[secdir] Review of draft-faltstrom-5892bis-04.txt

Rob Austein <sra@hactrn.net> Fri, 03 June 2011 16:46 UTC

Return-Path: <sra@hactrn.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD41AE06D5; Fri, 3 Jun 2011 09:46:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.6
X-Spam-Level:
X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2DK5rh1eaG0H; Fri, 3 Jun 2011 09:46:46 -0700 (PDT)
Received: from cyteen.hactrn.net (cyteen.hactrn.net [IPv6:2002:425c:4242:0:210:5aff:fe86:1f54]) by ietfa.amsl.com (Postfix) with ESMTP id EFE79E0789; Fri, 3 Jun 2011 09:46:45 -0700 (PDT)
Received: from thrintun.hactrn.net (thrintun.hactrn.net [IPv6:2002:425c:4242:0:219:d1ff:fe12:5d30]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "thrintun.hactrn.net", Issuer "Grunchweather Associates" (verified OK)) by cyteen.hactrn.net (Postfix) with ESMTPS id BA7EF2845C; Fri, 3 Jun 2011 16:46:42 +0000 (UTC)
Received: from thrintun.hactrn.net (localhost [IPv6:::1]) by thrintun.hactrn.net (Postfix) with ESMTP id 447AD2282A; Fri, 3 Jun 2011 12:46:42 -0400 (EDT)
Date: Fri, 03 Jun 2011 12:46:42 -0400
From: Rob Austein <sra@hactrn.net>
To: iesg@ietf.org, secdir@ietf.org, draft-faltstrom-5892bis.all@tools.ietf.org
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset=US-ASCII
Message-Id: <20110603164642.447AD2282A@thrintun.hactrn.net>
Subject: [secdir] Review of draft-faltstrom-5892bis-04.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jun 2011 16:46:47 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This draft...is an affirmation that the IETF has reached (rough)
consensus that an existing RFC still applies without needing any
changes.  If this sounds mad, well, welcome to IDN.

Specifically, this draft notes that, as expected, the Unicode
Consortium has updated their "Unicode Standard" specification, as they
are wont to do, and that the IETF's current algorithm (RFC 5892) for
incorporating their specification into IDN by reference appears to be
working as expected, at least for now.

The draft calls out three user-visible changes that this update to the
referenced standard will have, other than allocation of formerly
unused code points: two Vedic Sanskrit characters (U+0CF1 KANNADA SIGN
JIHVAMULIYA and U+0CF2 KANNADA SIGN UPADHMANIYA) which formerly mapped
to the DISALLOWED class now map to the PVALID class, while one of the
many alternate forms of the digit one (U+19DA NEW TAI LUE THAM DIGIT
ONE) which formerly mapped to PVALID now maps to DISALLOWED.

Other than the risk of making readers' heads explode and causing
permanent brain trauma for anyone who attempts to understand this
topic, the only security issue I see here is correctly called out in
the Security Considerations section of the draft, which notes that, as
the code points in question are not likely to be used in
Internationalized Domain Names, the risk of unexpected results or
other confusion due to the change in the underlying spec is minor.

To the extent that anything involved in IDN is harmless, this draft
qualifies, so I have no security concerns about this draft as such.