double angle brackets

> One of the key goals in simplifying Downgrade is to drop the double  
> angle bracket notation, due to compatibility and security concerns.  
> There have been a few email threads on this. I think the following  
> summarizes the current thinking.
>
> Dropping double angle brackets on Recipient addresses is part of the  
> downgrade simplification to not support downgrade of forward pointing  
> addresses (considering these cases as configuration errors).
>
> To replace double angle brackets for the Sender, John Klensin proposed  
> using multiple From fields. SM amended this with Reply-To to specify the  
> preferred address, as in
>         From: EAI-addr, ASCII-addr
>         Reply-To: EAI-addr
> where the EAI-addr gets dropped in Downgrade.
>
> I did some (non-EAI) tests of multiple From fields with Reply-To on two  
> different email systems and both worked as expected. This looks like an  
> elegant solution.

> On Fri, 04 Sep 2009 22:46:26 +0100, Ernie Dainow
> <edainow@...> wrote:
>
>> One of the key goals in simplifying Downgrade is to drop the
>> double   angle bracket notation, due to compatibility and
>> security concerns.   There have been a few email threads on
>> this. I think the following   summarizes the current thinking.
>>
>> Dropping double angle brackets on Recipient addresses is part
>> of the   downgrade simplification to not support downgrade of
>> forward pointing   addresses (considering these cases as
>> configuration errors).
>>
>> To replace double angle brackets for the Sender, John Klensin
>> proposed   using multiple From fields. SM amended this with
>> Reply-To to specify the   preferred address, as in
>>         From: EAI-addr, ASCII-addr
>>         Reply-To: EAI-addr
>> where the EAI-addr gets dropped in Downgrade.
>>
>> I did some (non-EAI) tests of multiple From fields with
>> Reply-To on two   different email systems and both worked as
>> expected. This looks like an   elegant solution.
>
> Yes, but the interesting case is multiple fields in Reply-To.
> Normally, these will cause the reply to go to _both_ (but if
> one is utf-8 and one is ascii, then the utf-8 might fail).
>
> If we retain the double angle brackets, then one could still
> say, in the Reply-To, "please reply to my utf-8 address if
> possible, but if your system (or some intermediate server that
> knows how to downgrade) can't do that, then please reply to my
> ascii address".

> I would expect that to be the commonest (and most useful)
> situation in which those double angle brackets will appear in
> practice.
>
> So my preference would be to retain them, at least so long as
> these remain Experimental documents. If the eventual Standard
> still retains them, then it could still say "this feature may
> well be withdrawn in a future version of this standard" (with
> the intent to do so when utf-8 has become so widely
> implemented that it is no longer needed).

> It seems to me that 99% of the time email can be viewed as
> primarily "sender side" or "recipient side".  Eg: Mail goes
> from a sender system to a recipient system.  It is very rare
> (now) that an in-between system would relay mail from an
> untrusted server to another 3rd party server.  If there is a
> relay, it'd have to trust the sender, so it's pretty much
> "sender side," or recognize the recipient "recipient side."
>
> Assuming that a "sender" has an EAI aware system that is
> completely conformant and "works" with UTF-8 addresses, then
> the entire "sender side" would have to be updated to support
> UTF-8 addresses.  If the sender's relays aren't upgraded, then
> all of their mail ends up being downgraded anyway.
>
> Similarly a recipient either has an entirely EAI aware system,
> or they don't.  
>
> So I'm wondering how interesting downgrade really is.  If my
> sending system trusts the sender, presumably it could request
> an ASCII address from the trusted sender-side server if it
> needed to downgrade.  (Through some other mechanism, like
> asking the trusted server what other aliases were valid for
> that account using some new, or even proprietary, protocol).

