idnits 2.17.1 draft-ietf-eai-frmwrk-4952bis-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == The 'Obsoletes: ' line in the draft header should list only the _numbers_ of the RFCs which will be obsoleted by this document (if approved); it should not include the word 'RFC' in the list. -- The draft header indicates that this document obsoletes RFC5504, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document obsoletes RFC5825, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document obsoletes RFC4952, but the abstract doesn't seem to directly say this. It does mention RFC4952 though, so this could be OK. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 12, 2010) is 5034 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 1652 (Obsoleted by RFC 6152) ** Obsolete normative reference: RFC 5336 (Obsoleted by RFC 6531) ** Obsolete normative reference: RFC 5337 (Obsoleted by RFC 6533) ** Obsolete normative reference: RFC 5721 (Obsoleted by RFC 6856) ** Obsolete normative reference: RFC 5738 (Obsoleted by RFC 6855) -- Obsolete informational reference (is this intentional?): RFC 2368 (Obsoleted by RFC 6068) -- Obsolete informational reference (is this intentional?): RFC 2821 (Obsoleted by RFC 5321) -- Obsolete informational reference (is this intentional?): RFC 3501 (Obsoleted by RFC 9051) -- Obsolete informational reference (is this intentional?): RFC 3851 (Obsoleted by RFC 5751) -- Obsolete informational reference (is this intentional?): RFC 4409 (Obsoleted by RFC 6409) -- Obsolete informational reference (is this intentional?): RFC 4952 (Obsoleted by RFC 6530) -- Obsolete informational reference (is this intentional?): RFC 5335 (Obsoleted by RFC 6532) -- Duplicate reference: RFC5336, mentioned in 'RFC5336', was also mentioned in 'RFC5336bis-SMTP'. -- Obsolete informational reference (is this intentional?): RFC 5336 (Obsoleted by RFC 6531) -- Duplicate reference: RFC5337, mentioned in 'RFC5337', was also mentioned in 'RFC5337bis-DSN'. -- Obsolete informational reference (is this intentional?): RFC 5337 (Obsoleted by RFC 6533) -- Obsolete informational reference (is this intentional?): RFC 5504 (Obsoleted by RFC 6530) -- Duplicate reference: RFC5721, mentioned in 'RFC5721', was also mentioned in 'RFC5721bis-POP3'. -- Obsolete informational reference (is this intentional?): RFC 5721 (Obsoleted by RFC 6856) -- Duplicate reference: RFC5738, mentioned in 'RFC5738', was also mentioned in 'RFC5738bis-IMAP'. -- Obsolete informational reference (is this intentional?): RFC 5738 (Obsoleted by RFC 6855) -- Obsolete informational reference (is this intentional?): RFC 5825 (Obsoleted by RFC 6530) Summary: 5 errors (**), 0 flaws (~~), 4 warnings (==), 21 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Email Address Internationalization J. Klensin 3 (EAI) 4 Internet-Draft Y. Ko 5 Obsoletes: RFCs 4952, 5504, 5825 ICU 6 (if approved) July 12, 2010 7 Intended status: Informational 8 Expires: January 13, 2011 10 Overview and Framework for Internationalized Email 11 draft-ietf-eai-frmwrk-4952bis-02 13 Abstract 15 Full use of electronic mail throughout the world requires that, 16 subject to other constraints, people be able to use close variations 17 on their own names, written correctly in their own languages and 18 scripts, as mailbox names in email addresses. This document 19 introduces a series of specifications that define mechanisms and 20 protocol extensions needed to fully support internationalized email 21 addresses. These changes include an SMTP extension and extension of 22 email header syntax to accommodate UTF-8 data. The document set also 23 includes discussion of key assumptions and issues in deploying fully 24 internationalized email. This document is an update of RFC 4952 that 25 reflects additional issues identified since that document was 26 published. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at http://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on January 13, 2011. 45 Copyright Notice 47 Copyright (c) 2010 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (http://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 This document may contain material from IETF Documents or IETF 61 Contributions published or made publicly available before November 62 10, 2008. The person(s) controlling the copyright in some of this 63 material may not have granted the IETF Trust the right to allow 64 modifications of such material outside the IETF Standards Process. 65 Without obtaining an adequate license from the person(s) controlling 66 the copyright in such materials, this document may not be modified 67 outside the IETF Standards Process, and derivative works of it may 68 not be created outside the IETF Standards Process, except to format 69 it for publication as an RFC or to translate it into languages other 70 than English. 72 Table of Contents 74 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 75 2. Role of This Specification . . . . . . . . . . . . . . . . . . 5 76 3. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 5 77 4. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 78 4.1. Mail User and Mail Transfer Agents . . . . . . . . . . . . 6 79 4.2. Address Character Sets . . . . . . . . . . . . . . . . . . 7 80 4.3. User Types . . . . . . . . . . . . . . . . . . . . . . . . 7 81 4.4. Messages . . . . . . . . . . . . . . . . . . . . . . . . . 8 82 4.5. Mailing Lists . . . . . . . . . . . . . . . . . . . . . . 8 83 4.6. Conventional Message and Internationalized Message . . . . 8 84 4.7. Undeliverable Messages and Notification . . . . . . . . . 8 85 5. Overview of the Approach and Document Plan . . . . . . . . . . 9 86 6. Overview of Protocol Extensions and Changes . . . . . . . . . 9 87 6.1. SMTP Extension for Internationalized Email Address . . . . 9 88 6.2. Transmission of Email Header Fields in UTF-8 Encoding . . 10 89 6.3. SMTP Service Extension for DSNs . . . . . . . . . . . . . 11 90 7. Downgrading before and after SMTP Transactions . . . . . . . . 11 91 7.1. Downgrading before or during Message Submission . . . . . 12 92 7.2. Downgrading or Other Processing After Final SMTP 93 Delivery . . . . . . . . . . . . . . . . . . . . . . . . . 13 94 8. Downgrading in Transit . . . . . . . . . . . . . . . . . . . . 13 95 9. User Interface and Configuration Issues . . . . . . . . . . . 14 96 9.1. Choices of Mailbox Names and Unicode Normalization . . . . 14 97 10. Additional Issues . . . . . . . . . . . . . . . . . . . . . . 15 98 10.1. Impact on URIs and IRIs . . . . . . . . . . . . . . . . . 16 99 10.2. Use of Email Addresses as Identifiers . . . . . . . . . . 16 100 10.3. Encoded Words, Signed Messages, and Downgrading . . . . . 16 101 10.4. LMTP . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 102 10.5. Other Uses of Local Parts . . . . . . . . . . . . . . . . 17 103 10.6. Non-Standard Encapsulation Formats . . . . . . . . . . . . 17 104 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 105 12. Security Considerations . . . . . . . . . . . . . . . . . . . 17 106 13. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 19 107 14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 19 108 14.1. Normative References . . . . . . . . . . . . . . . . . . . 19 109 14.2. Informative References . . . . . . . . . . . . . . . . . . 