Re: [EAI] Thinking about requirements / downgrade

To: "Ernie Dainow" <edainow at ca.afilias.info>
Subject: Re: [EAI] Thinking about requirements / downgrade
From: "YAO Jiankang" <yaojk at cnnic.cn>
Date: Wed, 16 Sep 2009 12:16:04 +0800
Cc: Mark Davis ⌛ <mark at macchiato.com>, Shawn Steele <Shawn.Steele at microsoft.com>, ima at ietf.org
Delivered-to: ima at core3.amsl.com
List-archive: <http://www.ietf.org/mail-archive/web/ima>
List-help: <mailto:ima-request@ietf.org?subject=help>
List-id: "EAI \(Email Address Internationalization\)" <ima.ietf.org>
List-post: <mailto:ima@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ima>, <mailto:ima-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ima>, <mailto:ima-request@ietf.org?subject=unsubscribe>
References: <453073879.17525 at cnnic.cn>

> ----- Original Message ----- 
> From: Ernie Dainow 
> To: Harald Alvestrand 
> Cc: Mark Davis ⌛ ; Shawn Steele ; ima at ietf.org 
> Sent: Wednesday, September 16, 2009 6:22 AM
> Subject: Re: [EAI] Thinking about requirements / downgrade
> 
> 
> 
 
> I'm not sure it is necessary for a standard to guarantee this. I think it is just the responsibility of email administration to avoid name collisions. Currently, when a new email address is requested, the email administrator for the domain on which the name is requested (or email admin software) will not grant the email address if
> 1. the address (local name) is assigned to someone else on the domain.
> 2. the address is already in use as an alias on another email account on the domain.
> 
> Suppose EAI used automatic punycode email addresses, where punycode conversion is applied separately to each side of the @. Then email administrators on EAI systems just have the following additional verification to do on new email account requests:
> 3. generate the punycode of the new address (local name) and apply tests 1 and 2 above to make sure the punycode name is not in use on the domain.

pls see my last email to shawn.

> 
> Since only owners of a domain can create email addresses, name collisions cannot occur unless administrators fail to check for uniqueness before granting new email addresses. That requirement is no different from today.
> 
> Another concern about using ACE conversions in EAI was the issue of punycode addresses "leaking" into the user environment. Just to remind people how ugly this can be, here is a conversion of one of the EAI addresses used in one of the downgrade tests.
> <xn--qxa.xn--mxafqqky at xn----vlbebiih2aiue6addbz1awu3bzg.info>
> 
> 
> 

> I think receiving a lot of email with long unrecognizable ACE conversions might be incentive for people to upgrade to EAI.

it also might be incentive for people to refuse the use of  EAI.

> 
> 
> Email administrators can avoid local name collisions as outlined above. This assumption is also important to EAI to avoid collusions on the domain name.
> 

you can avoid the name collisions when creating the account, but you can not prohibit the possible name collisions when using it. many MUA and servers may mis-use it since many many MUA or servers might use the automatic one if there is a automatic algorithm.

for more, you can see my last email to shawn.

Yao Jiankang


> 
> 
> 
> _______________________________________________
> IMA mailing list
> IMA at ietf.org
> https://www.ietf.org/mailman/listinfo/ima

Follow-Ups:
- Re: [EAI] Thinking about requirements / downgrade
  - From: Ernie Dainow

Prev by Date: Re: [EAI] Thinking about requirements / downgrade
Next by Date: Re: [EAI] Thinking about requirements / downgrade
Previous by thread: [EAI] Algorithmic Downgrade
Next by thread: Re: [EAI] Thinking about requirements / downgrade
Index(es):
- Date
- Thread

Re: [EAI] Thinking about requirements / downgrade

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.