On Tue, 6 Aug 2019, John C Klensin wrote:
Section 4 on "For-Profit Domains" contrasts normal zones which
have names that are of use to the zone's owner, and commercial
zones where more names mean more money ...
I am also concerned that Getting this perfectly (or even nearly
so) right would require much more text and that more text would
reduce the number of readers.
I agree that shorter is better. How about observing that names that don't
follow conservative rules are often treated as risky by applications such
as web and mail, which take countermeasures such as showing them as
A-labels and making links not clickable. You can use this M3AAWG BCP as a reference
https://www.m3aawg.org/sites/default/files/m3aawg-unicode-best-practices-2016-02.pdf
If we can figure out some way to say this concisely, security systems
aggregate data and a TLD with a lot of risky names is likely to be treated
as risky overall.
Section 5.1 updates RFC 5890 section 4.2 to say in part "A 63
octet A-label cannot represent more than 58 Unicode code
points ..." ...
Thought about doing something like that, but (i) there is
--quite deliberately and after discussion in the WG-- no UTF-8
dependency or requirement in the IDNA specs.
Ah, never noted that. So mostly never mind, although I still prefer
"up to 58 code points" rather than "limited to 58 code points" to
make it less likely that people will leap to wrong conclusions.
Regards,
John Levine, johnl@xxxxxxxxx, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
PS:
There is also another audience. As you know from other contexts, I
believe the whole domain names market is looking more and more like
a house of cards and that, sooner or later, there will be incidents,
probably ones in which someone is harmed, ...
I agree it's a house of cards, but I think it's likely to implode
mostly silently. There have now been 52 vanity TLDs whose owners have
handed them back to ICANN, who has shut them all down since they were
all empty. There's one dead non-vanity TLD, the bizarrely managed
and tiny .web, which is now frozen in EBERO. I expect that we'll see
more frozen corpses, but with few enough names overall that nobody
will care.