21 110 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 24 111 A.1. Changes between -00 and -01 . . . . . . . . . . . . . . . 24 112 A.2. Changes between -01 and -02 . . . . . . . . . . . . . . . 24 114 1. Introduction 116 [[anchor1: Note to EAI WG: All comments received on the mailing list 117 about this document have been incorporated into the -02 draft. As 118 indicated in earlier notes, most placeholders have been removed from 119 it to make the document a WG Last Call candidate. A note was posted 120 on 9 July listing outstanding topics needing discussion in -01 121 (http://www.ietf.org/mail-archive/web/ima/current/msg03259.html) to 122 which there was no response before -02 was submitted. It may be 123 useful to refer to that note and the change log below as part of 124 review of this draft.]] 126 In order to use internationalized email addresses, we need to 127 internationalize both the domain part and the local part of email 128 addresses. The domain part of email addresses is already 129 internationalized [RFC5890], while the local part is not. 130 [[anchor2: Note in Draft: RFC 5890, formerly draft-ietf-idnabis-defs, 131 and the closely-related RFC 5891 - 5894, have been in AUTH48 since 132 June 6. None of the the author, WG leadership, or ADs are holding it 133 up. Using the I-D references here is just extra work.]] 134 Without the extensions specified in this document, the mailbox name 135 is restricted to a subset of 7-bit ASCII [RFC5321]. Though MIME 136 [RFC2045] enables the transport of non-ASCII data, it does not 137 provide a mechanism for internationalized email addresses. In RFC 138 2047 [RFC2047], MIME defines an encoding mechanism for some specific 139 message header fields to accommodate non-ASCII data. However, it 140 does not permit the use of email addresses that include non-ASCII 141 characters. Without the extensions defined here, or some equivalent 142 set, the only way to incorporate non-ASCII characters in any part of 143 email addresses is to use RFC 2047 coding to embed them in what RFC 144 5322 [RFC5322] calls the "display name" (known as a "name phrase" or 145 by other terms elsewhere) of the relevant header fields. Information 146 coded into the display name is invisible in the message envelope and, 147 for many purposes, is not part of the address at all. 149 This document is an update of RFC 4952 [RFC4952] that reflects 150 additional issues, shared terminology, and some architectural changes 151 identified since that document was published. 153 The pronouns "he" and "she" are used interchangeably to indicate a 154 human of indeterminate gender. 156 The key words "MUST", "SHALL", "REQUIRED", "SHOULD", "RECOMMENDED", 157 and "MAY" in this document are to be interpreted as described in RFC 158 2119 [RFC2119]. 160 2. Role of This Specification 162 This document presents the overview and framework for an approach to 163 the next stage of email internationalization. This new stage 164 requires not only internationalization of addresses and header 165 fields, but also associated transport and delivery models. A prior 166 version of this specification, RFC 4952 [RFC4952], also provided an 167 introduction to a series of experimental protocols [RFC5335] 168 [RFC5336] [RFC5337] [RFC5504] [RFC5721] [RFC5738] [RFC5825]. This 169 revised form provides overview and conceptual information for the 170 standards-track successors of a subset of those protocols. Details 171 of the documents and the relationships among them appear in 172 Section 5. 174 Taken together, these specifications provide the details for a way to 175 implement and support internationalized email. The document itself 176 describes how the various elements of email internationalization fit 177 together and the relationships among the primary specifications 178 associated with message transport, header formats, and handling. 180 3. Problem Statement 182 Internationalizing Domain Names in Applications (IDNA) [RFC5890] 183 permits internationalized domain names, but deployment has not yet 184 reached most users. One of the reasons for this is that we do not 185 yet have fully internationalized naming schemes. Domain names are 186 just one of the various names and identifiers that are required to be 187 internationalized. In many contexts, until more of those identifiers 188 are internationalized, internationalized domain names alone have 189 little value. 191 Email addresses are prime examples of why it is not good enough to 192 just internationalize the domain name. As most observers have 193 learned from experience, users strongly prefer email addresses that 194 resemble names or initials to those involving seemingly meaningless 195 strings of letters or numbers. Unless the entire email address can 196 use familiar characters and formats, users will perceive email as 197 being culturally unfriendly. If the names and initials used in email 198 addresses can be expressed in the native languages and writing 199 systems of the users, the Internet will be perceived as more natural, 200 especially by those whose native language is not written in a subset 201 of a Roman-derived script. 203 Internationalization of email addresses is not merely a matter of 204 changing the SMTP envelope; or of modifying the From, To, and Cc 205 header fields; or of permitting upgraded Mail User Agents (MUAs) to 206 decode a special coding and respond by displaying local characters. 207 To be perceived as usable, the addresses must be internationalized 208 and handled consistently in all of the contexts in which they occur. 209 This requirement has far-reaching implications: collections of 210 patches and workarounds are not adequate. Even if they were 211 adequate, a workaround-based approach may result in an assortment of 212 implementations with different sets of patches and workarounds having 213 been applied with consequent user confusion about what is actually 214 usable and supported. Instead, we need to build a fully 215 internationalized email environment, focusing on permitting efficient 216 communication among those who share a language or other community. 217 That, in turn, implies changes to the mail header environment to 218 permit the full range of Unicode characters where that makes sense, 219 an SMTP Extension to permit UTF-8 [RFC3629] [RFC5198] mail addressing 220 and delivery of those extended header fields, support for 221 internationalized delivery and service notifications [RFC3461] 222 [RFC3464], and (finally) a requirement for support of the 8BITMIME 223 SMTP Extension [RFC1652] so that all of these can be transported 224 through the mail system without having to overcome the limitation 225 that header fields do not have content-transfer-encodings. 227 4. Terminology 229 This document assumes a reasonable understanding of the protocols and 230 terminology of the core email standards as documented in [RFC5321] 231 and [RFC5322]. 233 4.1. Mail User and Mail Transfer Agents 235 Much of the description in this document depends on the abstractions 236 of "Mail Transfer Agent" ("MTA") and "Mail User Agent" ("MUA"). 237 However, it is important to understand that those terms and the 238 underlying concepts postdate the design of the Internet's email 239 architecture and the application of the "protocols on the wire" 240 principle to it. That email architecture, as it has evolved, and 241 that "on the wire" principle have prevented any strong and 242 standardized distinctions about how MTAs and MUAs interact on a given 243 origin or destination host (or even whether they are separate). 