Context Rules - with apologies for the long email

Shawn Steele Shawn.Steele at microsoft.com
Fri Jul 17 02:37:15 CEST 2009


So are you suggesting that these “registration-only” context rules instead be recommendations instead of MUST?

Frankly, I can’t get excited about them either way (MUST or SHOULD).  Though they may make linguistic sense, and seem sensible, I’m not sure what value they provide.  I can see that they address perceived “bad” or unreasonable cases, and their restrictions may aid perceived security.  (Although you point out they can be ignored)

From the client point of view I don’t really think the context rules address security at all.  IE’s anti-phishing and malicious web site code really has pretty much nothing to do with IDN, and it’d probably catch abusive web sites anyway.  (IE does script-detection, but it’s looking at the Unicode string, not a specifically IDN string.  The other techniques are more general and protect against ASCII-only URLs as well)

Since the context rules are (currently) mostly registration only, they don’t make it harder for the code I have to support ☺  I assume they provide value for registrars though since the registrars are asking for them.  If nothing else, it’d be clear which registrars are “breaking the rules” ☺

I don’t really intend to spawn a rambling debate, just my opinion.  (More thoughts at http://blogs.msdn.com/shawnste/ ). I realize there are differing opinions, please don’t let this randomize the discussion.  If I’m crazy, please let me know privately, or in the blog comments, unless you think it directly impacts this discussion.

-Shawn

From: idna-update-bounces at alvestrand.no [mailto:idna-update-bounces at alvestrand.no] On Behalf Of Chris Wright
Sent: Thursday, July 16,  2009 17:08
To: Shawn Steele; Mark Davis ⌛
Cc: idna-update at alvestrand.no
Subject: RE: Context Rules - with apologies for the long email

Shawn,

I definitely agree with you, context rules should not be applied on lookup, I hope no one interpreted my post to think I was saying that. What I am saying is that I don’t think the rules should exist (as rules) at all, then if they must stay, a whole bunch of clarifying questions which hopefully someone can answer.

Of great importance is the script restriction in the joiner rule that IS applied on lookup.

c.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.alvestrand.no/pipermail/idna-update/attachments/20090717/a2c0243c/attachment.htm 


More information about the Idna-update mailing list