[secdir] [New-work] WG Review: Recharter of Internationalized Domain Names in Applications, Revised (idnabis)

IESG Secretary <iesg-secretary@ietf.org> Tue, 18 August 2009 17:30 UTC

Return-Path: <secdir-bounces@mit.edu>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 3DF3B28C342 for <secdir@core3.amsl.com>; Tue, 18 Aug 2009 10:30:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.313
X-Spam-Status: No, score=-106.313 tagged_above=-999 required=5 tests=[AWL=0.286, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id UvqNHnO+QN2X for <secdir@core3.amsl.com>; Tue, 18 Aug 2009 10:30:43 -0700 (PDT)
Received: from pch.mit.edu (PCH.MIT.EDU []) by core3.amsl.com (Postfix) with ESMTP id 3757028C18F for <secdir@ietf.org>; Tue, 18 Aug 2009 10:30:38 -0700 (PDT)
Received: from pch.mit.edu (pch.mit.edu []) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n7IHUUxj021367 for <secdir@ietf.org>; Tue, 18 Aug 2009 13:30:30 -0400
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU []) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n7IHUTLS021356 for <secdir@PCH.mit.edu>; Tue, 18 Aug 2009 13:30:29 -0400
Received: from mit.edu (W92-130-BARRACUDA-3.MIT.EDU []) by fort-point-station.mit.edu (8.13.6/8.9.2) with ESMTP id n7IHUDUP029665 for <secdir@mit.edu>; Tue, 18 Aug 2009 13:30:13 -0400 (EDT)
Received: from mail.ietf.org (localhost []) by mit.edu (Spam Firewall) with ESMTP id A5D8A1BC510F for <secdir@mit.edu>; Tue, 18 Aug 2009 13:30:12 -0400 (EDT)
Received: from mail.ietf.org (mail.ietf.org []) by mit.edu with ESMTP id VC19seHN8XqmhOyL for <secdir@mit.edu>; Tue, 18 Aug 2009 13:30:12 -0400 (EDT)
Received-SPF: pass (mit.edu: domain of new-work-bounces@ietf.org designates as permitted sender) receiver=mit.edu; client_ip=; envelope-from=new-work-bounces@ietf.org;
Received: from [] (localhost []) by core3.amsl.com (Postfix) with ESMTP id 8D76F28C332; Tue, 18 Aug 2009 10:30:05 -0700 (PDT)
X-Original-To: new-work@ietf.org
Delivered-To: new-work@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 0) id 1403E28C18F; Tue, 18 Aug 2009 10:30:01 -0700 (PDT)
From: IESG Secretary <iesg-secretary@ietf.org>
To: new-work@ietf.org
Mime-Version: 1.0
Message-Id: <20090818173002.1403E28C18F@core3.amsl.com>
Date: Tue, 18 Aug 2009 10:30:02 -0700
X-BeenThere: new-work@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
X-Scanned-By: MIMEDefang 2.42
X-BeenThere: secdir@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: secdir-bounces@mit.edu
Errors-To: secdir-bounces@mit.edu
X-Mailman-Approved-At: Tue, 18 Aug 2009 11:23:46 -0700
Subject: [secdir] [New-work] WG Review: Recharter of Internationalized Domain Names in Applications, Revised (idnabis)
X-BeenThere: secdir@ietf.org
Reply-To: iesg@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Aug 2009 17:30:45 -0000

A modified charter has been submitted for the Internationalized Domain
Names in Applications, Revised (idnabis) working group in the Applications
Area of the IETF.  The IESG has not made any determination as yet.  The
modified charter is provided below for informational purposes only. 
Please send your comments to the IESG mailing list (iesg@ietf.org) by
Tuesday, August 25, 2009.

Internationalized Domain Names in Applications, Revised (idnabis)
Last Modified: 2009-08-10

Additional information is available at tools.ietf.org/wg/idnabis

 - Vinton Cerf <vint@google.com>

Applications Area Director(s):
 - Lisa Dusseault <lisa.dusseault@gmail.com>
 - Alexey Melnikov <alexey.melnikov@isode.com>

Applications Area Advisor:
 - Lisa Dusseault <lisa.dusseault@gmail.com>

Mailing Lists:
General Discussion: idna-update@alvestrand.no
To Subscribe: http://www.alvestrand.no/mailman/listinfo/idna-update
Archive: http://www.alvestrand.no/pipermail/idna-update/

Description of Working Group:
The original Internationalized Domain Name (IDN) WG specified rules for
the use of characters other than Latin A(a)-Z(z), digits 0-9 and the
hyphen (-) in domain names in RFC3490, RFC3491 and RFC3492 in 2002
(published in 2003 and often referenced collectively as "IDNA2003").

