Security considerations breakdown (was: Re: Security considerations breakdown and names of the specs
Harald Tveit Alvestrand
harald at alvestrand.no
Wed Dec 10 16:30:36 CET 2008
John C Klensin skrev:
> --On Wednesday, 10 December, 2008 15:35 +0100 Harald Alvestrand
> <harald at alvestrand.no> wrote:
>
>
>>> Harald (not to pick on him) also wrote "Having re-read the
>>> security considerations on -bidi, I fail to see how it's
>>> possible to comprehend these few paragraphs without just
>>> ...
>>>
>> Despite not being picked on, I choose to pick back.
>>
>> Again, we are discussing this text:
>>
>> This modification will allow some strings to be used in
>> Stringprep
>> contexts that are not allowed today. It is possible that
>> differences
>> in the interpretation of the specification between old and
>> new
>> implementations could pose a security risk, but it is
>> ...
>> For some of the strings allowed (the ZWNJ in particular), it
>> is extremely easy to envision how the difference in
>> implementation could pose a security risk, so the statement is
>> false for the whole IDNABIS suite. It is, however, true for
>> -bidi.
>>
>> There are no other places in IDNABIS where the difference
>> between display order and network order matters, so the second
>> paragraph is meaningless in any other context than -bidi.
>>
>> I think we agree that the third paragraph is -bidi specific.
>>
>> I stand by my judgment: All three paragraphs are -bidi
>> specific, and are best kept in -bidi.
>>
>
> Having heard from Pasi (one of the security ADs) who expressed a
> slight preference for consolidation, but mostly wanted to be
> sure that the cross references are correct and normative, and
> finding the above persuasive, I propose the following:
>
> (1) We consolidate the security considerations material
> from Defs, Protocol, Tables, and Rationale into Defs,
> with copious cross-references, including a reference to
> Bidi and a brief comment about why its issues are
> separate. As noted earlier, that will require some
> textual tuning. I expect the WG, and especially those
> who seem to think that this issue is important, to
> carefully check that changed/tuned text as soon as it
> appears.
>
> (2) We leave the Bidi discussion where it is, both for
> the reasons Harald identified in his note and as a
> logical consequence of the reasons we decided to keep
> the Bidi document separate. We should, IMO, get the
> Stringprep reference out of that discussion, but that is
> almost a separate issue.
>
> And, FWIW, I again ask that people keep their eyes on the target
> of getting the substantive issues right and getting this work
> done, and done soon, rather than debating moving text around for
> aesthetic reasons that do not really affect the underlying
> specifications.
This works for me.
Harald
More information about the Idna-update
mailing list