@nic.cz> <20200724083617.u3wkr34ehjezmusq@anna.jacobs.jacobs-university.de> <87a6zmifpo.fsf@nic.cz> <20200726202427.oqythl6sggm4uzxe@anna.jacobs.jacobs-university.de> <87wo2p8hnw.fsf@nic.cz> <20200727104412.jxgocoaxi2u6pula@anna.jacobs.jacobs-university.de> <2521f17d-c105-503a-1fc6-4f3ecaf6e58b@nic.cz> <20200728151033.wdjojzrlffh6sebu@anna.jacobs.jacobs-university.de>
Mail-Followup-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>, netmod@ietf.org
Date: Wed, 29 Jul 2020 13:55:38 +0200
Message-ID: <87o8nyh6x1.fsf@nic.cz>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/xtNxqGKOBrWUweMmEXuWXGhEvYA>
Subject: Re: [netmod] rfc6991bis: inet:host
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jul 2020 11:55:46 -0000

Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> writes:

> On Mon, Jul 27, 2020 at 03:18:25PM +0200, Ladislav Lhotka wrote:
>> 
>> 
>> On 27. 07. 20 12:44, Juergen Schoenwaelder wrote:
>> > On Mon, Jul 27, 2020 at 10:51:31AM +0200, Ladislav Lhotka wrote:
>> >> Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> writes:
>> >>
>> >>> So would the following do the right thing?
>> >>
>> >> The invert-match pattern also needs to be added in order to avoid reserved labels:
>> > 
>> > Why are they illegal? If we make them illegal, how are we going to
>> > deal with hosts that have non-ASCII names?
>> 
>> I am not able to find in what sense the "Reserved LDH" labels of RFC
>> 5890 are really reserved, and I am not sure about the implications of
>> permitting "xn--..." hostnames to be explicitly configured.
>
> Right now, inet:domain-name as defined in RFC 6991 says:
>
>       [...]
>       Domain-name values use the US-ASCII encoding.  Their canonical
>       format uses lowercase US-ASCII characters.  Internationalized
>       domain names MUST be A-labels as per RFC 5890.";
>
> Hence, if you want to configure a non-ASCII hostname using inet:host,
> you have to write it in a sequence of A-labels, i.e., using the ASCII
> Compatible Encoding (ACE). Hence, removing xn-- names seems to have a
> significant potential to break things.

OK.

>  
>> If we want to allow non-ASCII names, then it would IMO be safer to use a
>> type that expects straight Unicode for lexical representation and leave
>> it to the implementations to convert to Punycode where necessary, e.g.
>> when querying DNS.
>
> Perhaps. But I am not sure this is the time to fix this or how this
> can be done in a backwards compatible way. At least this likely can't
> be done by disallowing ACE. It may be possible to add an additional
> member to the inet:host union that catches internationalized names.

I think it would be better to have an extra set of parallel definitions such as idn-domain-name, or perhaps u-domain-name.

Lada

> Since this would be enlarging the value space, I believe this is
> inline with the spirit of section 11 of RFC 7950. Removing the ACE
> names, however, restricts the value space and hence seem to contradict
> section 11 of RFC 7950. (The explicit removal of underscore and single
> letter hostnames may be considered a clarification since we have other
> RFCs stating these constraints.)
>
> /js
>
> -- 
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>

-- 
Ladislav Lhotka 
Head, CZ.NIC Labs
PGP Key ID: 0xB8F92B08A9F76C67