RE: Last Call summary for draft-ietf-pkix-cert-utf8
"Jim Schaad" <ietf@augustcellars.com> Thu, 13 April 2006 20:31 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FU8T9-0002eb-By for pkix-archive@lists.ietf.org; Thu, 13 Apr 2006 16:31:11 -0400
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FU8T8-0002zP-Pv for pkix-archive@lists.ietf.org; Thu, 13 Apr 2006 16:31:11 -0400
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k3DJfgs9061118; Thu, 13 Apr 2006 12:41:42 -0700 (MST) (envelope-from owner-ietf-pkix@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k3DJfgP5061117; Thu, 13 Apr 2006 12:41:42 -0700 (MST) (envelope-from owner-ietf-pkix@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-pkix@mail.imc.org using -f
Received: from smtp2.pacifier.net (smtp2.pacifier.net [64.255.237.172]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k3DJffdc061111 for <ietf-pkix@imc.org>; Thu, 13 Apr 2006 12:41:41 -0700 (MST) (envelope-from ietf@augustcellars.com)
Received: from romans (unknown [207.202.179.27]) by smtp2.pacifier.net (Postfix) with ESMTP id 684727AC21; Thu, 13 Apr 2006 12:41:40 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Russ Housley' <housley@vigilsec.com>, 'Ted Hardie' <hardie@qualcomm.com>
Cc: iesg@ietf.org, ietf-pkix@imc.org
Subject: RE: Last Call summary for draft-ietf-pkix-cert-utf8
Date: Thu, 13 Apr 2006 12:48:22 -0700
Message-ID: <016601c65f33$3911b370$0b00a8c0@augustcellars.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
In-Reply-To: <7.0.0.16.2.20060413114840.059c9c38@vigilsec.com>
Thread-Index: AcZfFmEfEIeS71j4StC+XoalnEVHagAHNAgQ
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 057ebe9b96adec30a7efb2aeda4c26a4
I concur with this text. jim > -----Original Message----- > From: owner-ietf-pkix@mail.imc.org > [mailto:owner-ietf-pkix@mail.imc.org] On Behalf Of Russ Housley > Sent: Thursday, April 13, 2006 9:11 AM > To: Ted Hardie > Cc: iesg@ietf.org; ietf-pkix@imc.org > Subject: RE: Last Call summary for draft-ietf-pkix-cert-utf8 > > > Ted: > > Thanks for the improved text. Here it is all put together: > > When strings are mapped from internal representations to > visual representations, > sometimes two different strings will have the same or > similar visual representations. > This can happen for many different reasons, including use > of similar glyphs and > use of composed characters (such as e + ' equaling > U+00E9, the Korean > composed characters, and vowels above consonant clusters > in certain languages). > As a result of this situation, people doing visual > comparisons between two > different names may think they are the same when in fact > they are not. Also, > people may mistake one string for another. Issuers of > certificates and relying > parties both need to be aware of this situation. > > This does not impose any untestable requirements. Any > concerns with this text? > > Russ > > At 11:05 AM 4/13/2006, you wrote: > >At 10:32 AM -0400 4/13/06, Russ Housley wrote: > > >I suggest the following. I think it adds the concept of > "similar looking." > > > > > > When strings are mapped from internal representations to visual > > representations, > > > sometimes two different strings will have the same or similar > > visual representations. > > > This can happen for many different reasons, including use of > > similar glyphs and > > > multiple items being combined into a single glyph. > > > >"Multiple items being combined into a single glyph" sounds like you > >mean "the use of composed characters" (e + ' equaling U+00E9, the > >Korean composed characters, vowels above consonant clusters > in certain > >languages). Each of the cases in which that occurs has a raft of > >different instances, each with their own tricky bits. If > that is what > >you mean, I'd suggest using that phrasing, as it is a > >more recognized term of art. If you mean something else, I > don't think I'm > >clear on what exactly you mean. > > Ted > > > > > > > > > > >As a result of this situation, > > > people doing visual comparisons between two different names may > > think they are > > > the same when in fact they are not. Also, people may mistake > > one string for > > > another. Issuers of certificates and relying parties both need > > to be aware of > > > this situation. > > > > > >This does not impose any untestable requirements. Any concerns > > with this text? > > > > > >Russ > > > > > > > > >At 07:36 AM 4/13/2006, Santosh Chokhani wrote: > > >>When strings are mapped from internal representations to visual > > >>representations, sometimes two different strings will > have the same > > >>visual representations. This can happen due to similar glyphs, > > >>multiple items being combined into a single glyph among > other reasons. > > >>When > > >>this happens people doing visual comparisons between two > different > > >>names may think they are the same when in fact they are > not. Also, > > >>people may mistake one string for another. Issuers of > certificates > > >>and relying parties both need to be aware of these facts. > > >
- Last Call summary for draft-ietf-pkix-cert-utf8 Sam Hartman
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Santosh Chokhani
- Re: Last Call summary for draft-ietf-pkix-cert-ut… Denis Pinkas
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Jim Schaad
- Re: Last Call summary for draft-ietf-pkix-cert-ut… Stephen Kent
- Re: Last Call summary for draft-ietf-pkix-cert-ut… Sam Hartman
- Re: Last Call summary for draft-ietf-pkix-cert-ut… Denis Pinkas
- Re: Last Call summary for draft-ietf-pkix-cert-ut… Julien Stern
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Michael Myers
- Re: Last Call summary for draft-ietf-pkix-cert-ut… Denis Pinkas
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Hallam-Baker, Phillip
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Santosh Chokhani
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Jim Schaad
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Jim Schaad
- Re: Last Call summary for draft-ietf-pkix-cert-ut… Denis Pinkas
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Santosh Chokhani
- Re: Last Call summary for draft-ietf-pkix-cert-ut… Russ Housley
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Russ Housley
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Ted Hardie
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Santosh Chokhani
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Kurt D. Zeilenga
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Russ Housley
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Michael Myers
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Jim Schaad
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Hallam-Baker, Phillip
- Re: Last Call summary for draft-ietf-pkix-cert-ut… Stephen Farrell
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Jim Schaad
- RE: Last Call summary for draft-ietf-pkix-cert-ut… Stefan Santesson