Re: [precis] Adam Roach's Discuss on draft-ietf-precis-7564bis-08: (with DISCUSS)

Peter Saint-Andre <> Wed, 05 July 2017 22:58 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0C1A5131566; Wed, 5 Jul 2017 15:58:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.72
X-Spam-Status: No, score=-2.72 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key) header.b=QAj2qNMH; dkim=pass (2048-bit key) header.b=EAnj806u
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id nF-4ecPPWy4W; Wed, 5 Jul 2017 15:58:11 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4440812ECCB; Wed, 5 Jul 2017 15:58:11 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal []) by mailout.nyi.internal (Postfix) with ESMTP id B16A220AB2; Wed, 5 Jul 2017 18:58:10 -0400 (EDT)
Received: from frontend2 ([]) by compute2.internal (MEProxy); Wed, 05 Jul 2017 18:58:10 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=OypLzqQCsLAtvUxP4a 65LzZQb2dNzYnAfOhwZQrG4NI=; b=QAj2qNMH7jR2gd0VeC4HjL/XCPMRUIPIOb 0KER3UqbFmp13oaKxUK9CBbvG9AsUUEltxETjTJonqXhneNJ2/fhqd7lVZklzHDp N+vw71R6M25KlfnhOdF240Ef7wdVVBUDI4+Yi4ypG2MLDQjORiWupZd25C17S8oq QabatoNpLDai2VedhYWQ48s8yCHtVX4WA1kjZY6j7GZ+TocdygFkcCyd+7uAW4l7 wH7UCGEadnl7Yi+szy9jF1BGvCK6Y3yK0pkIZ7uLtfgEnKnIoiyuMd/0h0ZjG1IS rVKk94hcVPbf3Ip14ExgBF+ijn93ARdQptbuKkszt9Wwa0mp1gOQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s= fm1; bh=OypLzqQCsLAtvUxP4a65LzZQb2dNzYnAfOhwZQrG4NI=; b=EAnj806u unbGHVQ/3EQoQbOjSl3KbTOej+Hsr7ivrVm2F4AeyEK9xhZPrElF9cSlex6Q7sY0 xN4CAdo3tR0NpqdWIkt+evwb7tUjclFBki+AvL9TgASXVCt6m7syz7SnF4BCjnIp HOEbhZPzmao82I1uQo67PpmEnDkTtDvIp4hPNvMEmmzcmMo0avybvSp1g53UXdIA 7ciaq3O8RGLV4BQ/XxNXCKE4R+x6iZtJOHQcscWF4h/riRGIvR2mgzE5d3qAZU3U kqFLXufTap1oFcg8i9Yl9zLL+rBNuWIJH2bikpU01FjzHbq4R2VDGh2dcOnbbLx7 u0aRHAJKpd4k/w==
X-ME-Sender: <xms:Am9dWcbu94aFuIubrCkcNDffB8P9LNT6hOxjdAGeIwhqtLD4T-aQ7w>
X-Sasl-enc: WkkeJBqrRvMkoLUuXkn5kHYlsee9BXjhvykEqMfbQNYF 1499295490
Received: from aither.local (unknown []) by (Postfix) with ESMTPA id 016C82479F; Wed, 5 Jul 2017 18:58:09 -0400 (EDT)
To: Adam Roach <>, The IESG <>
References: <>
From: Peter Saint-Andre <>
Message-ID: <>
Date: Wed, 5 Jul 2017 16:58:09 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [precis] Adam Roach's Discuss on draft-ietf-precis-7564bis-08: (with DISCUSS)
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Preparation and Comparison of Internationalized Strings <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 05 Jul 2017 22:58:16 -0000

On 7/5/17 3:41 PM, Adam Roach wrote:
> Adam Roach has entered the following ballot position for
> draft-ietf-precis-7564bis-08: Discuss
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> Please refer to
> for more information about IESG DISCUSS and COMMENT positions.
> The document, along with other ballot positions, can be found here:
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> Section 12.5 contains the following normative statement:
>>  Furthermore, because most languages are typically
>>  represented by a single script or a small set of scripts, and
>>  because most scripts are typically contained in one or more
>>  blocks of code points, the software SHOULD warn the user when
>>  presenting a string that mixes code points from more than one
>>  script or block, or that uses code points outside the normal
>>  range of the user's preferred language(s).
> This guidance seems broadly unimplementable for any users whose native language
> uses a non-Latin script. Due in large part to the Internet's ASCII heritage,
> and combined with the somewhat ubiquitous use of Latin characters for other
> worldwide purposes (e.g., a quick perusal of Russian- and Chinese-language web
> sites shows numerous examples of Latin representations for things like stock
> ticker symbols and metric abbreviations), it seems that the normative
> requirement to warn when "presenting a string that... uses code points outside
> the normal range of the user's preferred language(s)" will *either* warn
> non-Latin-character users almost constantly (if Latin is considered outside the
> range), or be broadly useless in preventing spoofing (if it is).
> I'm not clever enough to come up with a generalized solution for users of all
> alphabets, so don't have a generic proposal here; but I think that the guidance
> does at least need to be properly scoped so that it bears only on warning Latin
> alphabet users of the presence of non-Latin characters, while acknowledging
> that it is probably rather useless when used in the opposite direction. I
> imagine that it still makes sense to warn non-Latin users of non-Latin
> characters outside the codepoints used by their language (e.g., warning Greek
> speakers of the presence of Cyrillic characters).

Good catch. Yes, we could add a carve-out for characters from the ASCII
repertoire when the context is Internet applications that use such

(It's not *necessarily* the case that all applications using PRECIS are
Internet applications or involve ASCII characters - e.g., perhaps an
application deployed on a closed intranet within, say, the Chinese
government could still use the PRECIS rules to handle input and output
strings, without any ASCII characters ever shown to end users.)