245 However, the term "final delivery MTA" is used in this document in a 246 fashion equivalent to the term "delivery system" or "final delivery 247 system" of RFC 5321. This is the SMTP server that controls the 248 format of the local parts of addresses and is permitted to inspect 249 and interpret them. It receives messages from the network for 250 delivery to mailboxes or for other local processing, including any 251 forwarding or aliasing that changes envelope addresses, rather than 252 relaying. From the perspective of the network, any local delivery 253 arrangements such as saving to a message store, handoff to specific 254 message delivery programs or agents, and mechanisms for retrieving 255 messages are all "behind" the final delivery MTA and hence are not 256 part of the SMTP transport or delivery process. 258 4.2. Address Character Sets 260 In this document, an address is "all-ASCII", or just an "ASCII 261 address", if every character in the address is in the ASCII character 262 repertoire [ASCII]; an address is "non-ASCII", or an "i18n-address", 263 if any character is not in the ASCII character repertoire. Such 264 addresses may be restricted in other ways, but those restrictions are 265 not relevant to this definition. The term "all-ASCII" is also 266 applied to other protocol elements when the distinction is important, 267 with "non-ASCII" or "internationalized" as its opposite. 269 The umbrella term to describe the email address internationalization 270 specified by this document and its companion documents is 271 "UTF8SMTPbis". 272 [[anchor5: Note in Draft: Keyword to be changed before publication.]] 273 For example, an address permitted by this specification is referred 274 to as a "UTF8SMTPbis (compliant) address". 276 Please note that, according to the definitions given here, the set of 277 all "all-ASCII" addresses and the set of all "non-ASCII" addresses 278 are mutually exclusive. The set of all addresses permitted when 279 UTF8SMTPbis appears is the union of these two sets. 281 4.3. User Types 283 An "ASCII user" (i) exclusively uses email addresses that contain 284 ASCII characters only, and (ii) cannot generate recipient addresses 285 that contain non-ASCII characters. 287 An "i18mail user" has one or more non-ASCII email addresses. Such a 288 user may have ASCII addresses too; if the user has more than one 289 email account and a corresponding address, or more than one alias for 290 the same address, he or she has some method to choose which address 291 to use on outgoing email. Note that under this definition, it is not 292 possible to tell from an ASCII address if the owner of that address 293 is an i18mail user or not. (A non-ASCII address implies a belief 294 that the owner of that address is an i18mail user.) There is no such 295 thing as an "i18mail message"; the term applies only to users and 296 their agents and capabilities. In particular, the use of non-ASCII 297 message content is an integral part of the MIME specifications 298 [RFC2045] and does not require these extensions (although it is 299 compatible with them). 301 4.4. Messages 303 A "message" is sent from one user (sender) using a particular email 304 address to one or more other recipient email addresses (often 305 referred to just as "users" or "recipient users"). 307 4.5. Mailing Lists 309 A "mailing list" is a mechanism whereby a message may be distributed 310 to multiple recipients by sending it to one recipient address. An 311 agent (typically not a human being) at that single address then 312 causes the message to be redistributed to the target recipients. 313 This agent sets the envelope return address of the redistributed 314 message to a different address from that of the original single 315 recipient message. Using a different envelope return address 316 (reverse-path) causes error (and other automatically generated) 317 messages to go to an error handling address. 319 Special provisions for managing mailing lists that might contain non- 320 ASCII addresses are discussed in a document that is specific to that 321 topic [EAI-Mailinglist] [RFCNNNNbis-MailingList]. 323 4.6. Conventional Message and Internationalized Message 325 o A conventional message is one that does not use any extension 326 defined in the SMTP extension document [RFC5336] or in the 327 UTF8header specification [RFC5335], and is strictly conformant to 328 RFC 5322 [RFC5322]. 330 o An internationalized message is a message utilizing one or more of 331 the extensions defined in this set of specifications, so that it 332 is no longer conformant to the traditional specification of an 333 email message or its transport. 335 4.7. Undeliverable Messages and Notification 337 As specified in RFC 5321, a message that is undeliverable for some 338 reason is expected to result in notification to the sender. This can 339 occur in either of two ways. One, typically called "Rejection", 340 occurs when an SMTP server returns a reply code indicating a fatal 341 error (a "5yz" code) or persistently returns a temporary failure 342 error (a "4yz" code). The other involves accepting the message 343 during SMTP processing and then generating a message to the sender, 344 typically known as a "Non-delivery Notification" or "NDN". Current 345 practice often favors rejection over NDNs because of the reduced 346 likelihood that the generation of NDNs will be used as a spamming 347 technique. The latter, NDN, case is unavoidable if an intermediate 348 MTA accepts a message that is then rejected by the next-hop server. 350 5. Overview of the Approach and Document Plan 352 This set of specifications changes both SMTP and the character 353 encoding of email message headers to permit non-ASCII characters to 354 be represented directly. Each important component of the work is 355 described in a separate document. The document set, whose members 356 are described below, also contains informational documents whose 357 purpose is to provide implementation suggestions and guidance for the 358 protocols. 360 In addition to this document, the following documents make up this 361 specification and provide advice and context for it. 363 o SMTP extensions. This document [RFC5336bis-SMTP] provides an SMTP 364 extension (as provided for in RFC 5321) for internationalized 365 addresses. 367 o Email message headers in UTF-8. This document [RFC5335bis-Hdrs] 368 essentially updates RFC 5322 to permit some information in email 369 message headers to be expressed directly by Unicode characters 370 encoded in UTF-8 when the SMTP extension described above is used. 371 This document, possibly with one or more supplemental ones, will 372 also need to address the interactions with MIME, including 373 relationships between UTF8SMTPbis and internal MIME headers and 374 content types. 376 o Extensions to delivery status and notification handling to adapt 377 to internationalized addresses [RFC5337bis-DSN]. 379 o Extensions to the IMAP protocol to support internationalized 380 message headers [RFC5738bis-IMAP]. 382 o Parallel extensions to the POP protocol [RFC5721] 383 [RFC5721bis-POP3]. 