Re: [precis] I-D Action: draft-ietf-precis-7564bis-09.txt
Peter Saint-Andre <stpeter@stpeter.im> Tue, 19 September 2017 15:40 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: precis@ietfa.amsl.com
Delivered-To: precis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5309B134292 for <precis@ietfa.amsl.com>; Tue, 19 Sep 2017 08:40:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.721
X-Spam-Level:
X-Spam-Status: No, score=-2.721 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=stpeter.im header.b=j+wDNFZe; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=VZzx98D6
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TlLzE1S-P09P for <precis@ietfa.amsl.com>; Tue, 19 Sep 2017 08:39:59 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24FB3133020 for <precis@ietf.org>; Tue, 19 Sep 2017 08:39:58 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 5AA75213F5; Tue, 19 Sep 2017 11:39:58 -0400 (EDT)
Received: from frontend1 ([10.202.2.160]) by compute2.internal (MEProxy); Tue, 19 Sep 2017 11:39:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stpeter.im; h=cc :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc :x-sasl-enc; s=fm1; bh=4Pw4+tHRS96gfIdWmlcKY3e6GcZxUdYz0lbsdmLag dE=; b=j+wDNFZe/La0G785DGtjzGrAKEtnOnCdtOa5+hXXLFd2kABN4wocc4HD0 hSgFZm2b4P4IyPtdiAuWcoV3c/uBqDEX4h8jwyIREFS2SslzCSTMGAG8nLFyr4o+ +hey/ydJTpYsLipHnmvXExOmt/zeZ2WnQPrFSOFOkQDQFJ9CYorEP/ICp/8l26HQ NKP/CD+qmu0i2DOh6HbMHCVpzFv8JgCQoSfJewe+TCDxY55To1W7qD0TSpj5VU1L qDfYUrYSOPsU3B7TKniOLKoiWV25A4Ru2b0Ii7DVLsjWadzXIyxGzPG3G2f4kFlj UayzSexM/Jwe9ZrwM8wtSGS0djrqQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=4Pw4+tHRS96gfIdWml cKY3e6GcZxUdYz0lbsdmLagdE=; b=VZzx98D68GDnTfePOEvGXbJlZtwIgkdQEz oL0WPPdPvY7heTDnnvoIA4/AeC76C8DEWG+2OxnwF+pragsBXm1Dk8oQlILhRh8z D7zFNsS7kau/c7J32LJEOwuF8hVqllJgpO5mq1cSglhloRlLQR8ZLTQI/uoFbNP+ ASw37ErEy4Ql9BwpEhyreT1kyAb1yfLXWfhbD7WoKxf/D9RiHMEOaOLbAhxYp0Pu MA5H1Q9XcrtVPrfw6UMTqXRsVhVrbSdBK8+w34RrONkZ2Nbi6S+PM4ZkBoYoRD8V iMNOVuspvxppvg4k4dQafhhEoOlj17nK6qrvQTsMIEsAJhET9Slw==
X-ME-Sender: <xms:TjrBWd-8F3ZUql8kNaCIMEk33cTOSsXfEfL_gwp_DQX833t5Wu6HEQ>
X-Sasl-enc: HYjhq6Xklkck9ji412t/nvAmizJ480Cmn4mfA8BzdsjE 1505835597
Received: from aither.local (107-1-214-226-ip-static.hfc.comcastbusiness.net [107.1.214.226]) by mail.messagingengine.com (Postfix) with ESMTPA id B97F87FA6B; Tue, 19 Sep 2017 11:39:57 -0400 (EDT)
From: Peter Saint-Andre <stpeter@stpeter.im>
To: Sam Whited <sam@samwhited.com>
Cc: precis@ietf.org
References: <150024725625.303.17137036571104960991@ietfa.amsl.com> <33f7468c-6742-7cbe-fa6f-70002c35cc62@stpeter.im> <CAHbk4RLa5AZp+sKUMoVOE2VsUmaDKGdWBqoTvurU_o=rj_OM0g@mail.gmail.com> <1504880015.1561911.1099626960.6CB0430C@webmail.messagingengine.com> <bd11bb2f-81a7-4081-ed49-15fa0fcb117c@stpeter.im> <1505397979.578298.1106052760.03A5025F@webmail.messagingengine.com> <0fc31e75-7893-c982-30b4-a6fe4ecae5fb@stpeter.im> <1505675616.1686212.1109016016.7A9E7FFE@webmail.messagingengine.com> <a50d8f06-2a2e-5062-5a9d-ace5b718090c@stpeter.im> <1505681506.1709856.1109072624.0D72B3D4@webmail.messagingengine.com> <70293ba4-d48d-fe38-4ea2-cfcb8254978c@stpeter.im> <1505695043.1765196.1109187000.6BDEAF89@webmail.messagingengine.com> <c1760796-0bde-d85c-9c67-b6eb934dfba8@stpeter.im> <1505705546.1810302.1109287696.57457A90@webmail.messagingengine.com> <9ff90d8e-d130-0443-d3bd-4964b101f957@stpeter.im>
Message-ID: <b7fd055f-56ec-6092-c810-d7368e9a634b@stpeter.im>
Date: Tue, 19 Sep 2017 09:39:55 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <9ff90d8e-d130-0443-d3bd-4964b101f957@stpeter.im>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="igDNTQOimaBSCi7orMUOtfH1MeG3B9wIF"
