IETF Logo Mail Archive

Re: [regext] EAI in EPP from a registrar point of view

"Gould, James" <jgould@verisign.com> Fri, 20 November 2020 05:36 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B78C3A17D7 for <regext@ietfa.amsl.com>; Thu, 19 Nov 2020 21:36:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id do-SMR6Uvi1r for <regext@ietfa.amsl.com>; Thu, 19 Nov 2020 21:36:04 -0800 (PST)
Received: from mail5.verisign.com (mail5.verisign.com [69.58.187.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41ADD3A1870 for <regext@ietf.org>; Thu, 19 Nov 2020 21:36:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=9678; q=dns/txt; s=VRSN; t=1605850565; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=OIUd029GyHznFbd7Qgac4ZxCVtIvhLrc4y4g39K7Maw=; b=QXyOY4v0DUvvgdie5CYcym+cARllLTgQUqZeiR6PzXFoPo9xP4kSHppb LcTHTTWxELLwCxGblPkLTSc2MvNmGD+/SAqZFXd3N4UELZH2J/8UixahH dQpRITmic7tq/mhCaKl0X4QlPgs1tEJG7WP9MJYMvl/BMmutKVHBZnlEI ypOUfZe45P0xYCmTOPcsDBTIhXnTLCqHYMpkGEEcAosIFgklt2hrqwbit u2W/ip87/Rrl2EWW4kJ5z/J8m8XESX9cxeoM7MeKEUqaSw/hBHOQ9YwnH hhqbhCsWAsEX8ytmYjGTlYdML5+Auek3e0G7Eu4PYAQKas0syB5E6kU+7 g==;
IronPort-SDR: DmKSPDA7OY0A0JaM5xqNfKvIWZl72nHfCGfwSzoNkQYcEVFxOIjysjlPpnyqXDx4taS/kgLtLX 3E2xOfwOzTwhVYdUfzygr+8T1SHX9GXMrM3Asa/slnELeI8ot9lYz3q3N5yvHMi0BQx3AbNX27 9nR2NT+SumIQ9e7687jpCcwce3yE+AdK18J4NtzaYNyflreLKiPin/KHQSJHknfX91wk85BWaq qQo06d0jVNhmMiT2YZnAlWze36SAIKREa4SbNeSJHK2r5En5qLr8Q2A9DxpL2Aq+oq0Cr27+2k Eg4=
X-IronPort-AV: E=Sophos;i="5.78,355,1599537600"; d="scan'208";a="3721520"
IronPort-PHdr: 9a23:fbw2bx2+UHV4QB3BsmDT+DRfVm0co7zxezQtwd8ZsesUL/TxwZ3uMQTl6Ol3ixeRBMOHsq0C0rGH+P24EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQpFiCe/bL9oMRm7owHcusYWjId+N6081gbHrnxUdupM2GhmP0iTnxHy5sex+J5s7SFdsO8/+sBDTKv3Yb02QaRXAzo6PW814tbrtQTYQguU+nQcSGQWnQFWDAXD8Rr3Q43+sir+tup6xSmaIcj7Rq06VDi+86tmTgLjhSEaPDA77W7XkNR9gqJFrhy8uxxxzY3ab4+UNPVica3ScsgXRXZaUcZUSyBNHpmxYokJAuEcPehYtY79p14WoBewBAesA/7vyjtViXPuwKY01/4uEQTY0ww7Ed4FrXPZrNf6NKcVTOC1yLTHwC7db/xIwzf96ZPIchEuofGKR75/bc3RyUw2Gg7Dk16fppDrMSmP2eQRr2iU8fBgVeS3hmAntwx8vDyiytkih4TUmI8Z10zJ+Tl2zoopK9O1SlJ2bN64HZdNtSyUOYh7T94+T29otig3xLMLtICncCQX1pgqwQPUZfKAc4iN+B3jVeCRLC9mhH17YrK/hg2y8Umvyu36V8m01kpFojBZndnLs3ABzx3T5dKBSvRn5Euh3iyP1w/L5u5YIEA0jrbUK5k7zrEskZoTtFzPHi7ol0Xqgq+abEIk+vKn6+nhf77opYecOpdphg3iKKgih86yDOoiPgQTX2WW9/6w2bLn8EHhXblGkuc6nrTbvZzGP8gXu6G0DgxP3oo+6BuyCSqt3s4CknkdNl1FfQqKj43uO17TPv/1Fey/g1GwkDdzwPDGI6HhDo3NLnfdlLfheq5w5lNAxgQr0NxQ54paBL4AL/7vREP9rsLYAQM+Mwyu2+brEs9y2Z4EVWKRGK+ZK6XSvUWU6eIoJumAfI4VuDDjJPg5//PikGM1lUUAcaSr05Ybcm20E/RoLkmDbnfhhs8NEWIQsQo/SOzqhkeCUTlWZ3uqXaI86TY7CJ+iDYjeXY2tnqKO3D26Hp1NZ2BGBVaMHW30eIWDXvcAcDiSLdN5kjwYSbihTJcs1QqutA/9z7pnKvTb+isDup39yNd15PXemB4u+TxqEcudyWCNT3p1nmMHQT86xrxwoUt4ylqYzKd4huZXFcZP6P9TUwc1K4Lcz+JgB9D1QALBcc+DSEy6TdW+HTExUtUxzscSY0lnANWijwzM0jGwDLAJjbOEGYI78qfG03jyJsZy1WjG2LM8j1Y8WsFPL3GphrZj9wjPAI7Ei1+ZmLildasC0y/N6HyOzWuQs0FEXg58S6LFXWoQZhiekdOsrFjCSLuqBLItPwBCnJLaNKZQa8boglMAT/DmENjbani63Wa9GRjOwamDJsK+YGUa2CHQDkIJmANGoS6YOBI/HSaupSTVCzlGGVfmeUiq8ORipjW8VEBii0nAc0R61rGd8xUcifGZDfAS06xCpS5r42FoFU281PrfANOMqg8nf6RRf5Ug6QEDnSjDugNwLoCILq1+iBgZaQs99xf02hp6GplokMU2ojUt1gUkeoyC11YUPRyfwJT8fvX1I2z/51rnP6zZ3Uza3P6I970O8/U3rRPouwT/RRlqyGluz9QAiyjU3Z7NFgdHCZ8=
X-IPAS-Result: A2E+EwDeVLdf/zGZrQpfAxwBAQE8AQEEBAEBAgEBBwEBFYFRgTwCgV6BNgqEM5EDJoN8lkmBLBYmCwEBAQEBAQEBAQgBIwwEAQECgVOCdQIXghQmOBMCAwEBCwEBAQUBAQEBAQYDAQEBAoZODII3Ins9DT0BAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEFAggHIyoHIyQBHgEBBQ4VETEJAhUGAQgRBAEBAwISARMCBDAVCAoEARKDJgGDFawTPHaBMopSgQ4oAgEBhVdOQoZygUI+gREnDBCCTz6CXQSBHgoBEgEJJAsKJgECgk0zgiwEk2mkTwMHgm2JEotnhiUfhESdOZNWiQoSgWWRJIQ2AgQCBAUCFYFrgQtwcBU7KgGCPglHFwINkhCFFIVEdAIMJgMCBgEJAQEDCYwED4EkgREBAQ
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2; Fri, 20 Nov 2020 00:36:02 -0500
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%4]) with mapi id 15.01.2106.002; Fri, 20 Nov 2020 00:36:02 -0500
From: "Gould, James" <jgould@verisign.com>
To: "shollenbeck=40verisign.com@dmarc.ietf.org" <shollenbeck=40verisign.com@dmarc.ietf.org>, "tasic@academ.kiev.ua" <tasic@academ.kiev.ua>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: Re: [regext] EAI in EPP from a registrar point of view
Thread-Index: AQHWvv8IKHsckHECzE6c8I6nwerlTg==
Date: Fri, 20 Nov 2020 05:36:02 +0000
Message-ID: <C44BB599-5A6B-4FE4-9600-21C8BECDC79A@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.41.20091302
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <08CEF537C0F6D045994C00E5E576847B@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/cM3hZ_Xqu_rJuTQtk16cErjl2Xc>
Subject: Re: [regext] EAI in EPP from a registrar point of view
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Nov 2020 05:36:08 -0000