385 6. Overview of Protocol Extensions and Changes 387 6.1. SMTP Extension for Internationalized Email Address 389 An SMTP extension, "UTF8SMTPbis" is specified as follows: 391 o Permits the use of UTF-8 strings in email addresses, both local 392 parts and domain names. 394 o Permits the selective use of UTF-8 strings in email message 395 headers (see Section 6.2). 397 o Requires that the server advertise the 8BITMIME extension 398 [RFC1652] and that the client support 8-bit transmission so that 399 header information can be transmitted without using a special 400 content-transfer-encoding. 402 Some general principles affect the development decisions underlying 403 this work. 405 1. Email addresses enter subsystems (such as a user interface) that 406 may perform charset conversions or other encoding changes. When 407 the left hand side of the address includes characters outside the 408 US-ASCII character repertoire, use of ASCII-compatible (ACE) 409 encoding [RFC3492] [RFC5890] on the right hand side is 410 discouraged to promote consistent processing of characters 411 throughout the address. 413 2. An SMTP relay must 415 * Either recognize the format explicitly, agreeing to do so via 416 an ESMTP option, or 418 * Reject the message or, if necessary, return a non-delivery 419 notification message, so that the sender can make another 420 plan. 422 3. If the message cannot be forwarded because the next-hop system 423 cannot accept the extension it MUST be rejected or a non-delivery 424 message generated and sent. 426 4. In the interest of interoperability, charsets other than UTF-8 427 are prohibited in mail addresses and message headers being 428 transmitted over the Internet. There is no practical way to 429 identify multiple charsets properly with an extension similar to 430 this without introducing great complexity. 432 Conformance to the group of standards specified here for email 433 transport and delivery requires implementation of the SMTP Extension 434 specification and the UTF-8 Header specification. If the system 435 implements IMAP or POP, it MUST conform to the i18n IMAP or POP 436 specifications respectively. 438 6.2. Transmission of Email Header Fields in UTF-8 Encoding 440 There are many places in MUAs or in a user presentation in which 441 email addresses or domain names appear. Examples include the 442 conventional From, To, or Cc header fields; Message-ID and 443 In-Reply-To header fields that normally contain domain names (but 444 that may be a special case); and in message bodies. Each of these 445 must be examined from an internationalization perspective. The user 446 will expect to see mailbox and domain names in local characters, and 447 to see them consistently. If non-obvious encodings, such as 448 protocol-specific ASCII-Compatible Encoding (ACE) variants, are used, 449 the user will inevitably, if only occasionally, see them rather than 450 "native" characters and will find that discomfiting or astonishing. 451 Similarly, if different codings are used for mail transport and 452 message bodies, the user is particularly likely to be surprised, if 453 only as a consequence of the long-established "things leak" 454 principle. The only practical way to avoid these sources of 455 discomfort, in both the medium and the longer term, is to have the 456 encodings used in transport be as similar to the encodings used in 457 message headers and message bodies as possible. 459 When email local parts are internationalized, it seems clear that 460 they should be accompanied by arrangements for the message headers to 461 be in the fully internationalized form. That form should presumably 462 use UTF-8 rather than ASCII as the base character set for the 463 contents of header fields (protocol elements such as the header field 464 names themselves are unchanged and remain entirely in ASCII). For 465 transition purposes and compatibility with legacy systems, this can 466 done by extending the traditional MIME encoding models for non-ASCII 467 characters in headers [RFC2045] [RFC2231]. However, the target is 468 fully internationalized message headers, as discussed in 469 [RFC5335bis-Hdrs] and not an extended and painful transition. 471 6.3. SMTP Service Extension for DSNs 473 The existing Draft Standard Delivery status notifications (DSNs) 474 specification [RFC3461] is limited to ASCII text in the machine 475 readable portions of the protocol. "International Delivery and 476 Disposition Notifications" [RFC5337bis-DSN] adds a new address type 477 for international email addresses so an original recipient address 478 with non-ASCII characters can be correctly preserved even after 479 downgrading. If an SMTP server advertises both the UTF8SMTPbis and 480 the DSN extension, that server MUST implement internationalized DSNs 481 including support for the ORCPT parameter specified in RFC 3461 482 [RFC3461]. 484 7. Downgrading before and after SMTP Transactions 486 An important issue with these extensions is how to handle 487 interactions between systems that support non-ASCII addresses and 488 legacy systems that expect ASCII. There is, of course, no problem 489 with ASCII-only systems sending to those that can handle 490 internationalized forms because the ASCII forms are just a proper 491 subset. But, when systems that support these extensions send mail, 492 they may include non-ASCII addresses for senders, receivers, or both 493 and might also provide non-ASCII header information other than 494 addresses. If the extension is not supported by the first-hop system 495 (SMTP server accessed by the Submission server acting as an SMTP 496 client), message originating systems should be prepared to either 497 send conventional envelopes and message headers or to return the 498 message to the originating user so the message may be manually 499 downgraded to the traditional form, possibly using encoded words 500 [RFC2047] in the message headers. Of course, such transformations 501 imply that the originating user or system must have ASCII-only 502 addresses available for all senders and recipients. Mechanisms by 503 which such addresses may be found or identified are outside the scope 504 of these specifications as are decisions about the design of 505 originating systems such as whether any required transformations are 506 made by the user, the originating MUA, or the Submission server. 508 A somewhat more complex situation arises when the first-hop system 509 supports these extensions but some subsequent server in the SMTP 510 transmission chain does not. It is important to note that most cases 511 of that situation will be the result of configuration errors: 512 especially if it hosts non-ASCII addresses, a final delivery MTA that 513 accepts these extensions should not be configured with lower- 514 preference MX hosts that do not. While the experiments that preceded 515 these specifications included a mechanism for passing backup ASCII 516 addresses to intermediate relay systems and having those systems 517 alter the relevant message header fields and substitute the addresses 518 [RFC5504], the requirements and long-term implications of that system 519 proved too complex to be satisfactory. Consequently, if an 520 intermediate SMTP relay that is transmitting a message that requires 521 these extensions and discovers that the next system in the chain does 522 not support them, it will have little choice other than to reject or 523 return the message. 