Re: [saag] My IESG Eval for draft-pechanec-pkcs11uri-19 (Was: PKCS#11 URI slot attributes & last call)

[John C Klensin <john-ietf@jck.com>]

+1
Given what I believe has been referred to recently as "the
kerfluffle", it is not clear whether the advice about
normalization in 3986 is really adequate either, but it appears
to me that is close enough for this document and, as you
suggest, clearly better than making a new reference to 3987.

    john


--On Wednesday, February 04, 2015 09:50 -0600 Pete Resnick
<presnick@qti.qualcomm.com> wrote:

> Normally I would just put this in my ballot, but since a
> change was made due to a Last Call comment that was discussed
> here (a discussion I missed at the time) I want to comment on
> this here to make sure there is consensus for either the
> change you made, or for what I will propose:
> 
> On 12/19/14 6:06 PM, Nico Williams wrote:
>> One thing I just noticed is that you allow Unicode.  You
>> might want to reference RFC3987 (IRIs), for, e.g., advice as
>> to normalization.
>>    
> 
> This seems like an exceedingly bad idea to me, for a number of
> reasons:
> 
> 1. The use of IRIs as protocol elements is recipe for
> disaster. I think we came to the conclusion long ago that if
> you are using something as a protocol element, it had better
> be a URI, and you had better percent-encode anything that was
> non-US-ASCII.
> 
> 2. Normalization is discussed quite reasonably in 3986; 3987
> is unlikely to add anything useful.
> 
> 3. The 3987 is currently in a state of limbo. We're waiting to
> see what W3C ends up recommending for HTML5, and the IETF is
> likely to end up referencing that in the long run and not 3987.
> 
> Unless folks want to express a strong reason for this
> particular document to reference 3987, I really think you
> should remove any reference to it.
> 
> pr