Archived-At: <https://mailarchive.ietf.org/arch/msg/precis/e21ovvM4iUEFtxOBk57rOKWy7Ag>
Subject: Re: [precis] I-D Action: draft-ietf-precis-7564bis-09.txt
X-BeenThere: precis@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Preparation and Comparison of Internationalized Strings <precis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/precis>, <mailto:precis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/precis/>
List-Post: <mailto:precis@ietf.org>
List-Help: <mailto:precis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/precis>, <mailto:precis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Sep 2017 15:40:01 -0000
On 9/18/17 7:21 AM, Peter Saint-Andre wrote: > On 9/17/17 9:32 PM, Sam Whited wrote: >> On Sun, Sep 17, 2017, at 21:56, Peter Saint-Andre wrote: >>> It's true that a nickname / handle / display name is not a solid basis >>> on which to make authentication or authorization decisions. So don't do >>> that. :-) >>> >>> Should we add a sentence about this to 7700bis? >> >> I suppose it couldn't hurt, but I'm not sure that it's necessary either. > > I thought about it more overnight and I will look more closely at the > security considerations and introduction later today. I do think a > sentence or two would help. Here is some proposed text to address part of Sam's concern. First, in the Introduction... OLD The rules specified in this document can be applied in all of the foregoing contexts. To increase the likelihood that memorable, human-friendly names will work in ways that make sense for typical users throughout the world, this document defines rules for handling nicknames in terms of the preparation, enforcement, and comparison of internationalized strings (PRECIS) framework specification [RFC8264]. NEW The rules specified in this document can be applied in all of the foregoing contexts. It is important to understand that a nickname is a personally memorable name or handle for something that has a more stable, underlying identity, such as a URI or a file path. To ensure secure operation of applications that use nicknames, authentication and authorization decisions MUST be made on the basis of the thing's identity, not its nickname. To increase the likelihood that memorable, human-friendly names will work in ways that make sense for typical users throughout the world, this document defines rules for handling nicknames in terms of the preparation, enforcement, and comparison of internationalized strings (PRECIS) framework specification [RFC8264]. Second, we might repeat that paragraph in a new subsection of the Security Considerations, too. Third, I suggest that we move the following paragraph from the end of Section 4 to the end of Section 2.1: Implementation experience has shown that applying the rules for the Nickname profile is not an idempotent procedure for all code points. Therefore, an implementation SHOULD apply the rules repeatedly until the output string is stable; if the output string does not stabilize after reapplying the rules three (3) additional times after the first application, the implementation SHOULD terminate application of the rules and reject the input string as invalid. Peter
- [precis] I-D Action: draft-ietf-precis-7564bis-09… internet-drafts
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… William Fisher
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… William Fisher
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Sam Whited
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Marc Blanchet
- Re: [precis] I-D Action: draft-ietf-precis-7564bi… Peter Saint-Andre