525 As discussed above, downgrading to an ASCII-only form may occur 526 before or during the initial message submission. It might also occur 527 after the delivery to the final delivery MTA in order to accommodate 528 messages stores or IMAP or POP servers or clients that have different 529 capabilities than the delivery MTA. These two cases are discussed in 530 the subsections below. 532 7.1. Downgrading before or during Message Submission 534 Perhaps obviously, the most convenient time to find an ASCII address 535 corresponding to an internationalized address is at the originating 536 MUA. This can occur either before the message is sent or after the 537 internationalized form of the message is rejected. It is also the 538 most convenient time to convert a message from the internationalized 539 form into conventional ASCII form or to generate a non-delivery 540 message to the sender if either is necessary. At that point, the 541 user has a full range of choices available, including contacting the 542 intended recipient out of band for an alternate address, consulting 543 appropriate directories, arranging for translation of both addresses 544 and message content into a different language, and so on. While it 545 is natural to think of message downgrading as optimally being a 546 fully-automated process, we should not underestimate the capabilities 547 of a user of at least moderate intelligence who wishes to communicate 548 with another such user. 550 In this context, one can easily imagine modifications to message 551 submission servers (as described in [RFC4409]) so that they would 552 perform downgrading, or perhaps even upgrading, operations, receiving 553 messages with one or more of the internationalization extensions 554 discussed here and adapting the outgoing message, as needed, to 555 respond to the delivery or next-hop environment it encounters. 557 7.2. Downgrading or Other Processing After Final SMTP Delivery 559 When an email message is received by a final delivery MTA, it is 560 usually stored in some form. Then it is retrieved either by software 561 that reads the stored form directly or by client software via some 562 email retrieval mechanisms such as POP or IMAP. 564 The SMTP extension described in Section 6.1 provides protection only 565 in transport. It does not prevent MUAs and email retrieval 566 mechanisms that have not been upgraded to understand 567 internationalized addresses and UTF-8 message headers from accessing 568 stored internationalized emails. 570 Since the final delivery MTA (or, to be more specific, its 571 corresponding mail storage agent) cannot safely assume that agents 572 accessing email storage will always be capable of handling the 573 extensions proposed here, it MAY either downgrade internationalized 574 emails or specially identify messages that utilize these extensions, 575 or both. If this is done, the final delivery MTA SHOULD include a 576 mechanism to preserve or recover the original internationalized forms 577 without information loss to support access by UTF8SMTPbis-aware 578 agents. 580 8. Downgrading in Transit 582 The base SMTP specification (Section 2.3.11 of RFC 5321 [RFC5321]) 583 states that "due to a long history of problems when intermediate 584 hosts have attempted to optimize transport by modifying them, the 585 local-part MUST be interpreted and assigned semantics only by the 586 host specified in the domain part of the address". This is not a new 587 requirement; equivalent statements appeared in specifications in 2001 588 [RFC2821] and even in 1989 [RFC1123]. 590 Adherence to this rule means that a downgrade mechanism that 591 transforms the local-part of an email address cannot be done in 592 transit. It can only be done at the endpoints, namely by the MUA or 593 submission server or by the final delivery MTA. 595 One of the reasons for this rule has to do with legacy email systems 596 that use source routing in the local-part of the address field. 597 Transforming the email address destroys such routing information. 598 There is no way a server other than the final delivery server can 599 know, for example, whether the local-part of user&foo@example.com is 600 a route ("user" is reached via "foo") or simply a local address. 602 9. User Interface and Configuration Issues 604 Internationalization of addresses and message headers, especially in 605 combination with variations on character coding that are inherent to 606 Unicode, may make careful choices of addresses and careful 607 configuration of servers and DNS records even more important than 608 they are for traditional Internet email. It is likely that, as 609 experience develops with the use of these protocols, it will be 610 desirable to produce one or more additional documents that offer 611 guidance for configuration and interfaces. A document that discusses 612 issues with mail user agents (MUAs), especially with regard to 613 downgrading, is expected to be developed in the EAI Working Group. 614 [[anchor15: Note in Draft: What do we want to do about this?]] 615 The subsections below address some other issues. 617 9.1. Choices of Mailbox Names and Unicode Normalization 619 It has long been the case that the email syntax permits choices about 620 mailbox names that are unwise in practice if one actually intends the 621 mailboxes to be accessible to a broad range of senders. The most- 622 often-cited examples involve the use of case-sensitivity and tricky 623 quoting of embedded characters in mailbox local parts. While these 624 are permitted by the protocols and servers are expected to support 625 them and there are special cases where they can provide value, taking 626 advantage of those features is almost always bad practice unless the 627 intent is to create some form of security by obscurity. 629 In the absence of these extensions, SMTP clients and servers are 630 constrained to using only those addresses permitted by RFC 5321. The 631 local parts of those addresses MAY be made up of any ASCII characters 632 except the control characters that 5321 prohibits, although some of 633 them MUST be quoted as specified there. It is notable in an 634 internationalization context that there is a long history on some 635 systems of using overstruck ASCII characters (a character, a 636 backspace, and another character) within a quoted string to 637 approximate non-ASCII characters. This form of internationalization 638 was permitted by RFC 821 but is prohibited by RFC 5321 because it 639 requires a backspace character (a prohibited C0 control). The 640 practice SHOULD be phased out as this extension becomes widely 641 deployed but backward-compatibility considerations may require that 642 it continue to be recognized. 644 For the particular case of EAI mailbox names, special attention must 645 be paid to Unicode normalization [Unicode-UAX15], in part because 646 Unicode strings may be normalized by other processes independent of 647 what a mail protocol specifies (this is exactly analogous to what may 648 happen with quoting and dequoting in traditional addresses). 