I agree with Scott's responses, but I need to add some to it, which I embed below.  

-- 
 
JG



James Gould
Fellow Engineer
jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com>

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com <http://verisigninc.com/>

On 11/20/20, 12:04 AM, "regext on behalf of Hollenbeck, Scott" <regext-bounces@ietf.org on behalf of shollenbeck=40verisign.com@dmarc.ietf.org> wrote:


    > -----Original Message-----
    > From: regext <regext-bounces@ietf.org> On Behalf Of Taras Heichenko
    > Sent: Thursday, November 19, 2020 1:47 PM
    > To: regext@ietf.org
    > Subject: [EXTERNAL] Re: [regext] EAI in EPP from a registrar point of view
    >
    > Caution: This email originated from outside the organization. Do not click links
    > or open attachments unless you recognize the sender and know the content
    > is safe.
    >
    > Hello!
    >
    > For a long enough period, I worked as a CTO in one of the ccTLD registries. I'd
    > like to say my position about the proposed variants. Briefly:
    > (1) write new RFC and make RFC5733 obsoleted
    > (2) write RFC that defines an extension for non-ASCII email addresses
    >
    > Let's compare the pros and contras of both
    > (1)
    > + allows implementation by minimum changes in the software. It is enough
    > to change the rule which checks email addresses.

