01:49:19 RRSAgent has joined #itld 01:49:19 logging to http://www.w3.org/2015/10/28-itld-irc 01:49:43 so, we have an issue that new TLDs are being introduced that are right-to-left 01:49:43 if the last label in the host-name and the first part of the path are RTL, they get visually mixed 01:49:44 RTL readers expect this, but it confuses everyone else (if you get a URL in an email) 01:49:45 Josh: maybe we can leverage what we learn fron certs e.g. the country of origin 01:50:37 the country name is visible for EV cert https://usercontent.irccloud-cdn.com/file/1lz68mcV/paypal%20ev.png 01:51:16 (it's not necessarily a country, it's a legal jurisdiction) 01:53:06 (this only helps after you’ve visited, and people need to be able to work out whether they SHOULD visit beforehand) 01:54:06 CAs should not sign a cert. that uses a script which cannot reasonably be expected to be readable in the cited jurisdiction 01:54:35 anne: but thsi relies on EV certs which are problematic. they make it harder to do things securely 01:54:58 unfortunately, LetsEncrypt should be able to issue certs for all domains 01:55:41 Josh: Maybe we can signal a language somewhere? 01:58:21 Josh: the hope that you can have users read URLs and be able to judge whether they are probably OK or probably not is almost an empty hope 02:02:15 dave: then there is the ‘visual cross-over’ problem; numerals get to cross over separators and this confuses everyone 02:04:18 we need to present structured text with BIDI-isolates around the structure markers (and LTR embedding around the whole thing) 02:06:42 note that we typically don’t display scheme names (except some banks tell their users to look for ‘https’) 02:08:15 jeff: basically structured text is an object and we have got in the habit of presenting it as text, and maybe that’s a mistake 02:10:11 https://usercontent.irccloud-cdn.com/file/Jbwl1UlB/OS%20X%20hierarchy%20view%20of%20a%20path.png 02:10:20 adrian: you could write an algorithm that inserted the right over-rides and isolates 02:12:47 adrian: and note that the slash is a convention, not part of the spec. at all (and the “?” is only weakly so as well) 02:13:21 josh: we’ll probably have to say that the ‘usual’ structure separator is “/“ (has the advantage of being true) 02:14:14 note that Microsoft uses the opposite slash 02:14:28 (Bartek saith) 02:15:23 Anne: “/“ is special (think of ../.. etc. handling) 02:18:04 Josh: are double-width slash (and other potentially confusing characters) allowed in host-names? 02:18:26 k_ has joined #itld 02:19:04 adrianba has joined #itld 02:19:16 ／ 02:20:37 dave: posted my initial anxiety attack to public-iri yesterday https://lists.w3.org/Archives/Public/public-iri/2015Oct/0000.html 02:23:34 (it has many mistakes in it) 02:23:45 anne: overrides are not disallowed in a path 02:23:51 josh: should they be? 02:24:33 anne: but typically (always?) we encode control characters 02:25:19 adrian: is there ever a requirement that we actually don’t encode them for rendering, but let them have an effect? 02:33:57 dave: there is a question of course as to whether we’re ‘internationalizing’ the internet the ‘right way’ by introducing new domains in other scripts 02:34:34 rrsagent, pointer? 02:34:34 See http://www.w3.org/2015/10/28-itld-irc#T02-34-34 02:35:06 rrsagent, make logs public 02:35:58 josh: the only way for people to validate e.g. email addresses is to build a trust web (whether or not you can read the string) 02:37:04 josh: we need better messaging around this 02:41:02 dave: the problem spans w3c, unicode, ietf and probably some icann; it’s ugly, but we could each pick off a bit of it 02:42:05 jeff: note that MTAs already have some ‘drop it’ behavior (e.g. DKIM mismatches on mailing purporting to come from gmail) 02:42:34 jeff: sometimes policy changes are easier and/or better than trying to re-write specs to change the rules (which gets resistance) 02:43:27 jeff: the dmarc spec has feedback provisions in it 02:44:06 https://url.spec.whatwg.org/#url-rendering 02:44:08 present+ Josh_Soref 02:44:16 present+ Adrian_Bateman 02:44:25 present+ Bartek_Kozlowski 02:44:35 present+ Dave_Singer 02:44:39 anne: the latest URL spec. has a section on rendering; we could revisit, but we need some commitment from browsers that they’ll do it 02:44:47 present+ Jeff_Hodges 02:44:57 RRSAgent, draft minutes 02:44:57 I have made the request to generate http://www.w3.org/2015/10/28-itld-minutes.html timeless 02:46:07 RRSAgent, make logs world 02:46:11 RRSAgent, draft minutes 02:46:11 I have made the request to generate http://www.w3.org/2015/10/28-itld-minutes.html timeless 02:46:25 some sense in the room that another look at this is worthwhile 02:49:55 but do we want best practices in the URL spec or should it be a more general document on structured text (paths, mail addresses, hostnames, URLs, URNs etc.)? 02:50:25 (side conversation on the selection problem) 02:51:11 RRSAgent, pointer 02:51:11 See http://www.w3.org/2015/10/28-itld-irc#T02-51-11 02:53:34 RRSAgent, draft minutes 02:53:34 I have made the request to generate http://www.w3.org/2015/10/28-itld-minutes.html timeless 02:57:54 chair: dsinger 02:58:53 meeting: iTLDs & presentation of them 02:59:02 RRSAgent, draft minutes 02:59:02 I have made the request to generate http://www.w3.org/2015/10/28-itld-minutes.html timeless 04:29:13 dsinger has joined #itld 04:29:50 dsinger has left #itld 04:58:53 adrianba has left #itld