Minutes of the WEIRDS WG IETF 86, Orlando, FL, USA SESSION #1: 2013-03-12 10:30 The chairs noted that there was an extra session for the working group (WG) added during the week. Andy Newton offered a report about the demo that was happened earlier in the day. It included both server and test suite demonstrations. The chairs reported that they would plan to do interop work at Berlin or Vancouver, but it would be more structured. Jean-Philippe Dionne offered a description of the test suite, and experience with it. This inspired discussions about some proposed changes. Simon Perreault made some remarks about the JCARD WG. Pete Resnick as AD made clear that JCARD was chartered to work in three months. The chairs asked about the contract between WEIRDS and JCARD, but the AD said that JCARD is critical for other WGs too. The chairs observed that their reading of consensus is that the WG would wait for the youtput of JCARD. Andy Newton offered a presentation about internationalization and WEIRDS. It raised an issue about U-labels and A-labels that needed additional discussion on the mailing list. Scott Hollenbeck made some remarks about search. This yielded some discussion about what sort of searching is needed. John Levine and Steve Sheng said they would make a list of existing searchable fields. The chairs adjourned the meeting. SESSION #2: 2013-03-14 17:30 Ning Kong, security issues: slides at http://tools.ietf.org/agenda/86/slides/slides-86-weirds-2.pdf Federated authentication: not a requirement in the protocol, but likely to be of interest to implementations such as ICANN's new TLDs Server authentication: authenticate servers, the data the return, both, something else? Noted that it is essentially the same as the bootstrap problem, which we agreed to defer a several meetings ago due to disagreements about practicalities of proposed implementations. Authentication approach: use existing http methods, add a new web form approach? Data Integrity for redirects: do we need anything beyond TLS? Data abuse on searchable RDAP: policy issue. Do we want to provide advice on sanitizing data to prevent HTML injection attacks? Steve Sheng, ICANN IDN work: slides at http://www.ietf.org/mail-archive/web/weirds/current/pdfwJMDQkkTkn.pdf attached to http://www.ietf.org/mail-archive/web/weirds/current/msg02230.html The co-chairs observed that the current WEIRDS drafts meet all of the ICANN requirements. Steve concurred. John Levine, searches: start with existing searches, which are just prefix matches of specified fields. For anything else, propose use cases and describe the implementation plan. The co-chairs believe this is a discussion to be repeated and continued on the mailing list. Olaf (co-chair) informed the group that he will give a WEIRDS WG update during the forthcoming ICANN and RIPE meeting.