649 Consequently, the following principles are offered as advice to those 650 who are selecting names for mailboxes: 652 o In general, it is wise to support addresses in Normalized form, 653 using either Normalization Form NFC and, except in unusual 654 circumstances, NFKC. 656 o It may be wise to support other forms of the same local-part 657 string, either as aliases or by normalization of strings reaching 658 the delivery server, in the event that the sender does not send 659 the strings in normalized form. 661 o Stated differently and in more specific terms, the rules of the 662 protocol for local-part strings essentially provide that: 664 * Unnormalized strings are valid, but sufficiently bad practice 665 that they may not work reliably on a global basis. 667 * C0 (and presumably C1) controls (see The Unicode Standard 668 [Unicode52]) are prohibited, the first in RFC 5321 and the 669 second by an obvious extension from it [RFC5198]. 671 * Other kinds of punctuation, spaces, etc., are risky practice. 672 Perhaps they will work, and SMTP receiver code is required to 673 handle them, but creating dependencies on them in mailbox names 674 that are chosen is usually a bad practice and may lead to 675 interoperability problems. 677 10. Additional Issues 679 This section identifies issues that are not covered, or not covered 680 comprehensively, as part of this set of specifications, but that will 681 require ongoing review as part of deployment of email address and 682 header internationalization. 684 10.1. Impact on URIs and IRIs 686 The mailto: schema [RFC2368] and discussed in the Internationalized 687 Resource Identifier (IRI) specification [RFC3987] may need to be 688 modified when this work is completed and standardized. 690 10.2. Use of Email Addresses as Identifiers 692 There are a number of places in contemporary Internet usage in which 693 email addresses are used as identifiers for individuals, including as 694 identifiers to Web servers supporting some electronic commerce sites 695 and in some X.509 certificates [RFC5280]. These documents do not 696 address those uses, but it is reasonable to expect that some 697 difficulties will be encountered when internationalized addresses are 698 first used in those contexts, many of which cannot even handle the 699 full range of addresses permitted today. 701 10.3. Encoded Words, Signed Messages, and Downgrading 703 One particular characteristic of the email format is its persistency: 704 MUAs are expected to handle messages that were originally sent 705 decades ago and not just those delivered seconds ago. As such, MUAs 706 and mail filtering software, such as that specified in Sieve 707 [RFC5228], will need to continue to accept and decode header fields 708 that use the "encoded word" mechanism [RFC2047] to accommodate non- 709 ASCII characters in some header fields. While extensions to both 710 POP3 [RFC1939] and IMAP [RFC3501] have been defined that include 711 automatic upgrading of messages that carry non-ASCII information in 712 encoded form -- including RFC 2047 decoding -- of messages by the 713 POP3 [RFC5721bis-POP3] or IMAP [RFC5738bis-IMAP] server, there are 714 message structures and MIME content-types for which that cannot be 715 done or where the change would have unacceptable side effects. 717 For example, message parts that are cryptographically signed, using 718 e.g., S/MIME [RFC3851] or Pretty Good Privacy (PGP) [RFC3156], cannot 719 be upgraded from the RFC 2047 form to normal UTF-8 characters without 720 breaking the signature. Similarly, message parts that are encrypted 721 may contain, when decrypted, header fields that use the RFC 2047 722 encoding; such messages cannot be 'fully' upgraded without access to 723 cryptographic keys. 725 Similar issues may arise if messages are signed and then subsequently 726 downgraded, e.g., as discussed in Section 7.1, and then an attempt is 727 made to upgrade them to the original form and then verify the 728 signatures. Even the very subtle changes that may result from 729 algorithms to downgrade and then upgrade again may be sufficient to 730 invalidate the signatures if they impact either the primary or MIME 731 bodypart headers. When signatures are present, downgrading must be 732 performed with extreme care if at all. 734 10.4. LMTP 736 LMTP [RFC2033] may be used as part of the final delivery agent. In 737 such cases, LMTP may be arranged to deliver the mail to the mail 738 store. The mail store may not have UTF8SMTPbis capability. LMTP may 739 need to be updated to deal with these situations. 741 10.5. Other Uses of Local Parts 743 Local parts are sometimes used to construct domain labels, e.g., the 744 local part "user" in the address user@domain.example could be 745 converted into a vanity host user.domain.example with its Web space 746 at and the catchall addresses 747 any.thing.goes@user.domain.example. 749 Such schemes are obviously limited by, among other things, the SMTP 750 rules for domain names, and will not work without further 751 restrictions for other local parts such as the 752 specified in [RFC5335bis-Hdrs]. Whether those limitations are 753 relevant to these specifications is an open question. It may be 754 simply another case of the considerable flexibility accorded to 755 delivery MTAs in determining the mailbox names they will accept and 756 how they are interpreted. 758 10.6. Non-Standard Encapsulation Formats 760 Some applications use formats similar to the application/mbox format 761 defined in [RFC4155] instead of the message/digest form described in 762 RFC 2046, Section 5.1.5 [RFC2046] to transfer multiple messages as 763 single units. Insofar as such applications assume that all stored 764 messages use the message/rfc822 format described in RFC 2046, Section 765 5.2.1 [RFC2046] with US-ASCII message headers, they are not ready for 766 the extensions specified in this series of documents and special 767 measures may be needed to properly detect and process them. 769 11. IANA Considerations 771 This overview description and framework document does not contemplate 772 any IANA registrations or other actions. Some of the documents in 773 the group have their own IANA considerations sections and 774 requirements. 776 12. Security Considerations 778 Any expansion of permitted characters and encoding forms in email 779 addresses raises some risks. There have been discussions on so 780 called "IDN-spoofing" or "IDN homograph attacks". These attacks 781 allow an attacker (or "phisher") to spoof the domain or URLs of 782 businesses. The same kind of attack is also possible on the local 783 part of internationalized email addresses. It should be noted that 784 the proposed fix involving forcing all displayed elements into 785 normalized lower-case works for domain names in URLs, but not email 786 local parts since those are case sensitive. 788 Since email addresses are often transcribed from business cards and 789 notes on paper, they are subject to problems arising from confusable 790 characters (see [RFC4690]). These problems are somewhat reduced if 791 the domain associated with the mailbox is unambiguous and supports a 792 relatively small number of mailboxes whose names follow local system 793 conventions. They are increased with very large mail systems in 794 which users can freely select their own addresses. 