Tuesday, July 11, 2006


IETF 66, Montréal

I'm at the IETF 66th meeting this week, at the Palais des Congrès in Montréal, and I'll be posting some meeting highlights here during the week. Today's entry covers the first two days.

Applications Area general meeting

This meeting started, as usual, with general announcements related to the Applications Area: discussing the working groups that are completing their work, listing the area's BOF sessions along with a brief description of each. We then had two presentations, each of which gave us significant food for discussion: Web Authentication Enhancement (WAE) and Next Steps for Internationalized Domain Names (IDN). A good view of the discussion can be seen in the jabber log.

Web Authentication Enhancement is a BOF session that will be held on Friday morning. The goal is to devise a system for identifying oneself to a web site in a persistent way, and giving a controlled amount of personal information to the web site securely and privately. It's important that others not be able to spoof my identification, and that the web site not be able to replay my identification to other web sites. The goal of the BOF is to decide what pieces of the problem are most important to solve, to balance the trade-offs, and to decide how to proceed.

Internationalized Domain Names: Some time ago, the IETF standardized a mechanism for using international character sets (non-US characters) in domain names — the address of a web server, or the part of an email address to the right of the "@". That standard isn't a complete solution, and some issues have come up since then. One, for instance, is the use of non-US characters that look exactly like US characters — writing "paypal.com", for instance, with Cyrillic "a" characters, which can fool users into thinking they're really looking at the Paypal web site when they're really visiting a fake one. This "next steps" effort is an attempt to identify the issues and considering how to proceed to make the situation better.

lemonade — Enhancements to Internet email to support diverse service environments

After spending far more time than usual tweaking the agenda, in order to accomodate some schedule conflicts, we had a brief item on doing an interoperability-testing event, the details of which are still being worked out. There followed a report on the status of our liaison with the Open Mobile Alliance (OMA), with nothing particularly notable there. Following that, we got into the main focus of the meeting — the status of the working group's documents. For details, see the jabber logs for Monday's meeting, and for Tuesday's meeting.

The sets of documents covered on the first day were those related to notifications, which occupied most of the available time, and those related to data streaming. We got through the rest of the documents on the second day, with lots of discussion on Reconnect and Vfolder, and a modeate amount on Compress and Xencrypted.

EAI — Email Address Internationalization

This entire meeting was spent on issues with the group's documents, and most of the discussion related to the issues of downgrading and upgrading strings. Strings containing non-Western characters, particularly those for Asian languages that have tens of thousands of characters to be represented, have to be encoded in a multi-byte format. Variations and encodings of "unicode" are used for that, and the issue is how to deal with situations where an email address in, say, Chinese has to be sent to a mail server that only understands Western character sets.

We actually did resolve some of the issues, and suggested changes to the document authors. The jabber log is over here.

Sieve — mail filtering language

After reviewing working group status and showing the list of documents that've been completed, we dove into the currently active ones. There were some minor issues with the base language specification, with the main one being (surprise!) more international character set issues. In particular, there's a need in some cases to use character strings that are encoded with mechanisms other than unicode. Then we had a nice discussion of how to test header fields in imbedded messages when using the MIME Loops extension. There followed a bit of discussion about the Regular Expressions extension, which is moribund and may stay that way — we ultimately decided to leave it as it is, and if the rest of the group's work is finished and RegEx is still not done, we can decide to drop it then.

Next we got into a long discussion of whether it's reasonable (or desirable) for the Reject extension to specify that the "reject" action is incompatible with other actions, and exactly what that means... followed by more international character discussions, this time about what to do about non-Western characters in the "reason for rejection" message. Of the rest of the documents, the most discussion was on Notify and Include. The jabber log is here.

DKIM — Domain Keys Identified Mail

We had a tight schedule for today's meeting, with a two-hour session for the rest of the agenda tomorrow. The goal today was to get through the open issues with the base specification, and we did pretty well on it, agreeing that most were ready to close, and having some extended discussion on just a few. Check out the jabber log for more details.

No comments: