IETF Logo Mail Archive

Re: [regext] Last Call: <draft-ietf-regext-epp-eai-10.txt> (Use of Internationalized Email Addresses in the Extensible Provisioning Protocol (EPP)) to Proposed Standard

"Gould, James" <jgould@verisign.com> Fri, 27 May 2022 12:03 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49E77C1D3C4E; Fri, 27 May 2022 05:03:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q2AiNzBLkg0S; Fri, 27 May 2022 05:03:13 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95A88C1D3C67; Fri, 27 May 2022 05:03:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=12202; q=dns/txt; s=VRSN; t=1653652994; h=from:to:cc:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=YSCw71WYK0yzszFTKAmuBnptRqIbNJcKNbjdQd3kPfI=; b=VtSL9SlrK3J/p2WW1DLXTOftD3QdDg2POXd+bRIpYChBFGI2BH03r/Qi 3hqo1sUSEetJhpR2ahW7zEHUBlV6L81JdqLuzcN0FeOQOKs7C9Xjm4GVX RK82r/6hjq4Afn4he6P9vRMd819lYnaxh/oWH5nrHf6wvdfkIvG5dR4tB OmxNKo9q09VupoWX5sH1hzVDoBLvAwZdBz47rRa/c30sq9+tX3bIbe2vw eF+sifdtcHkgeC9b04R2fCscOtZVDsQaXpwji5RGR+GnscIM8Vel2tKSR gjlv/qzYh5BFRhNEs+SwRmJYPKw2HK5SO3PzDVWul2aUVuJGmjw/UW5a7 A==;
IronPort-Data: A9a23:qFTDvKzIGQumMV4RUC96t+cRxyrEfRIJ4+MujC+fZmUNrF6WrkUPz WIYWTiAPv3ZNmGhKNEibITg9hwP6JPWydFhQQJkpS00HyNBpPSeCIXCJC8cHc8wwu7rFxs7s ppEOrEsCOhuExcwcz/0auCJQUGRUchkf5KkYAL+EnkZqTRMFWFw0HqPp8Zj2tQy2YXjXFvX0 T/Pi5a31GGNimYc3l08tvrrRCNH5JwebxtB4zTSzdgS1LPvvyF94KA3fMldHFOhKmVgJdNWc s6YpF2P1jiAo0pyUIPNfoHTKSXmSpaKVeSHoiQOB/j62nCurARqukowHKJ0hUu6F1xlNj2+o TlAncXYdOsnAkHDsMggfhgBVBFSAbNp6O/ueWKe8sDP6HSTJhMAw902ZK03Faci3L9IJ0x+r aVeNjsKdAjFju7w3qigTK9ngcFLwMvDZdtZ4y47i2iEVrB6EfgvQI2TjTNc9DU/gd1KEd7Aa tAYcjtgalLLZBgn1lI/Ucxnxrjz3iiXnztwlW+wgKNw5XXp7QlQ65fBbeLLUMGDSpAA9qqfj iecl4jjOTkYM9yZjDuI7nyEhOTM2yj8Xeo6ELSj6rthiVmX7m0eFBNQUkG0ydG7iUm6WN9FA 0MT9iMiobl0/0uuJvHnUhK1sGLBtR4VWsBLO+w39A/LzbDbiy6VHGEKUntAZcAo8dU7SjE6y hqEh8usCDVumLyYVXzb8a2bxRuoNCcYPXMqZCIYQ00C+daLnW0ophjVSI98FqOl1oSwAi/qh TWLt200gPMZl8hSkbuh5laBiDWpznTUcjMICszsdjrNxmtEiESNPuRENXCzAS58Ebuk
IronPort-HdrOrdr: A9a23:8vg/1qAhCls+7D3lHelx55DYdb4zR+YMi2TDsHoBLCC9E/bo9f xG88566faZslgssRIb9uxoUZPoKU80nqQFgrX5U43CYCDW/EWlK4145ZbvznnKC0TFmtJ15O NFf7JlANP9SXp3na/BijWQIpIFzMOc+K6lwd3CyWxgJDsGV4h74xxnBh2gHkp6eQlDCfMCf6 ah2g==
X-IronPort-AV: E=Sophos;i="5.91,255,1647302400"; d="scan'208";a="16127309"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.24; Fri, 27 May 2022 08:03:10 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2375.024; Fri, 27 May 2022 08:03:10 -0400
From: "Gould, James" <jgould@verisign.com>
To: "john-ietf@jck.com" <john-ietf@jck.com>, "last-call@ietf.org" <last-call@ietf.org>
CC: "jkolker@godaddy.com" <jkolker@godaddy.com>, "regext-chairs@ietf.org" <regext-chairs@ietf.org>, "draft-ietf-regext-epp-eai@ietf.org" <draft-ietf-regext-epp-eai@ietf.org>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: Re: Last Call: <draft-ietf-regext-epp-eai-10.txt> (Use of Internationalized Email Addresses in the Extensible Provisioning Protocol (EPP)) to Proposed Standard
Thread-Index: AQHYccG6ubSAc6LGOEGtCP5MaUhOXA==
Date: Fri, 27 May 2022 12:03:08 +0000
Message-ID: <A106614B-9D5F-4074-BEEE-F0415D2BEB5D@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.59.22031300
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <81822EF01966F44A99584B8B29B25F09@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/QbiJGUxXEvTDOJOSt9c6NMEEy28>
Subject: Re: [regext] Last Call: <draft-ietf-regext-epp-eai-10.txt> (Use of Internationalized Email Addresses in the Extensible Provisioning Protocol (EPP)) to Proposed Standard
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 May 2022 12:03:18 -0000

