Plan Re: [Fwd: Request for Advice on VGRS IDN Announcement]

[Leslie Daigle <leslie@thinkingcat.com>]

As stated in my original note below, although it is the IAB's
job to put together the reply to ICANN, this seems to be a topic
that would benefit from broader input than just the IAB.  I'd
suggested involving the IESG; there have been other suggestions
for wider input.

Here's a proposal (and I missed the IESG call this week, where
I understand some of this was discussed -- this proposal therefore
doesn't completely reflect that and can be updated as appropriate):

	. I'd suggest Rob and/or Ted be the IAB token holder
	  on this effot
	. Patrik clearly has put thinking into this and
	  has the largest chunk of written text -- if this
	  overall plan seems to fit, I'd suggest Patrik work
	  with Rob/Ted to create a general technical document
	  on the subject
	. that document should see wider than IAB/IESG review
	  (well, we've been doing that with most IAB docs of
	  late)

Also, in discussion with Ted earlier in the week, it seemed
useful to suggest that a small group of IETF technical folk
(not strictly IAB/IESG folk, necessarily) talk informally
with VeriSign technical folk, so that the IETF can make a
statement based on what is actually being done (instead of trying
to guess from web pages etc).  This would be a fact-finding
discussion -- I wouldn't expect it to change peoples' minds, but I
do think it reflects better on us (the IETF) to have a statement
that clearly is based on facts, not inferences.

Proposed list of participants in, for example, a phone call:
	. Rob Austein
	. Harald Alvestrand
	. Steve Bellovin
	. Randy Bush
	. Patrik Faltstrom
	. Ted Hardie
	. Lars-Johan Liman

Kinds of things that could be made clearer in such a call is the
difference of behaviours that Harald observed in his note.

Because this is not specifically my area of competence, and because
I'm currently employed by VeriSign, it's my intention to stay involved
to the extent of ensuring that the IAB makes as clear and as
honest an IETF technical statement as it usually does on any topic, but
I'm not delving into the technical debate itself.

Thoughts?

Leslie.

Leslie Daigle wrote:
> As expected, here is ICANN's request for input.  I suggest
> the IAB should work on putting together a reply and/or a
> statement, with the help of interested IESG folk.
>
> Leslie.
>
> -------- Original Message --------
> Subject: Request for Advice on VGRS IDN Announcement
> Date: Mon, 06 Jan 2003 11:37:59 -0800
> From: M. Stuart Lynn <lynn@icann.org>
> To: Leslie Daigle <leslie@thinkingcat.com>
> CC: Chuck Gomes <cgomes@verisign.com>, Brad Verd 
> <bverd@verisign.com>,      Masanobu Katoh <MKATOH@mkatoh.net>,      
> Steve Crocker <steve@stevecrocker.com>,      Vint Cerf 
> <vinton.g.cerf@wcom.com>, Louis Touton <touton@icann.org>,      Andrew 
> McLaughlin <McLaughlin@icann.org>
>
> Dear Leslie,
>
> Below is a note seeking IAB advice on a technical question pertinent to
> ICANN DNS coordination activities.  I would very much appreciate your 
> consulting
> with the IAB and letting me know any advice at your earliest
> convenience.
>
> Warm regards,
>
> Stuart
>
> ================================================================
> To the Internet Architecture Board:
>
> On Friday, VeriSign Global Registry Services announced a set of steps
> relating to the implementation of internationalized domain name
> capabilities, including changes in the behavior of the authoritative
> name servers for the com and net zones.  The announcement is at
> <http://www.merit.edu/mail.archives/nanog/msg06058.html>.  The
> announcement appears to anticipate the RFC Editor's publication of
> the remaining component documents that define IDNA (Internationalized
> Domain Names in Applications), the standards-track output of the
> IETF's IDN Working Group.
>
> In response to the VGRS announcement, some commentators have raised
> concerns that VGRS's plan for handling DNS requests containing
> non-ASCII octets would be contrary to DNS standards.  In particular,
> see the communication from Paul Hoffman of the Internet Mail Consortium,
> included with attachment below.
>
> In keeping with ICANN's commitment to seek authoritative technical
> guidance from the IETF about the relationship of actual or proposed DNS
> operations to the IETF's standards-track activities, we are requesting
> the advice of the IAB (together with the IESG or other IETF bodies, if
> appropriate) about the announced VGRS changes to the behavior of the
> .com and .net name servers.  Although ICANN's focus must be on
> violations of standards VGRS has agreed to follow, we would also welcome
> any IAB comment on effects the VGRS changes may have on architecture for
> the protocols and procedures used by the Internet.
>
> I am copying Brad Verd and Chuck Gomes of VGRS on this message, and also
> actively invite any input or response VGRS may wish to give.  We will 
> also be referring the issue raised in Paul Hoffman's e-mail to ICANN's 
> IDN Committee and Security and Stability Committee.
>
> Sincerely,
>
> Stuart Lynn
>
> cc:  Chuck Gomes, Vice President for Policy and Compliance, VGRS
>      Brad Verd, Resolution Systems Operations Manager, VGRS
>      Masanobu Katoh, Chair, ICANN IDN Committee
>      Steve Crocker, Chair, ICANN Security & Stability Committee
>
>
> -----Original Message-----
> From: Paul Hoffman / IMC [mailto:phoffman@imc.org]
> Sent: Sunday, January 05, 2003 7:18 PM
> To: mclaughlin@pobox.com
> Cc: Louis Touton; Patrik Faltstrom
> Subject: Serious technical problems with VGRS's announcement
>
>
> Greetings. This message follows up on the announcement from VeriSign
> GRS (the com/net registry) that they will start responding to DNS
> requests that contain non-ASCII octets and giving positive answers
> when they should be giving negative answers. VGRS's announcement is
> at <http://www.merit.edu/mail.archives/nanog/msg06058.html>.
>
> There are many technical problems with this change. It essentially
> undermines IDNA, which is now on standards track, by adding a level
> of guessing to the DNS that IDNA is explicitly designed to avoid.
> Further, it makes it appear that IDNs are only useful in domain names
> for web sites (and only for sites in .com and .net), and only at the
> second level. VGRS has said that their plug-in will not work with
> most of the ccTLDs, for example.
>
> For example, if you enter <a-ring>.com in Internet Explorer for
> Windows, where "<a-ring>" is the single hex octet 0xE5, you see the
> screen shown in the attached file called "e5.tif". (Sorry about the
> TIFF image, but it's the only reliable format for PC screen dumps.)
> As you can see, VGRS makes wild guesses about what the user wanted,
> some of which are very clearly impossible. Worse yet, they do not
> include all of the legal guesses that they could have made. And, just
> to make it completely confusing to the user, not all of the choices
> work.
>
> The DNS is not supposed to be a best-guess service, yet VGRS has
> turned .com and .net into this just before IDNA is to be an RFC. VGRS
> should not be allowed, through its monopoly on the .com and .net
> gTLDs, to destroy the coherence of the DNS for its own short-term
> profit. ICANN should demand that VGRS immediately stop giving
> incorrect answers to any query in .com and .net, and should instead
> follow the IETF standards. If VGRS refuses, ICANN should re-delegate
> the .com and .net zones to registries that are more willing to follow
> the DNS standards.
>
> Please let me know if you have any further questions.
>
> --Paul Hoffman, Director
> --Internet Mail Consortium