IETF Logo Mail Archive

Re: [regext] [Last-Call] last call reviews of draft-ietf-regext-epp-eai-12 (and -15)

"Gould, James" <jgould@verisign.com> Mon, 22 August 2022 12:00 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82AC8C14F747; Mon, 22 Aug 2022 05:00:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xduJUJw49GmB; Mon, 22 Aug 2022 05:00:46 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50258C14CEFC; Mon, 22 Aug 2022 05:00:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=11922; q=dns/txt; s=VRSN; t=1661169645; h=from:to:cc:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=QYYg2/ZyZJwbkFYty5RQe3jbocUFOESxOAEFAOaV028=; b=i4XYsJJV8rdQyYTOWYo+7hc8/ypQW0De3xhngT3Qixn2xV+I/Sc+WsuD HNlCwQbvK9DA9l/hLaORjc2Jr4wC/XtEgnTKOM72ZFFUBwbMVi6YEh+Jy FQSY9BQyNwTAgTyVyVkeihEy6mxNxQomv68n8X1gdCW+n6SqgR+TigiHp 1DLZRR7CpBOUatJQmyq2uadkvxnQehNPBWM7VFOsX4ub89/GbI2vvsL2y E0NH89RJgxIw64R3YaCczL9PcCLI3Nf9CFez1CTPzQXldMGgHXMnHHT10 8IK6D3o2RIuhtEvTfiK9kp+glDjIJWMKGJF+Abd0w7adeLO9kwWDivyUH w==;
IronPort-Data: A9a23:uJ7qUqzyeUIse15/1Z56t+euxyrEfRIJ4+MujC+fZmUNrF6WrkVVx zQfXDyEb/zYMWShe49/a4+2pBwO78WGztJmSgFqpC00HyNBpPSeCIXCJC8cHc8wwu7rFxs7s ppEOrEsCOhuExcwcz/0auCJQUFUjP3OHPykYAL9EngZbRd+Tys8gg5Ulec8g4p56fC0GArlV ena+qUzA3f4nW8vWo4ow/jb8kk37K6o4GpwUmEWPpingnePzxH5M7pCfcldH1OgKqFIE+izQ fr0zb3R1gs1KD90V7tJOp6iGqE7aua60Tqm0xK6aID76vR2nRHe545gXBYqQRwO12jWxYAZJ OJl7vRcQS9xVkHFsLpFD0kAS0mSN4UekFPMCSDXXcB+UyQq2pYjqhljJBheAGEWxgp4KTxHx +QHAjRQVVesntvtxLiaFOxevO12eaEHPKtH0p1h5RvjK68ZZ73zG/+M+9Rfxi92j8wIA+zFY YwSbj8HgBboOkUJYwhMTstjx6H01xETcBUBwL6Rjag45HXXwCRv3aLsK9vafJqBQsA9ckOw/ zKaoz6hWExy2Nq37DHG7U+Quvb0hjLnRblNLaWb365HjwjGroAUIFhMPbehmtG7jU64HtNSN 0I8+CEt66M18SSDRNT5Uxi5vFaLuxcdX5xbFOhSwBmExILM6giFC2MECCVMAPQku8grQTB/i geXksnoHj1gtvueTne1+rKdtzj0OCUJIykFfyBsZQIf//HirZ09yBXVQb5LHLS8gMGwGDzsz XWQoSczl6lWgNYTkqiy/BbOhzaEp5XVQEgy/Aq/dmas9R88b4ehY6Sp5ETVq/FaI+6xVFSOs WgYs8mT8O5ICouC/ASMGbULELCzz/eILDOahkRgd7Eu+jLo8mS/VYFd/D84I11mWvvoYhfje kmKpgVc9McJeWC0d+lyYpn0AcNsx7LmTJL7TOvSKNFJZ/CdaTO6wc2nXmbIt0iFraTmufhX1 UuzGSp0MUsnNA==
IronPort-HdrOrdr: A9a23:NBx4/Krg6fzY/cSR9D/wBbsaV5r2eYIsimQD101hICG9Ffbo8v xG/c5rtyMc5wxwZJhNo7690cq7Lk80nKQdibX5Vo3SPzUO1lHIEKhSqaXvxDH6EzDz+6p3xc 5bH5RWOZnVAUJhhcj3pCu1A78bquWvweSNif3Fx3lgCTt2bbpthj0VNi+AHlZoSBJ9CZ01KZ qZ6qN8zAadRQ==
X-IronPort-AV: E=Sophos;i="5.93,254,1654560000"; d="scan'208";a="18442025"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.31; Mon, 22 Aug 2022 08:00:38 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2375.031; Mon, 22 Aug 2022 08:00:38 -0400
From: "Gould, James" <jgould@verisign.com>
To: "john-ietf@jck.com" <john-ietf@jck.com>, "beldmit@gmail.com" <beldmit@gmail.com>, "paf@paftech.se" <paf@paftech.se>, "jgould=40verisign.com@dmarc.ietf.org" <jgould=40verisign.com@dmarc.ietf.org>
CC: "art@ietf.org" <art@ietf.org>, "draft-ietf-regext-epp-eai.all@ietf.org" <draft-ietf-regext-epp-eai.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "regext@ietf.org" <regext@ietf.org>, "i18ndir@ietf.org" <i18ndir@ietf.org>, "gen-art@ietf.org" <gen-art@ietf.org>
Thread-Topic: Re: [Last-Call] last call reviews of draft-ietf-regext-epp-eai-12 (and -15)
Thread-Index: AQHYth7LE9MsymvsZkm9HRfD2CDhEA==
Date: Mon, 22 Aug 2022 12:00:38 +0000
Message-ID: <B4495BC6-AC28-4BFE-B24B-25D630B23AD6@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.62.22061100
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <81A5D8BDDD2B6C45A8488560E36F6E44@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/-fVUelr2GwzLYLSwgmXIn51jySY>
X-Mailman-Approved-At: Mon, 22 Aug 2022 05:55:12 -0700
Subject: Re: [regext] [Last-Call] last call reviews of draft-ietf-regext-epp-eai-12 (and -15)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Aug 2022 12:00:50 -0000