    I disagree with this completely. A new version of 5733 means a new XML namespace, which means that every single implementation of 5733 is affected.

JG - The issue with EAI is not isolated to 5733, where 8543 and other registered EPP extensions registered in https://www.iana.org/assignments/epp-extensions/epp-extensions.xhtml that use email addresses need to be addressed.  Obsoleting 5733 at a minimum would require a new XML namespace in a similar manner that was done when obsoleting 4310 with 5910, which is highly impactful.  An EPP extension has the capability to getting applied to any EPP object, so all of the applicable EPP extensions can be addressed and support is optional that minimizes the impact.    

    > + the XML structure does not depend on the support or no support non-
    > ASCII email addresses by the registry. There is no need to add code that
    > implements extension and parse this extension from the other side.
    > + new RFC could be written the way that uses the MUST word for ASCII email
    > addresses in the <email> field and MAY word for non-ASCII addresses in the
    > same field. So the usage of non-ASCII addresses would not be mandatory for
    > all registries.
    > - there is a need to go through the new RFC acceptance and making RFC5733
    > obsolete (there is more work than just accept the new RFC with extension,
    > AFAIU).
    >
    > (2)
    > + wittingly it is not mandatory by design causes less bureaucratic work
    > + with RFC documents (there is no need to obsolete any RFC, just accept
    > + new one with the extension)
    > - causes much more software modification. Even if a registrar does not work
    > with this extension it must make modifications to its code to parse responses
    > to <check> or <info> commands with the possible extension. In case (1)
    > there would be just symbols in the wrong encoding (if even).

    A registrar/client that does not negotiate use of the extension should not receive internationalized email addresses in any response. If that happens, the server is doing something wrong.

JG - I believe handling the EAI element either in the object mapping or in the extension when support is not negotiated would need to be determined.  Does the element not get returned?  Does the element get returned with a specific placeholder value?  Is the unhandled namespaces practice used to provide a signal to the client that data exists?  The preferred extension option impacts the best method for handling this case.

    > - can cause (and if it can then it would) muddle with the usage of email
    > addresses. In this case, we have a potential field for the second email
    > address in the Contact object. I can define an address in the main <email>
    > field or in the extension. What would be if I define the ASCII address by the
    > first call to the registry and define the non-ASCII address by the second call to
    > the same registry? If the second call rewrites the main address it is strange
    > that the extension rewrites the main field. If the extension does not rewrite
    > the main field it can cause the DB structure modification to allow ASCII and
    > non-ASCII addresses simultaneously. And it brings us to multiply email
    > addresses in the Contact object.
    >
    > I think that (1) has a more positive balance than (2). I disagree with the
    > proposed document and the design suggested by it. I think that non-ASCII
    > email addresses should use the same <email> field as ASCII addresses and
    > whether registry allows or denies such addresses must be defined in the
    > registry documentation.

    "non-ASCII email addresses should use the same <email> field as ASCII addresses" sounds reasonable to me, assuming that this is negotiated at login time. I believe this is the approach taken by SMTP when use of the OPTIONAL EAI extension is negotiated.

JG - This comes down to the EPP extensions options (1 - Placeholder Text and a New Email Element, 2 - Implicit Replacement Based on Login Services, 3 - Replacement Marker Element).  Both option 2 & 3 leverage the same <email> field in the EPP object mapping.  I prefer the explicit method of option 3 over the implicit method of option 2 to support the signaling at the object-level.  Option 1 supports signaling at the element-level, since it enables defining which of the <email> fields is replaced.  I'm aware of one EPP extension that has more than one email element, but it's somewhat obvious which one does apply.  Option 2 supports signaling at the object-level, where the client and server can indicate EAI support at the object-level, which also supports differentiating support at the TLD-level and at the EPP object mapping level.  Option 3 supports signaling at the session-level, which implicitly indicates support for all EPP object mappings and TLDs supported by the client and server.   Option 3 - Replacement Marker Element may be the happy medium for signaling that enables reuse of the existing <email> field.  

    Scott
    _______________________________________________
    regext mailing list
    regext@ietf.org
    https://secure-web.cisco.com/1aXHMjQTsb6-KAe0cyuuoXs9ho87CZQ0XuOHsHhNudZH46iSG3qVnKBb2c-zW3aD5XebvHVUHzj2fjOw4Aj3vXLvPiwl_VZ4GwdCFq5g1jMAY4rtLL_oMRjs9iJl87R0S0_pFJKqKJCEpb409722KiUJ0XeAQYzojB1DOJl2TNOp13m9vVIA8_ihRyLbHAV9qUPvb7SM5VGKfOUSc2UnY2vtpWpY4aOoRWkG6sFkBCuH-En-_Ams19vblgIh3nF_7eDHl_022ixdzonxS5YSqQ0oOpuKQYO3yWxuu0hLZZjw/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext

v2.23.0 | Report a Bug | By Email