[TSG-Access-RD] For consideration: Proposal to hash PoC in Public Domain Name Whois

Hollenbeck, Scott shollenbeck at verisign.com
Wed Feb 6 12:18:47 UTC 2019 

> -----Original Message-----
> From: TSG-Access-RD <tsg-access-rd-bounces at icann.org> On Behalf Of
> Hollenbeck, Scott via TSG-Access-RD
> Sent: Tuesday, February 5, 2019 2:07 PM
> To: tsg-access-rd at icann.org
> Subject: [EXTERNAL] Re: [TSG-Access-RD] For consideration: Proposal to hash
> PoC in Public Domain Name Whois
>
> (Trimming recipients)
>
> > -----Original Message-----
> > From: TSG-Access-RD <tsg-access-rd-bounces at icann.org> On Behalf Of
> Ram
> > Mohan
> > Sent: Tuesday, February 5, 2019 1:02 PM
> > To: Adiel Akplogan <adiel.akplogan at icann.org>
> > Cc: MAEMURA Akinori <akinori.maemura at board.icann.org>; tsg-access-
> > rd at icann.org; David Conrad <david.conrad at icann.org>; John Crain
> > <crain at icann.org>
> > Subject: [EXTERNAL] Re: [TSG-Access-RD] For consideration: Proposal to
> > hash PoC in Public Domain Name Whois
> >
> > Dear Akinori, Adiel,
> > The TSG will consider this proposal and will revert to the BTC on the
> > questions posed below in the next few weeks, certainly prior to the
> > Kobe meeting.
>
> Thanks for passing this on, Ram. At first glance I see potential for conflict with
> RFCs 6350/7095 (vCard/jCard)  and  7483 (RDAP responses). For example, the
> proposal suggests that an email address (which is returned as part of a jCard
> structure by RDAP) could be replaced with a hash value. RFC 6350 says this
> about vCard email address values: "Even though the value is free-form UTF-8
> text, it is likely to be interpreted by a Mail User Agent (MUA) as an "addr-
> spec", as defined in [RFC5322]". So, we don't know how downstream
> consumers (such as vCard parsers) of these hash values will deal with them
> when they're expecting structured email addresses, telephone numbers,
> etc.

I just did some very simple testing to see how some vCard generators and consumers deal with hash values that appear in places where a structured value is expected.

http://bvcard.com/vCard-vcf-generator

This tool complains when it doesn't get a syntactically valid email address. It accepts hash values in places where string values (including telephone numbers) are expected.

http://vcardmaker.com/

This tool happily creates a vCard that include hash values, and Microsoft Outlook imports the created vCard without complaint.

End result: mixed bag with more of a tendency to accept syntactically questionable values without error. More testing would need to be done to ensure that there's no harm in including these values in an RDAP response.

Scott

More information about the TSG-Access-RD mailing list