John,

Thank you for your review and feedback.  My responses are embedded below.  

-- 
 
JG



James Gould
Fellow Engineer
jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com>

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com <http://verisigninc.com/>

On 5/26/22, 2:11 PM, "John C Klensin" <john-ietf@jck.com> wrote:



    --On Thursday, May 26, 2022 08:59 -0700 The IESG
    <iesg-secretary@ietf.org> wrote:

    > 
    > The IESG has received a request from the Registration
    > Protocols Extensions WG (regext) to consider the following
    > document: - 'Use of Internationalized Email Addresses in the
    > Extensible
    >    Provisioning Protocol (EPP)'
    >   <draft-ietf-regext-epp-eai-10.txt> as Proposed Standard
    > 
    > The IESG plans to make a decision in the next few weeks, and
    > solicits final comments on this action. Please send
    > substantive comments to the last-call@ietf.org mailing lists
    > by 2022-06-09. Exceptionally, comments may be sent to
    > iesg@ietf.org instead. In either case, please retain the
    > beginning of the Subject line to allow automated sorting.
    > 
    > Abstract
    > 
    > 
    >    This document describes an EPP extension that permits usage
    > of    Internationalized Email Addresses in the EPP protocol
    > and specifies    the terms when it can be used by EPP clients
    > and servers.  The    Extensible Provisioning Protocol (EPP),
    > being developed before    appearing the standards for
    > Internationalized Email Addresses (EAI),    does not support
    > such email addresses.

    Hi.

    Several comments after a first and quick look through this
    document.

    First, it appears that it is making a more fundamental change to
    EPP than just allowing for SMTPUTF8 (aka "non-ASCII" or "EAI")
    addresses local parts.  The second paragraph of the Introduction
    says
    	 "A new form of EPP extension, referred to as a
    	Functional Extension, is defined and used..."
    and Section 4 defines that mechanism.   Because there are people
    who might look at an announcement of Last Call for an
    internationalization-related extension and say either "someone
    else will look at those complexities" or "oh, sure, non-ASCII
    addresses are good", and move on, introduction of that new type
    of extension should be highlighted in the Abstract and should
    have been included in the Last Call so as to draw attention from
    those who are, e.g., concerned about the tradeoffs associated
    with adding complexity to EPP.

    It would be helpful to have assurances that the WG carefully
    considered the idea and definition of a new extension type and
    any associated tradeoffs independent of the particular
    requirements of this document.  While it might be necessary,
    complexity and added options do not promote interoperability.
    It would also be helpful to know whether developing a separate,
    short, document defining the new extension type so it could
    conveniently be referenced from this document and other
    specifications had been considered.  Especially if an update or
    replacement for this document is anticipated, referencing it
    from other extensions that use the new type invites the tangled
    problems of whether such a reference to an obsolete or updated
    document is still appropriate.