These documents depend on RFC 3454 and were tied to Unicode version 
3.2. An update to the current version (5.x) is required to accommodate
additional scripts.  In addition, experience has shown that significant
improvements could be made in the protocol as presently specified.

This WG is chartered to decouple IDNA from specific versions of Unicode
using algorithms that define validity based on Unicode properties.  It
is recognized that some explicit exceptions may be necessary in any
case, but attempts will be made to minimize these exceptions.

Additional goals:

  - Separate requirements for valid IDNs at registration time (insertion
of names into DNS zone files), vs. at resolution time (looking up those 
  - Review, and if necessary revise, the algorithms and rules for
handling right to left character sequences in an IDN context to allow
labels based on additional scripts and languages and to make presentation
as predictable as reasonably possible.
  - Permit use of some scripts that were inadvertently excluded by the
original protocols.
  - Ensure practical stability of validity algorithms for IDNs.

The constraints of the original IDN WG still apply to IDNABIS, namely 
to avoid disturbing the current use and operation of the domain name
system, and for the DNS to continue to allow any system to resolve any
domain name in a consistent way. The client-based approach of the
original IDN work will be maintained -- substantially new protocols or
mechanisms are not in scope.  In particular, IDNs continue to use the
"xn--" prefix and the same ASCII-compatible encoding, and the
bidirectional algorithm follows the same basic design.

The specifications are initially organized as four documents: overview
and rationale, protocol, table algorithm, and improvements to the
bidirectional algorithm. These documents are to be used as the basis 
for the discussion of the general direction of the work.

This working group will be providing extended public review of the
output of a design team that has been working on improvement of the 
IDNA specifications.

This review-based approach is being used in part because of the way the
work was undertaken by the team; in particular, the design team has 
been working with IETF visibility and has solicited and received 
significant amounts of technical review already from IETF participants 
and from others including experts in the Unicode specifications and the 
use of scripts in languages.  If the public review provided by this 
Working Group confirms the basic method outlined in the input documents, 
it is expected that the working group will be able to respond with any 
needed changes and close in a short period of time.  If technical issues 
arise that indicate a fundamentally different approach must be taken 
from the one outlined above, it is anticipated that this working group 
would close, and a new one with an appropriate charter would be 

This work is intended to specify an improved means to produce and use
stable and unambiguous IDN identifiers.

There are a variety of generally unsolvable problems, notably the
problem of characters that are confusingly similar in appearance (often
known as the "phishing" problem) that are not specifically part of the
scope of the WG although some of the preliminary results of the design
team suggest that the improvements contemplated in the specifications
might mitigate some of the ways in which the current IDNA specifications
can be abused for phishing purposes.

While it is referenced from the original IDNA2003 package, the original
Stringprep specification, RFC 3454, is not formally part of the IDNA
package and will not be altered by this work.

The work will update or obsolete RFC 3490.  It is not expected to 
continue to use Nameprep (RFC 3491).  Nameprep is used by other 
specifications; determining how (or whether) to update those 
specifications and, consequently, the long-term status of Nameprep, 
are not part of this effort.  The method for ASCII-compatible ("ACE") 
encoding of IDNs, "Punycode" (RFC 3492) will not be revised by this WG.

Subject to the more general constraints described above, the WG is
permitted to consider changes that are not strictly backwards-
compatible.  For any such change that is recommended, it is expected to 
document the reasons for the change, the characters affected, and 
possible transition strategies.

The assumptions outlined above are considered critical to the WG
constituted by this charter.  The WG will stop work and recommend that 
a new charter be generated if it concludes that any of the following are
necessary to meet its goals:

  (i) A change to the "punycode" algorithm or to the ACE approach to
encoding names  in the DNS.
  (ii) A change to the ACE prefix from "xn--"
  (iii) A change to the basic approach taken in the design team
documents (Namely: independence from Unicode version and reduction of
dependency on character mapping )

Goals and Milestones:
Apr 2008     WG formation
May 2008     Decision on form and structure of the WG document set
Sep 2008     WG Last Call on WG document set
Nov 2008     IETF Last Call on WG document set
New-work mailing list
secdir mailing list