[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] Document Status?



On Wed, Sep 04, 2002 at 10:09:40PM +0900, Soobok Lee wrote:
> 
> Moreover, IDN and ASCII domains names are used as not only mnemonic handles
> to numeric IP address for networking but also   identifiers  like email 
> addresses. For example, MS Passport membership databases use  email 
> addressess as primary key identifiers. We can find similar identifier use
> of domain names in server certificates and individual email certificates
> that form one component of critical PKI-based authentication framework for
> the internet.
> 
> 
> > > 
> > > Do we agree on that? 
> > 
> > Networking serves Applications, as SMTP serves to move RFC822-compliant
> > messages between two messaging Applicatons. IDN promises to improve the
> > presentation layers of most internet applications by facilitating 
> > localized access to domain names. So, IDN's inception itself was to be 
> > user-oriented/user-friendlier.  To connecting two host machines does not 
> > need i18n of domain names nor user-friendliness, Ascii one is enough. 
> > IDN goal is closer to Applications.
> > 
> > IDN's expanded character repertoires introduce various ambiguity/security
> > problems into DNS and then into all applications that accepts IDN strings.
> > IDN strings should be dealt with additional cares and cautions, 
> > but they are moved silently as encoded in trusted ASCII encoding so that
> > most applications cannot notice that happens. That's why i call that kind
> > of tunneling a troyan horse from the rigorous/conservative security viewpoints.

Above paragraph seems somewhat offending to the ACE principle. So, I am oblidged
to add the next well-known virtus of ACE to prevent anyone from misunderstanding 
ACE principle, as I am not such extremist opponent of ACE concept itself.

Even when some email server operators want to trust/support *any* IDN 
email addresses but does want to upgrade any server s/w, ASCII-tunneled ACE-encoded
email addresses would pass through the old 7bit server and successfully be delivered
to the recipients.  In this cae, ACE will the free gift (networking) to them.
This is the virtue of ACE principle and the BASE64 used MIME.

Soobok Lee

> > And that is the very point where MIME(base64) encoding of Subject: header
> > and the ACE-encoding of email addressess divorce far from each other.
> > 
> > Soobok Lee