796 The internationalization of email addresses and message headers must 797 not leave the Internet less secure than it is without the required 798 extensions. The requirements and mechanisms documented in this set 799 of specifications do not, in general, raise any new security issues. 801 They do require a review of issues associated with confusable 802 characters -- a topic that is being explored thoroughly elsewhere 803 (see, e.g., RFC 4690 [RFC4690]) -- and, potentially, some issues with 804 UTF-8 normalization, discussed in RFC 3629 [RFC3629], and other 805 transformations. Normalization and other issues associated with 806 transformations and standard forms are also part of the subject of 807 work described elsewhere [RFC5198] [RFC5893] [IAB-idn-encoding]. 809 Some issues specifically related to internationalized addresses and 810 message headers are discussed in more detail in the other documents 811 in this set. However, in particular, caution should be taken that 812 any "downgrading" mechanism, or use of downgraded addresses, does not 813 inappropriately assume authenticated bindings between the 814 internationalized and ASCII addresses. Expecting and most or all 815 such transformations prior to final delivery be done by systems that 816 are presumed to be under the administrative control of the sending 817 user ameliorates the potential problem somewhat as compared to what 818 it would be if the relationships were changed in transit. 820 The new UTF-8 header and message formats might also raise, or 821 aggravate, another known issue. If the model creates new forms of an 822 'invalid' or 'malformed' message, then a new email attack is created: 823 in an effort to be robust, some or most agents will accept such 824 message and interpret them as if they were well-formed. If a filter 825 interprets such a message differently than the MUA used by the 826 recipient, then it may be possible to create a message that appears 827 acceptable under the filter's interpretation but should be rejected 828 under the interpretation given to it by that MUA. Such attacks 829 already exist for existing messages and encoding layers, e.g., 830 invalid MIME syntax, invalid HTML markup, and invalid coding of 831 particular image types. 833 In addition, email addresses are used in many contexts other than 834 sending mail, such as for identifiers under various circumstances 835 (see Section 10.2). Each of those contexts will need to be 836 evaluated, in turn, to determine whether the use of non-ASCII forms 837 is appropriate and what particular issues they raise. 839 This work will clearly affect any systems or mechanisms that are 840 dependent on digital signatures or similar integrity protection for 841 email message headers (see also the discussion in Section 10.3). 842 Many conventional uses of PGP and S/MIME are not affected since they 843 are used to sign body parts but not message headers. On the other 844 hand, the developing work on domain keys identified mail (DKIM) 845 [RFC5863] will eventually need to consider this work and vice versa: 846 while this specification does not address or solve the issues raised 847 by DKIM and other signed header mechanisms, the issues will have to 848 be coordinated and resolved eventually if the two sets of protocols 849 are to co-exist. In addition, to the degree to which email addresses 850 appear in PKI (Public Key Infrastructure) certificates, standards 851 addressing such certificates will need to be upgraded to address 852 these internationalized addresses. Those upgrades will need to 853 address questions of spoofing by look-alikes of the addresses 854 themselves. 856 13. Acknowledgments 858 This document is an update to, and derived from, RFC 4952. This 859 document would have been impossible without the work and 860 contributions acknowledged in it. The present document benefited 861 significantly from discussions in the EAI WG and elsewhere after RFC 862 4952 was published, especially discussions about the experimental 863 versions of other documents in the internationalized email 864 collection, and from RFC errata on RFC 4952 itself. 866 Special thanks are due to Ernie Dainow for careful reviews and 867 suggested text in this version. 869 14. References 871 14.1. Normative References 873 [ASCII] American National Standards Institute 874 (formerly United States of America 875 Standards Institute), "USA Code for 876 Information Interchange", ANSI X3.4-1968, 877 1968. 879 ANSI X3.4-1968 has been replaced by newer 880 versions with slight modifications, but the 881 1968 version remains definitive for the 882 Internet. 884 [RFC1652] Klensin, J., Freed, N., Rose, M., 885 Stefferud, E., and D. Crocker, "SMTP 886 Service Extension for 8bit-MIMEtransport", 887 RFC 1652, July 1994. 889 [RFC2119] Bradner, S., "Key words for use in RFCs to 890 Indicate Requirement Levels'", RFC 2119, 891 BCP 14, March 1997. 893 [RFC3629] Yergeau, F., "UTF-8, a transformation 894 format of ISO 10646", STD 63, RFC 3629, 895 November 2003. 897 [RFC5321] Klensin, J., "Simple Mail Transfer 898 Protocol", RFC 5321, October 2008. 900 [RFC5322] Resnick, P., Ed., "Internet Message 901 Format", RFC 5322, October 2008. 903 [RFC5335bis-Hdrs] Yang, A. and S. Steele, "Internationalized 904 Email Headers", July 2010, . 908 [RFC5336bis-SMTP] Yao, J. and W. Mao, "SMTP Extension for 909 Internationalized Email Address", 910 June 2010, . 913 [RFC5337bis-DSN] Not yet posted?, "Internationalized 914 Delivery Status and Disposition 915 Notifications", Unwritten waiting for I-D, 916 2010. 918 [RFC5721bis-POP3] Not yet posted?, "POP3 Support for UTF-8", 919 Unwritten waiting for I-D, 2010. 921 [RFC5738bis-IMAP] Not yet posted?, "IMAP Support for UTF-8", 922 Unwritten waiting for I-D, 2010. 924 [RFC5890] Klensin, J., "Internationalized Domain 925 Names for Applications (IDNA): Definitions 926 and Document Framework", RFC 5890, 927 June 2010. 929 [RFCNNNNbis-MailingList] Not yet posted?, "Mailing Lists and 930 Internationalized Email Addresses", First 931 Version still not in RFC Editor queue https 932 ://datatracker.ietf.org/doc/ 933 draft-ietf-eai-mailinglist/, 934 Unwritten waiting for I-D, 2010. 936 14.2. Informative References 938 [EAI-Mailinglist] Gellens, R., "Mailing Lists and 939 Internationalized Email Addresses", 940 March 2010, . 943 [IAB-idn-encoding] Thaler, D., Klensin, J., and S. Cheshire, 944 "IAB Thoughts on Encodings for 945 Internationalized Domain Names", 2010, . 949 [RFC1123] Braden, R., "Requirements for Internet 950 Hosts - Application and Support", STD 3, 951 RFC 1123, October 1989. 953 [RFC1939] Myers, J. and M. Rose, "Post Office 954 Protocol - Version 3", STD 53, RFC 1939, 955 May 1996. 957 [RFC2033] Myers, J., "Local Mail Transfer Protocol", 958 RFC 2033, October 1996. 960 [RFC2045] Freed, N. and N. Borenstein, "Multipurpose 961 Internet Mail Extensions (MIME) Part One: 962 Format of Internet Message Bodies", 963 RFC 2045, November 1996. 965 [RFC2046] Freed, N. and N. Borenstein, "Multipurpose 966 Internet Mail Extensions (MIME) Part Two: 967 Media Types", RFC 2046, November 1996. 969 [RFC2047] Moore, K., "MIME (Multipurpose Internet 970 Mail Extensions) Part Three: Message Header 971 Extensions for Non-ASCII Text", RFC 2047, 972 November 1996. 974 [RFC2231] Freed, N. and K. Moore, "MIME Parameter 975 Value and Encoded Word Extensions: Characte 976 r Sets, Languages, and Continuations", 977 RFC 2231, November 1997. 