Re: [regext] [Last-Call] Artart last call review of draft-ietf-regext-epp-eai-12

Dmitry Belyavsky <beldmit@gmail.com> Wed, 15 June 2022 19:51 UTC

Return-Path: <beldmit@gmail.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A999C14F72C; Wed, 15 Jun 2022 12:51:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vEW_NTXZve7M; Wed, 15 Jun 2022 12:51:10 -0700 (PDT)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95635C15AAD0; Wed, 15 Jun 2022 12:51:10 -0700 (PDT)
Received: by mail-lj1-x236.google.com with SMTP id l20so7698285lji.0; Wed, 15 Jun 2022 12:51:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SLiWSzvb9vtJkHc01P/Ja2tOI55941/Muvwk2Ygutbk=; b=aWobHu5S5hYfP8Nq3+aWSm7uLgUgRBILvGDqa36TuyfThKymMixXqOYAN9ZwATBDJn dSZ14Jtozc62XbxapkWUZyM9HhXv+R4Oz4y/cCzXTGLY/DlPwfKVjEKXoR9dPqtIgOS5 ET656RDqbA7w8bnwtPczp2qjDi9H+GKuHRcQXSsLpcJBwaRFM85erdl0PH0OL8WAe2BQ Dcsn4f933EbcNSr3p6m1lknU/OYp49MyoTnUBdwuKrIfSUUDwT1n3FmxwabKbx34mKkk C7980IGDFFSaswYY9We4h7XGwHrNM7Fw+lqph3Z/YHkWjT/vEY4NJMYXhLFIRYJKsiXf OdXw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SLiWSzvb9vtJkHc01P/Ja2tOI55941/Muvwk2Ygutbk=; b=M+4j+F33ynf0s1osrHK1gUmsD0PhMjm6fRiCIKK/e0MvO7ccK27f7HV/jsCV00U99r SDRYVVmNOZl9uJb0yUtSQcI9twPAd7iunyIUQ3HyGKjask5GSRgNRFyeOoApcEZ+ZOQV mUyCZmKxRLvzb/Y8BQVfJ52yReJc8rM85sWhSXqPVMlnnObcALLsqWuLGY9RdzAEh7u8 YgAjCZacgFzQEDRuPfNy6KBtihm5j1wv7haBQ6BIhloUK4kJfkU7p0VigOLYv3M8fCkk OQGOhvycbU5YqX7Q/s8GbR+8s6W5iI/HFsIf0yC5ysBr+8H6ojGoms3y+6GsV3M+WVEd dPDQ==
X-Gm-Message-State: AJIora8Mgc/KXsTdp+3/0E8uDcqZZZlf1WH/p24xALI7vwzup56aw8Au rLvEd7QGx/HlbUzvjnqHucmcKj4Y7JrcOS5o7Ko=
X-Google-Smtp-Source: AGRyM1udu0mjXbC3I/xS9+kRSE0PQ/E+35AkZlV8p6PfONiJOmXLTdBQ0I+DaxydhdkC8HZtruQcVm6QmO2a9J8rsg0=
X-Received: by 2002:a05:651c:150b:b0:255:bd59:248e with SMTP id e11-20020a05651c150b00b00255bd59248emr679626ljf.259.1655322668216; Wed, 15 Jun 2022 12:51:08 -0700 (PDT)
MIME-Version: 1.0
References: <165480673502.56173.16072247886040677393@ietfa.amsl.com> <CADqLbzKK7rzhu1TdjYY2hXBDfihDQJ_AbPdd2VqJJAZTgPF3Qw@mail.gmail.com> <5B560AC24C1E05D00EEC34B4@PSB>
In-Reply-To: <5B560AC24C1E05D00EEC34B4@PSB>
From: Dmitry Belyavsky <beldmit@gmail.com>
Date: Wed, 15 Jun 2022 21:50:55 +0200
Message-ID: <CADqLbz+oG9b+fFusJfUcGct=O8Vsniwm+DCHMse3pkZbC64xpA@mail.gmail.com>
To: John C Klensin <john-ietf@jck.com>
Cc: Takahiro Nemoto <nemo@go.tuat.ac.jp>, art@ietf.org, draft-ietf-regext-epp-eai.all@ietf.org, last-call@ietf.org, regext <regext@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a0b3bb05e181d78d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/hdOm4sz6YMIUUpumnY1xjYL89jI>
Subject: Re: [regext] [Last-Call] Artart last call review of draft-ietf-regext-epp-eai-12
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2022 19:51:14 -0000

Dear John,
Thank you for raising these questions!