John, 

I will address your point (5), based on the prior thread that we had back in May (https://mailarchive.ietf.org/arch/msg/regext/G08akVkCjnXEPw8k7NiCHbeEamo/), where I stated:

I don't agree that section 2.7 of RFC 5730 defines the only forms of extensibility that can ever be supported by EPP and by defining a new form of extensibility to solve a specific problem in EPP is disallowed or non-compliant with RFC 5730.  In this case, the form of extensibility (Functional Extension) is formerly defined in draft-ietf-regext-epp-eai for clarity for use in solving the specific problem of EAI in EPP.  The intent is not to define a new form of extensibility to EPP in RFC 5730 to solve other similar problems.  I agree if a Functional Extension is meant to be a new formal form of extensibility for use in other yet to be defined EPP extensions, then it would make sense to define it in a draft by itself, but that is not the case with draft-ietf-regext-epp-eai.

Thanks,

-- 
 
JG



James Gould
Fellow Engineer
jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com>

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com <http://verisigninc.com/>

On 8/21/22, 12:25 PM, "John C Klensin" <john-ietf@jck.com> wrote:

    Dmitry and James,

    I think several different issues are getting intertwined here,
    some of which rise to the level of principles.  It is clear that
    we are making different assumptions about what is relevant and
    important and almost as clear that we are not going to convince
    each other.  As I said earlier, that is why we pay the IESG the
    big bucks.

    In no particular order:

    (1) I believe that, if you are trying to create an IETF
    standards track protocol that draws on another IETF standards
    track protocol for its motivation, you are obligated to follow
    the specifications of that protocol and associated experience,
    not just pick up its syntax.  In the case of non-ASCII email
    addresses, that includes making all-ASCII addresses available as
    an alternative unless there is great confidence that they will
    not be needed (e.g., for communications within a country using
    that country's major script (and where relevant, language) and a
    restricted set of email providers.  Such a restriction might
    actually be reasonable within a constrained business
    transaction, especially when registrant, registry, registry, and
    the domain itself primarily serve a particular country or
    cluster of countries (see below).  