979 [RFC2368] Hoffman, P., Masinter, L., and J. Zawinski, 980 "The mailto URL scheme", RFC 2368, 981 July 1998. 983 [RFC2821] Klensin, J., "Simple Mail Transfer 984 Protocol", RFC 2821, April 2001. 986 [RFC3156] Elkins, M., Del Torto, D., Levien, R., and 987 T. Roessler, "MIME Security with OpenPGP", 988 RFC 3156, August 2001. 990 [RFC3461] Moore, K., "Simple Mail Transfer Protocol 991 (SMTP) Service Extension for Delivery 992 Status Notifications (DSNs)", RFC 3461, 993 January 2003. 995 [RFC3464] Moore, K. and G. Vaudreuil, "An Extensible 996 Message Format for Delivery Status 997 Notifications", RFC 3464, January 2003. 999 [RFC3492] Costello, A., "Punycode: A Bootstring 1000 encoding of Unicode for Internationalized 1001 Domain Names in Applications (IDNA)", 1002 RFC 3492, March 2003. 1004 [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS 1005 PROTOCOL - VERSION 4rev1", RFC 3501, 1006 March 2003. 1008 [RFC3851] Ramsdell, B., "Secure/Multipurpose Internet 1009 Mail Extensions (S/MIME) Version 3.1 1010 Message Specification", RFC 3851, 1011 July 2004. 1013 [RFC3987] Duerst, M. and M. Suignard, 1014 "Internationalized Resource Identifiers 1015 (IRIs)", RFC 3987, January 2005. 1017 [RFC4155] Hall, E., "The application/mbox Media 1018 Type", RFC 4155, September 2005. 1020 [RFC4409] Gellens, R. and J. Klensin, "Message 1021 Submission for Mail", RFC 4409, April 2006. 1023 [RFC4690] Klensin, J., Faltstrom, P., Karp, C., and 1024 IAB, "Review and Recommendations for 1025 Internationalized Domain Names (IDNs)", 1026 RFC 4690, September 2006. 1028 [RFC4952] Klensin, J. and Y. Ko, "Overview and 1029 Framework for Internationalized Email", 1030 RFC 4952, July 2007. 1032 [RFC5198] Klensin, J. and M. Padlipsky, "Unicode 1033 Format for Network Interchange", RFC 5198, 1034 March 2008. 1036 [RFC5228] Guenther, P. and T. Showalter, "Sieve: An 1037 Email Filtering Language", RFC 5228, 1038 January 2008. 1040 [RFC5280] Cooper, D., Santesson, S., Farrell, S., 1041 Boeyen, S., Housley, R., and W. Polk, 1042 "Internet X.509 Public Key Infrastructure 1043 Certificate and Certificate Revocation List 1044 (CRL) Profile", RFC 5280, May 2008. 1046 [RFC5335] Abel, Y., "Internationalized Email 1047 Headers", RFC 5335, September 2008. 1049 [RFC5336] Yao, J. and W. Mao, "SMTP Extension for 1050 Internationalized Email Addresses", 1051 RFC 5336, September 2008. 1053 [RFC5337] Newman, C. and A. Melnikov, 1054 "Internationalized Delivery Status and 1055 Disposition Notifications", RFC 5337, 1056 September 2008. 1058 [RFC5504] Fujiwara, K. and Y. Yoneya, "Downgrading 1059 Mechanism for Email Address 1060 Internationalization", RFC 5504, 1061 March 2009. 1063 [RFC5721] Gellens, R. and C. Newman, "POP3 Support 1064 for UTF-8", RFC 5721, February 2010. 1066 [RFC5738] Resnick, P. and C. Newman, "IMAP Support 1067 for UTF-8", RFC 5738, March 2010. 1069 [RFC5825] Fujiwara, K. and B. Leiba, "Displaying 1070 Downgraded Messages for Email Address 1071 Internationalization", RFC 5825, 1072 April 2010. 1074 [RFC5863] Hansen, T., Siegel, E., Hallam-Baker, P., 1075 and D. Crocker, "DomainKeys Identified Mail 1076 (DKIM) Development, Deployment, and 1077 Operations", RFC 5863, May 2010. 1079 [RFC5893] Alvestrand, H. and C. Karp, "Right-to-Left 1080 Scripts for Internationalized Domain Names 1081 for Applications (IDNA)", RFC 5893, 1082 June 2010. 1084 [Unicode-UAX15] The Unicode Consortium, "Unicode Standard 1085 Annex #15: Unicode Normalization Forms", 1086 March 2008, 1087 . 1089 [Unicode52] The Unicode Consortium. The Unicode 1090 Standard, Version 5.2.0, defined by:, "The 1091 Unicode Standard, Version 5.2.0", (Mountain 1092 View, CA: The Unicode Consortium, 1093 2009. ISBN 978-1-936213-00-9)., . 1096 Appendix A. Change Log 1098 [[RFC Editor: Please remove this section prior to publication.]] 1100 A.1. Changes between -00 and -01 1102 o Because there has been no feedback on the mailing list, updated 1103 the various questions to refer to this version as well. 1105 o Reflected RFC Editor erratum #1507 by correcting terminology for 1106 headers and header fields and distinguishing between "message 1107 headers" and different sorts of headers (e.g., the MIME ones). 1109 A.2. Changes between -01 and -02 1111 Note that section numbers in the list that follows may refer to -01 1112 and not -02. 1114 o Discussion of RFC 5825 ("downgraded display") has been removed per 1115 the earlier note and on-list discussion. Any needed discussion 1116 about reconstructed messages will need to appear in the IMAP and 1117 POP documents. However, the introductory material has been 1118 reworded to permit keeping 5504 and 5825 on the list there, 1119 without which the back chain would not be complete. For 1120 consistency with this change, 5504 and 5825 have been added to the 1121 "Obsoletes" list (as far as I know, an Informational spec can 1122 obsolete or update Experimental ones, so no downref problem here 1123 --JcK). 1125 o Reference to alternate addresses dropped from (former) Section 1126 7.1. 1128 o Reference to RFC 5504 added to (former) Section 8 for 1129 completeness. 1131 o Ernie's draft comments added (with some minor edits) to replace 1132 the placeholder in (former) Section 9 ("Downgrading in Transit"). 1133 It is intended to capture at least an introduction the earlier 1134 discussions of algorithmic downgrading generally and ACE/Punycode 1135 transformations in particular. Anyone who is unhappy with it 1136 should say so and propose alternate text. RSN. 1138 o In the interest of clarity and consistency with the terminology in 1139 Section 4.1, all uses of "final delivery SMTP server" and "final 1140 delivery server" have been changed to "final delivery MTA". 1142 o Placeholder at the end of Section 2 has been removed and the text 1143 revised to promise less. The "Document Plan" (Section 5) has been 1144 revised accordingly. We need to discuss this at IETF 78 if not 1145 sooner. 1147 o Sections 5 and 6 have been collapsed into one -- there wasn't 1148 enough left in the former Section 5 to justify a separate section. 1150 o Former Section 11.1 has been dropped and the DSN document moved up 1151 into the "Document Plan" as suggested earlier. 1153 o Section 12, "Experimental Targets", has been removed. 1155 o Updated references for the new version EAI documents and added 1156 placeholders for all of the known remaining drafts that will 1157 become part of the core EAI series but that have not been written. 1159 o Inserted an additional clarification about the relationship of 1160 these extensions to non-ASCII messages. 1162 o Changed some normative/informative reference classifications based 1163 on review of the new text. 1165 o Removed references to the pre-EAI documents that were cited for 1166 historical context in 4952. 1168 o Got rid of a remaining pointer to address downgrading in the 1169 discussion of an updated MAILTO URI. 1171 o Minor additional editorial cleanups and tuning. 1173 Authors' Addresses 1175 John C KLENSIN 1176 1770 Massachusetts Ave, #322 1177 Cambridge, MA 02140 1178 USA 1180 Phone: +1 617 491 5735 1181 EMail: john-ietf@jck.com 1183 YangWoo KO 1184 ICU 1185 119 Munjiro 1186 Yuseong-gu, Daejeon 305-732 1187 Republic of Korea 1189 EMail: yw@mrko.pe.kr