On Sat, Jun 11, 2022 at 7:17 AM John C Klensin <john-ietf@jck.com> wrote:

> Dmitry,
>
> My recollection is that, in one way or another, every review has
> mentioned the issue of alternate ASCII addresses and SMTPUTF8
> ("EAI") addresses.  Some, including myself, have recommended
> that the specification make explicit provision for carrying both
> an SMTPUFTF8 (non-ASCII in the local-part) and all-ASCII
> address.  Others, including Takahiro's review below, have asked
> that you be explicit about where alternative ASCII addresses are
> to come from.
>
> That raises three questions:
>
> Part of the problem may be in our understanding of the role of
> Section 5.3.2: to be simplistic about this, if unextended EPP
> cites RFC 5322 and therefore requires all-ASCII addresses, then
> it would seem that either client or server does not accept
> ("negotiate") this extension then non-ASCII addresses MUST NOT
> be used and the (IMO, rather confusing) language of 5.3.2 does
> not belong in this spec unless there is WG and IETF consensus to
> change RFC 5730/STD69 to require that all EPP implementations
> recognize and support SMTPUTF8 addresses in some way.
>
> So my first question is "what am I, and apparently others,
> missing here?"
>

In the upcoming version of the draft I removed the passage about
alternative email address replacing it with
"The provided address can be an extra ASCII email address collected by
registrar or registrar-provided proxy email address."
I hope this redaction of the sentence is clearer than previous ones.


>
> Then, referring to the availability of non-ASCII addresses more
> generally, if I correctly understood him, James has said that
> registries that agree to accept non-ASCII addresses will not
> need alternative ASCII ones and that, while this might cause
> problems for parties other than the EPP client (typically
> associated with a registrar) and the EPP server (typically
> associated with a registry), that issue is out of scope for this
> spec (i.e., is an unspecified Someone Else's Problem).


I agree with James that it is out of scope of this document.
But, speaking about "something else problem", I can partially agree and
partially disagree.

For example, when ICANN ran its New gTLD program, there was a question of
data escrow.
The prescribed format of the data escrow (in fact, contact database) was
specified via an IETF draft.
So this document and others are to be updated (by IETF), but ICANN-provided
obligations related to restoring data, contingency plan etc are definitely
should be updated by ICANN.

Second question: Do you agree with the assertion that such
> issues should not be addressed in the spec?  If so, what is the
> "alternate ASCII address" text all about?  If not, I don't see
> how a revision to the I-D after Last Call has ended can be
> treated as an editorial issue rather than a substantive one
> requiring community review?  Both questions are independent of
> the more fundamental one of whether there is IETF consensus for
> approving a specification on standards track that is almost
> certain to cause problems elsewhere in the relevant systems.
>

We have an ecosystem grown around RFC-822-style email addresses.
We can't replace it even on the specification level in a moment, we have to
do it step by step.

IETF regularly approves new specifications causing interoperability issues
and, beyond the reasonable efforts to remove such incompatibilities when
possible, fallbacks to legacy look the only way to move forward.


>
> Third question: These appear to me to be substantive and
> significant issues (this review's characterization of it as a
> "minor issue" notwithstanding).  Have you and/or James discussed
> the issue with the WG.  If so, and which of these positions and
> possible alterations represent WG consensus rather than
> agreement (or not) between you and your co-author?  If they had
> not been discussed with the WG, why are you revising the
> document at this point rather than withdrawing it from the Last
> Call and review processes?
>

Sorry, but I don't see any changes to the documents other than
clarification/rewording without any significant alterations of the document.


> thanks,
>    john
>
>
> --On Friday, June 10, 2022 21:49 +0200 Dmitry Belyavsky
> <beldmit@gmail.com> wrote:
>
> > Dear Takahiro,
> >
> > Many thanks for your review!
> >
> > I will update the draft in the middle of the next week
> > according to your guidelines (with Marc's amendment)
> >
> > On Thu, Jun 9, 2022 at 10:32 PM Takahiro Nemoto via
> > Datatracker < noreply@ietf.org> wrote:
> >
> >> Reviewer: Takahiro Nemoto
> >> Review result: Ready with Issues
> >>
> >> I am the assigned ART-ART reviewer for this draft.
> >>
> >> Summary:
> >> I think this document is concise and generally good, but a
> >> few things are not
> >> explained well enough. Please consider revising the following
> >> points.
> >>
> >> Minor issues:
> >> - It is unclear how to provide "alternative ASCII addresses"
> >> in Section 5.3.2
> >> and how to distinguish between an EAI address and an
> >> alternative ASCII address,
> >> so it would be better to add an explanation.
> >>
> >> - It is unclear how to verify the code points of domain names
> >> in Section 8, so
> >> it would be better to add an explanation. RFC5892 describes
> >> how to determine
> >> the code points that can be used in IDNA2008 but does not
> >> describe how to validate domain name code points. So it would
> >> be easier to convey the intention
> >> to the reader to write "validate whether the domain name
> >> consists of the code
> >> points allowed by IDNA2008" rather than just writing
> >> "validate all code points
> >> in the domain name according to IDNA2008". Also, if the
> >> validation described in
> >> this section is intended to be compared to the code points
> >> listed in Appendix
> >> B.1. of RFC 5892, it would be better to refer to IDNA Rules
> >> and Derived Property Values
> >> <
> >> https://www.iana.org/assignments/idna-tables-12.0.0/idna-tabl
> >> es-12.0.0.xhtml
> >> >
> >> listing the latest IDNA Derived Property Values.
> >>
> >>
>
>
>

-- 
SY, Dmitry Belyavsky