> --On Tuesday, September 08, 2009 16:51 +0000 Shawn Steele
> <Shawn.Steele@...> wrote:
>
>  
>>> To replace double angle brackets for the Sender, John Klensin
>>> proposed  using multiple From fields. SM amended this with
>>> Reply-To to specify the  preferred address, as in
>>>         From: EAI-addr, ASCII-addr
>>>         Reply-To: EAI-addr
>>> where the EAI-addr gets dropped in Downgrade.
>>>      
>> I'd imagine that "something" isn't going to be happy with 2
>> addresses.
>>    
>
> Right.  In particular, there are a lot of systems that do not
> support multiple-address From:, multiple-address Reply-to:, or
> both.
>
>  

> --On Tuesday, September 08, 2009 16:51 +0000 Shawn Steele
> <Shawn.Steele@...> wrote:
>
>  
>>> To replace double angle brackets for the Sender, John Klensin
>>> proposed  using multiple From fields. SM amended this with
>>> Reply-To to specify the  preferred address, as in
>>>         From: EAI-addr, ASCII-addr
>>>         Reply-To: EAI-addr
>>> where the EAI-addr gets dropped in Downgrade.
>>>      
>> I'd imagine that "something" isn't going to be happy with 2
>> addresses.
>>    
>
> Right.  In particular, there are a lot of systems that do not
> support multiple-address From:, multiple-address Reply-to:, or
> both.
>
>  

>> * non-EAI, support for multiple "From:": will accept
>> both and probably discard the i18n email address.
>>    
>
> That's an interesting assumption.  Presumably I could also reject the entire message since I have no clue how to parse the address.
>
>  
>> * non-EAI, no support for multiple "From:": Will reject
>> either both addresses or the second one.  If one is
>> accepted, probably the first one (which should probably
>> be the ASCII address) will probably be used.  If both
>> are rejected, then nothing much is lost compared to the
>> failed downgrade case -- especially if you remember that
>> an EAI envelope is unlikely to reach a non-EAI system.
>>    
>
> Ditto.
>  

>
>  
>> * EAI compliant system: will support multiple "From:"
>> because the spec will require it.  
>>    
>
> I still can't tell that they're a pair.  It could be intentionally from 2 different people, one of which has an EAI address, but the other has an ASCII address, and we don't know (or didn't bother to mention) what the EAI address user's downgrade address is.
>
> So an EAI compliant system that "assumed" that "From: Unicode, ASCII" was EAI would not bother replying to the ASCII address, &/or it would
>
>  

>  
>> As part of the downgrade simplification, we are proposing to drop
>> support for downgrade of forward pointing addresses such as To:, Cc:.If
>> someone gives you an EAI address, the assumption is that their email
>> system can receive EAI email.If their system cannot receive EAI email,
>> it is a 'configuration' error on their end and they shouldn't be giving
>> out an EAI address until they are ready to receive such mail.
>>    
>
> If I send email from an EAI aware account to 10 other EAI aware users, then that's great.  (Like on a list like this).  If someone replies-all, everything works fine.
>
> Now if I add one non-EAI aware user, unless To: & Cc: are fixed, then that person can't reply-all.  In fact I guess all the other addresses have to be dropped for downgrade (or the mail fails)  If they replied-all, they'd get me presumably because of From, but all the other users would fail.  I use Reply-All more than reply.  That's how I replied to this mail in fact.
>
> I'm not sure how much good it does to "fix" from if the others can't be fixed as well.
>  

>> To replace double angle brackets for the Sender, John Klensin proposed
>> using multiple From fields. SM amended this with Reply-To to specify the
>> preferred address, as in
>>         From: EAI-addr, ASCII-addr
>>         Reply-To: EAI-addr
>> where the EAI-addr gets dropped in Downgrade.
>>    
>
> I'd imagine that "something" isn't going to be happy with 2 addresses.
>
> It seems to me that 99% of the time email can be viewed as primarily "sender side" or "recipient side".  Eg: Mail goes from a sender system to a recipient system.  It is very rare (now) that an in-between system would relay mail from an untrusted server to another 3rd party server.  If there is a relay, it'd have to trust the sender, so it's pretty much "sender side," or recognize the recipient "recipient side."
>
> Assuming that a "sender" has an EAI aware system that is completely conformant and "works" with UTF-8 addresses, then the entire "sender side" would have to be updated to support UTF-8 addresses.  If the sender's relays aren't upgraded, then all of their mail ends up being downgraded anyway.
>
> Similarly a recipient either has an entirely EAI aware system, or they don't.  
>
> So I'm wondering how interesting downgrade really is.  If my sending system trusts the sender, presumably it could request an ASCII address from the trusted sender-side server if it needed to downgrade.  (Through some other mechanism, like asking the trusted server what other aliases were valid for that account using some new, or even proprietary, protocol).
>
> So the proposed solution seems like overkill.
>
> VERY worst case a client (like Outlook) can try to send an EAI email.  If it bounces, the client could resend using my ASCII address (assuming it is properly configured).  It could even do that silently, or with maybe a little warning saying that had been downgraded.
>
> -Shawn
>
> _______________________________________________
> IMA mailing list
> IMA@...
> https://www.ietf.org/mailman/listinfo/ima
>
>  

