[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] new I-D: Safely Encoding of likeness information into ACE label version 0.2

To: <idn@ops.ietf.org>, "Eric Brunner-Williams in Portland Maine" <brunner@nic-naa.net>
Subject: Re: [idn] new I-D: Safely Encoding of likeness information into ACE label version 0.2
From: "Soobok Lee" <lsb@postel.co.kr>
Date: Tue, 31 Jul 2001 13:10:07 +0900


----- Original Message -----
From: "Eric Brunner-Williams in Portland Maine" <brunner@nic-naa.net>
To: <idn@ops.ietf.org>
Sent: Tuesday, July 31, 2001 9:56 AM
Subject: Re: [idn] new I-D: Safely Encoding of likeness information into ACE
label version 0.2


 > In the requirements draft, section 3 (Security Considerations) there is the
> hopeful statement that "a solution" not be "less secure" than the current
> DNS. Skipping over the minor problem that this may be an underspecification,
> hostname-based authentication is historic (and inachievable, hence dnssec),
> and invocation of identd is ... unusual in the normal course of app/resolver
> /transport/nameserver/transport/app sequences.
>
DNSSEC is low-level protocol, hidden from human eyes.
HTTPS and SMIME depends on end users' spontaneous association of
verified signature with the displayed i18n-identifier which could contain
misleading <cyrillic a>ol.com.


> The existance of "misleading identifiers" formed with an extended repetoire
> (independent of whether elements of the extended repetoire are transported
> in encapsulated, or native forms) appears to require that two or more "near"
> (Hamming distence) identifiers exist.
>
> A protocol that is capable of signaling the existence of name proximality
> is something other than the DNS. That protocol, whatever it is, can have a
> "Security Considerations" section that treats the subject of minimal Hamming
> distance (or any other form of similarity metric), hence some property that
> relates to authentication et al, and "misleading identifiers", hence of
> "look-alike" characters.

Yes, some parents who give birth to premature babies, should have employ
machine incubators for protecting their babies from infections by bacteria.

Then, let's make a IDN incubator protocol... :-))

>
> So, after all this (which I'm sorry to say took me much longer to write than
> for many to read), I think "safely encoding" is not "safe", and we should
> not do "encoding".
>
> Eric
>
I don't care for that... The half-baked I-D only took a few hours
from conception to finalization....

Thanks for your criticisms.

Soobok Lee

Prev by Date: Re: [idn] Intro to my I-D
Next by Date: Re: [idn] How should labels be encoded?
Prev by thread: Re: [idn] new I-D: Safely Encoding of likeness information into ACE label version 0.2
Next by thread: Re: [idn] new I-D: Safely Encoding of likeness information into ACE label version 0.2
Index(es):
- Date
- Thread