JG - Support for EAI across a set of existing and future EPP extensions did represent a new extensibility use case was discussed in the working group, along with other options.   The intent of the draft is to support EAI with the definition of a functional extension being as a building block to satisfy the requirement.  If the use of a functional extension is needed beyond EAI then I agree that a functional extension draft can be created.  I don't foresee that need at this point.  


    Second, Section 2, titled "Migrating to Newer Versions of This
    Extension" strongly implies that a different form of this
    extension, or a different extension mechanism serving the same
    purpose is under development (or even further along) and
    expected to succeed this one.  If that is the case, should this
    specification not be published as Experimental rather than
    Standards Track (or even, noting Section 7, as "Verisign's
    Preliminary Mechanism for Use of Internationalized Email
    Addresses in..." and Informational)?  Or, if there is a
    substantive reason to publish as Standards Track, I believe the
    document should explain the reasons for doing this now when an
    update/replacement using a different mechanism is anticipated?
    Version numbers or not, the way of doing things that seems to be
    proposed in the document also does not appear to be a good way
    to promote interoperability.

JG - The migrating to new versions section has become common in the EPP extensions (e.g., Section 2 of RFC 9167, Section 2 of RFC 8807, Section 2 of RFC 8748).  The draft is solely focused on supporting EAI in EPP that used pointed version numbers (e.g., urn:ietf:params:xml.ns:epp:eai-0.1, urn:ietf:params:xml.ns:epp:eai-0.2,  urn:ietf:params:xml.ns:epp:eai-0.3) for draft implementation signaling until after WGLC when the version was changed to urn:ietf:params:xml.ns:epp:eai-1.0.  This section is needed to provide guidance as implementations upgrade to version urn:ietf:params:xml.ns:epp:eai-1.0.  The standards track is appropriate for the draft.  The work is complete and there is no mechanism serving the same purpose under development.  

    Third, with regard to the i18n parts of this:

    Nit: The last sentence of Section 3, 
    	"By applying the syntax rules of [RFC5322], the EPP
    	extensions will change from supporting only ASCII
    	characters to supporting Internationalized characters
    	both in the email address local-part and domain-part."
    Does not appear to make sense since, as pointed out earlier in
    that section, the syntax rules of RFC 5322 only allow (a subset
    of) ASCII characters.  Was "[RFC6531]" intended?

    While the SMTPUTF8 extension is now supported in most popular
    sender-SMTP ("client") and receiver-SMTP ("server")
    implementations, comprehensive support in MUAs and other
    relevant, user-facing, programs and user interface arrangements
    (including support by humans) is less common (where
    "comprehensive" includes all scripts and all languages).  This
    document shows no evidence that the WG has considered whether it
    would be appropriate and should be possible to negotiate script
    or language-specific use.  While that probably has nothing to do
    with the technical use of the EPP protocol (i.e., computers
    talking with computers), it could be very important to practical
    operational use.  If nothing else, the document should probably
    containing appropriate warnings to registrars and/or registries
    who, for whatever reason, would like to claim better support for
    those working in languages other than English about possible
    pitfalls.

    Similarly, at least because the server-end downgrade mechanisms
    described in RFC 6857 do not appear to be widely supported and
    those described in RFC 6858 lose information, it would appear to
    be useful for this extension to include provisions for an
    all-ASCII, RFC 5321/5322-conforming, fallback or alternate
    contact address.  I see no way to provide such an address in
    this spec.

    There might be other issues as well, but I would strongly
    encourage the WG to think about the entire system surrounding
    this protocol extension, including not only EPP clients and
    servers but registrants and those third parties who legally and
    appropriately access registry (and, if separate, registrant)
    databases to access, understand, and use information.  For
    example, nothing in RFC 6530 and the related documents prohibits
    the use of obscure and archaic scripts as local-part strings
    but, especially when there are bidi rendering issues involved,
    such strings can be very difficult to understand, use, or even
    copy into other contexts.

JG - The challenge in the draft is how to apply the non-ASCII email address syntax defined in RFC 6530 to the EPP protocol, which is highlighted in section 3 of the draft.  The focus is on the EPP protocol and not non-protocol policy elements.  The security considerations section highlights risks that need to be considered.   

    Disclaimer: These comments are those of the author only and
    should not be confused with an i18ndir review.  Neither they nor
    the document have been discussed on that list.

        john

v2.23.0 | Report a Bug | By Email