> I'm going to take a couple steps back.  Mostly I'm focusing on the local part of the address, and I think there's a solution to get us unstuck.
>  
> A lot of background.  At a high level there are really only a few requirements:
>
> * We need Unicode addresses (That's the point of EAI after all :)
> * Many people still need a user friendly ASCII address, for the English side of a Japanese business card if nothing else.
> * Some sort of "downgrade" must exist for backwards compatibility.  I'm being liberal with the term.  "Downgrade" could be a user trying Unicode and then retrying with ASCII if necessary, or just giving out ASCII because they know EAI won't work in some scenario.
>
> 1) We need Unicode addresses.
> The Unicode address is solved reasonably well by UTF-8 and the existing RFCs.  UTF-8 also solves a myriad of problems regarding code pages in the rest of the message, but that's not specifically an EAI issue.
>  
> 2) Friendly ASCII addresses.
> Friendly ASCII addresses are pretty much a non-issue since mailbox aliases are a common mail feature.  (I get mail to shawnste & Shawn.Steele)  I make the small assumption that aliasing would be extended to Unicode and that aliases will be more common in an EAI world.  This probably primarily impacts mailbox administration tools.
>
> 3) Downgrade
> So that leaves downgrade.  Downgrade is necessary for a "transition" period, which is probably many years.  Note that there's no technical requirement that downgrade use the friendly ASCII address mechanism.  It is also worth mentioning that downgrade necessarily requires an EAI aware system (even if it's "just" human downgrade, the human has to be aware of the issue) to do the downgrade.
>
> There are also various degrees of downgrade:
>
> * Human-only downgrade with no automated mechanism.  If my mail bounces I try a different address.  Some big problems are that I may not know the other address, I may not know how to send From: an ASCII address, and some systems may accept mail they can't reply to.
>
> * Partially automated downgrade.  This could be something like From:, or the older headers or something else that doesn't provide the same experience in a mixed environment as in a legacy or EAI only environment.  Eg: simple mail may work, but DL's, newsgroups, reply-to, or other cases could get tricky or fail.
>
> Some big problems with partial downgrade are that it is partial, so user's may think mail works, but get unexpected failures in edge cases.  Also (depending on the degree of "partial"), it may fail if the fallback address(es) aren't know or configured correctly.  Also some mail may appear to succeed but may not be able to be replied to.
>
> * Fully automated downgrade.  This would be some magic system that would downgrade all headers so that "everything" worked, including mailing lists, etc.  In addition to the problem of discovering the downgrade address, we've run into numerous technical concerns and edge cases with the solutions investigated so far.
>
> I've been flip-flopping on how much downgrade is necessary.
>
> Human-only downgrade:
> I think it's possible that a human-only mechanism may "work", although that may slow EAI adoption significantly.  (If I don't think my EAI address'll work, then I'll only give out my ASCII address, then why bother with EAI?)
>
> Partially automated downgrade:
> Personally I don't see much point in partially automated downgrade (folks from Exchange & Outlook agree.)  If my mail to you works, and your replies work, but everything breaks when I send to a DL or newsgroup, then it's almost worse.
>
> Fully automated downgrade:
> Fully automated downgrade would be cool, but we've pretty much proved that it's impossible.  Mostly because pairing the addresses breaks down in several cases, or because the syntax to make the pairing explicit breaks downlevel syntax.
>
> A possible solution:
>
> A while back Mark suggested an solution that's been discussed before and I rejected out of hand.  Either I've had a paradigm shift in my thinking or I misunderstood Mark's earlier suggestion, however there is a way that allows fully automated downgrade without breaking any of the other ASCII address alias or UTF8SMTP behavior.  It also only requires updating the EAI aware servers/clients.  Unaware systems wouldn't see anything different, probably even mailing lists.  Upgrade is even supported.
>
> Mark's suggestion (or my modification of it) is something like this:
>
> * Everyone that wants one gets a Unicode address, and a human friendly ASCII alias (if desired).
> * When people exchange addresses in written form, they can use Unicode if they think the recipient is EAI aware, or they can use the ASCII address.