    The IETF and its predecessors have carefully avoided specifying
    MUA, especially MUA-UI, behavior for well over 40 years.  In
    that context, the key difficulty with non-ASCII addresses may
    not be easily discerned from our specifications.  However, as
    the EAI WG understood from the beginning, transporting non-ASCII
    addresses across the Internet,in message header formats, even
    delivery status notification (DSN) messages, is fairly easy.  It
    is especially easy by comparison to actually designing and
    building software that interacts with users across a very broad
    range of languages and writing systems.  The usual solutions are
    to either give up on that quality of MUA/UI-UX design and
    instead design for a particular language community or small
    cluster of them, but that leaves messages that use, or embed
    addresses in, other languages and scripts in need of all-ASCII
    (or some other common/agreed form) in greater or lesser trouble.

    As a different, extreme, and nit-picky, example of where this
    specification has failed to appreciate what the
    Internationalized Email specifications say, thse specifications
    for non-ASCII email addresses and headers make it quite clear
    that there are no such things as an "EAI Address" or an "EAI
    extension" and that the correct term is "SMTPUTF8".  That would
    not be important except that IETF specs should not be creating
    confusion by using incorrect terminology (no matter how
    prevalent elsewhere) and because it reinforces the concern that
    the WG may not have paid careful attention to the relevant
    specifications (beyond a citation of syntax) in creating this
    one.


    (2) As Patrik pointed out, there is a community interest (both
    general and in ICANN policy) in making it easy for registrants
    to switch registrars (whether the earlier registrar remains in
    business or not).  For a registrar to treat business
    relationship data that do not affect users, various authorities,
    or elements of the DNS itself, as confidential is entirely
    reasonable. However, usable contact information for registrants
    does not fall into that category but, instead, is information
    registries have been required to have in their possession since
    before there was an ICANN (a principle reaffirmed many times
    since then). 


    (3) Whether a registrant is allowed to supply a non-ASCII email
    address at all and, if they are allowed to do that, whether an
    ASCII alternative should (or must) be supplied is, we are
    agreed, a matter for registry-registrar agreements -- at least
    until national governments, other authorities, or ICANN itself
    step in.  I don't think anyone has suggested that supplying an
    alternative all-ASCII address through the protocol should be a
    requirement imposed by the IETF (certainly I have not).  I
    imagine that the REGEXT WG making a strong recommendation on the
    subject would even be viewed by some as an intrusion on ICANN's
    scope of authority.   However, it is important that the protocol
    be able to accommodate the inclusion and transfer of that
    alternate address information lest someone --perhaps even
    someone acting on behalf of a registrar who believes its
    interests would be served by making transfers difficult-- claim
    in an ICANN forum that such information is unnecessary and
    difficult to provide --and hence should be excluded from
    discussions-- because the IETF decided it was not allowed in the
    protocol.

    (4) To say almost the same thing from a different perspective,
    if the purpose of this specification is to reduce the number of
    incompatible ways in which registry-registrar pairs do things,
    then please recognize that there is a strong possibility (as
    predicted by the SMTPUTF8 specification family), either
    immediately or after experience starts to accumulate, that
    alternate all-ASCII addresses will be required for some
    combinations of actors (before you removed the text, it strongly
    implied just that).  If you allow them in the protocol and data
    structure, then people who need to transmit them will have a
    guide as to how to do so.  If they are not allowed in the
    protocol, they you would be actively encouraging different ways
    of doing things by forcing different arrangements for
    transferring that information.  Given what everyone who has
    studied database theory knows about the dangers of transmitting
    closely linked data in separate pieces it is even more likely
    that they will invent alternatives to this protocol as soon as
    the requirement (or even an option) for transmitting an
    all-ASCII alternative address to the registry arises.

    (5) Finally, there is a procedural issue that seems to have
    gotten lost in the other (particularly i18n) discussions.  The
    base EPP spec [RFC5730] says that there are three ways to extend
    the protocol -- protocol, object, and command-response levels.
    It does not say there can never be additional ways or that other
    ways are not possible but it does say "three ways".   This
    document defines and adds a fourth, a "functional extension".
    No matter how harmless that addition is and even if the WG is
    certain it would never be used for anything other than this
    particular spec (in which case the reasoning should probably
    appear in the spec), that constitutes an update to 5730 that
    should be appropriately reflected in the RFC header and other
    document metadata.  If it really were a change to allow changes
    to the function of EPP (I don't think it is and believe the term
    may be badly chosen), then the community is owed an explanation
    of why the function and/or scope of an Internet Standard is
    being changed as part of what ought to be a fairly minor
    extension.  

    thanks,
        john

v2.23.0 | Report a Bug | By Email