I-D Action: draft-klensin-idna-rfc5891bis-00.txt
asmusf at ix.netcom.com
Sun Mar 12 09:47:35 CET 2017
On 3/12/2017 12:05 AM, Andrew Sullivan wrote:
> On Sat, Mar 11, 2017 at 10:14:58PM -0800, Asmus Freytag wrote:
>> There's an absolute limit on what you can achieve on the "per code point"
>> level. Because users interact with the system on the "per label" level.
> I'd say even worse: users interact with the system on the "domain
> name" level, or maybe on the level of thinking that anything with a
> dot in it is a domain name and that they follow natual language
> spelling rules.
Users may well expect that "example.net" and "example.com" can be freely
substituted, especially where "example" is a well-known name. But in
addition, unless the user agent tries to interfere, they are ready to
treat "http://some_garbage/example.com/more_garbage" the same as
So, yes, I agree that even label-centric policies are but one ring in
that system of defenses.
This just further underscores the point about the futility of trying for
absolute perfection on the issue of code point repertoire selection alone.
> I don't think most users have a theory of domain
> names as distinct from names in the DNS, and I think even less they
> have a theory of the various delegation points of the DNS. They
> _might_ have a theory (thanks to things user interfaces have been
> doing) that the stuff near the end of the domain name is somehow more
> important or the "real" domain or something.
>> The proper strategy seems to me consists of a set of nested defenses.
> On this I think we completely agree.
More information about the Idna-update