> * Mail with EAI to EAI and the Unicode address works as spec'd for UTF8SMTP, etc.  No extra fields are sent.
> * When a human or form isn't expecting Unicode, the user shares the human-friendly ASCII alias. Then the ASCII to EAI server behaves as normal.  No extra fields are sent.
> * When an EAI server (or client) hits an EAI unaware system, the message is downgraded.  Addresses are downgraded by using unmapped punycode, which is algorithmic, so it avoids all the address pairing problems.  An EAI aware client app (like Outlook) could then upgrade the punycode if desired.  Before downgrade a message is identical to the existing practice, just with UTF-8, and is non-breaking.  After downgrade, a message is still identical to existing legacy behavior, so there's no breaking.
>
> By using UNMAPPED punycode (raw ACE encoding), servers can control their own mappings (Turkish I or whatever's interesting to them).  Presumably they'd decode back to Unicode, then do their mapping and routing.  The problems that downgrade had with mailing lists is avoided because all addresses could be downgraded at any point.  Additionally a ASCII-only mailbox user doesn't need an EAI aware server to use EAI because their EAI aware client could do the mapping.
>
> To me, the differences between this and previous punycode proposals (maybe I misunderstood them) are:
> a) UTF-8 is preferred, and is the long term form, not punycode.
> b) Human-readable ASCII aliases are a preferred method of exchange on the sticky note or whatnot.  (Nobody's going to exchange a punycode address).
> c) Punycode is only used for fallback, when UTF8STMP or other EAI protocols aren't recognized.
> d) It isn't IDN punycode, but just unmapped Unicode that the server has to decode and map.
>
> The advantages are:
> * Users get a Unicode address.
> * Users still get a human friendly ASCII address as needed.
> * There's a full downgrade capability (with upgrade if desired)
> * Interoperability with legacy systems should be very high.
> * No problems with pairing of the addresses.
> * Works whenever an EAI-aware client/mailbox behave.  Intermediate systems don't impact it, and an EAI aware recipient client can have an EAI experience even if they don’t have an EAI mailbox themselves.
> * Only servers/clients upgraded to EAI need to be touched.  Legacy systems in the middle will still behave.  (I'm told by Exchange that it would take decades to upgrade everything).
> * Mapping still happens by the mailbox server's rules.
> * Algorithmic rules for downgrade mean that downgrade is always possible instead of requiring knowledge of the ASCII alias.
> * Senders can downgrade (if the client is EAI aware) even with only a Unicode recipient address, even if their mail server is a legacy server.
>
> The disadvantages are:
> * Non-EAI aware recipients would receive punycode addresses instead of human friendly ASCII.  This is mitigated by the fact that most clients display the display name.
> * Punycode downgrade requires that EAI aware systems know the punycode mapping.  This is mitigated by reducing the complexity of the other pairing schemes.
> * EAI mailbox servers have to unmap the Punycode to Unicode before doing any mapping to find the mailbox.  (Aliases might work in some cases, but you'd still want case mapping probably).
> * For systems that don't need EAI (eg: many US mail servers) there's reduced incentive to upgrade to be EAI aware since an EAI aware client is sufficient.  This could delay complete adoption.  (It's also an advantage that could speed up early adoption.)
> * Three addresses (Unicode, ASCII, Punycode) instead of 2 (though the Punycode is just an encoded form of the Unicode).
>
> Couple minor comments:
> * As I said, the punycode should be unmapped ACE, not IDN form.
> * To make that clear, I'd pick a different prefix, or some other signature mechanism.  (My fear is that developers would accidentally call the IDN APIs and get inappropriate mappings).
>
> I know we've discussed Punycode before, but I think the difference is that I'm suggesting it as a last-resort case, not as a replacement for UTF8SMTP, nor a replacement for the human friendly ASCII aliases.  
>
> Please note that I am very much against Punycode as a solution for EAI (eg: replacing UTF-8).  By itself as a long-term solution Punycode has huge problems.  I think it has a place a "hack" to solve downgrade though.
>
> If necessary to further discussion I could put this in draft form.
>
> -Shawn
>
>
>
> _______________________________________________
> IMA mailing list
> IMA@...
> https://www.ietf.org/mailman/listinfo/ima
>