Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-MAIL ADDRESS INTERNATIONALIZATION ( EAI ) ICANN-55 Mar 06, 2016 TF-AIDN Member 35+ Min : 10- Min ( Q & A )

Similar presentations


Presentation on theme: "E-MAIL ADDRESS INTERNATIONALIZATION ( EAI ) ICANN-55 Mar 06, 2016 TF-AIDN Member 35+ Min : 10- Min ( Q & A )"— Presentation transcript:

1 E-MAIL ADDRESS INTERNATIONALIZATION ( EAI ) ICANN-55 Mar 06, 2016 TF-AIDN Member 35+ Min : 10- Min ( Q & A )

2 AGENDA Introduction “ Some Statistics ” Why EAI ? E-Mail Components & EAI User Expectation & Perception Arabic Email Addresses (. مصر ) Security Considerations EAI Challenges References Questions

3 INTRODUCTION ( STATISTICS ) How Many Emails Do We Exchange Daily ?  201.4+ Billion Emails Sent/Received Per Day Worldwide  8.3+ Billion Emails Sent/Received Per Hour Worldwide 4.9 Billion Email Accounts Expected Worldwide By 2017 Source :- http://www.radicati.com/

4 INTRODUCTION ( STATISTICS ) Only 26% of Internet users use English on the Internet. Source :- http://www.internetworldstats.com/

5 E-Mail is the most popular used application Worldwide. Number of E-Mail accounts still increasing. Non-English users more than English users

6 What about using your own local language for your E-Mail account ?

7 Local-part @ domain-part Internationalizing only the domain name part of the email address is not enough

8 EAI Internationalizing the domain part and the local part

9 WHY EAI ? It is natural to use your native language to access your email. Help in bringing the Internet and its useful services to the world's non-English-speaking communities. IDN e-mail allows people to use almost any language in their e-mail address. Keep your online identity through using your own language. Preserve my local cultural and traditional heritage. Easier to remember and to communicate with other online users speaking the same language. Consistent environment through local content, internationalized domain names, and internationalized email address.

10 EMAIL USER TYPES An “ ASCII user “  Email addresses contain ASCII characters only.  Cannot generate recipient addresses that contain non-ASCII characters. An “ international email user “  One or more non-ASCII email addresses.  Can generate recipient addresses that contain non-ASCII characters.

11 Arabic E-Mail Addresses اسم @ اختبار - سجل. مصر

12 E-Mail components and EAI

13

14 Email client should be able to handle IDN email Email client should inform SMTP server that IDN email address is used Allow sizes greater than 512 characters “ FROM | RCPT TO “ Permit UTF-8 E- mail addressing and delivery ALL MX mail servers should all support EAI

15 What is the difference between SMTP and ESMTP ?

16

17 Only sender should be aware of EAI E-Mail address !!! Only sender SMTP should be aware of EAI E- Mail address !!!

18 All SMTP servers and E-Mail clients should be EAI-aware to preserve consistency through the Internet

19 We need to build a fully internationalized email environment, focusing on efficient communication among those who share a language and writing system.

20 Changes to the mail header environment to accommodate header fields that are appropriately internationalized to utilize the full range of Unicode characters. SMTP extension changes to permit UTF-8 mail addressing and delivery for internationalized header fields. Internationalization of delivery and service notifications.

21 SMTP Extension for Internationalized Email RFC 6531

22 SMTPUTF8-aware SMTP server requires that 8BITMIME be announced and used by SMTPUTF8-aware SMTP client. The EHLO keyword value associated with this extension is “SMTPUTF8” If the envelope or message being sent requires the capabilities of the SMTPUTF8 extension, the SMTPUTF8-aware SMTP client MUST supply the SMTPUTF8 parameter with the MAIL command. If the SMTPUTF8-aware SMTP client is aware that neither the envelope nor the message being sent requires any of the SMTPUTF8 extension capabilities, it SHOULD NOT supply the SMTPUTF8 parameter with the MAIL command. The maximum length of mail command is increased by 10 characters to accommodate SMTPUTF8 parameter.

23 Servers offering SMTPUTF8 extension must provide support for, and announce, the 8BITMIME extension. When doing lookups, the SMTPUTF8-aware SMTP client or server must either use a Unicode-aware DNS library, or transform the internationalized domain name into A-label form. If SMTP client receives SMTPUTF8 extension in response to the EHLO command, may transmit internationalized email address in UTF-8 form. If the SMTPUTF8 SMTP extension is not offered by the SMTP server, the SMTPUTF8-aware SMTP client must not transmit a mail message containing internationalized email header.

24 The SMTPUTF8-aware SMTP servers are encouraged to detect that recipients can not accept internationalized messages and generate an error after the RCPT command rather than waiting until after the data command to issue an error. When an SMTP connection is opened, the SMTP server sends a "greeting“ response consisting of the 220 reply-code and some information. The SMTP client then sends the EHLO command. Since the SMTP client cannot know whether the SMTP server supports SMTPUTF8 until after it receives the response to the EHLO, the SMTPUTF8- aware SMTP client MUST send only ASCII (LDH label or A-label [RFC5890]) domains in the EHLO command. If the SMTPUTF8-aware SMTP server provides domain names in the EHLO response, they MUST be in the form of LDH labels or A-labels.

25 If multiple DNS MX records are used to specify multiple servers for a domain (as described in Section 5 of RFC 5321 [RFC5321]), it is strongly advised that all or none of them SHOULD support the SMTPUTF8 extension.

26 Users Expectations & Perceptions

27 I expect to see my mailbox and domain names in local characters and to see them consistently اسم @ اختبار - سجل. مصر اسم @ اختبار - سجل. مصر 0% of the world’s most popular websites allow IDN email addresses as user accounts 0% of the world’s most popular websites allow IDN email addresses as user accounts Poor Awareness about email accounts in local language Limited number of IDN domain names

28 IDN Support From Major Mail Providers

29

30

31

32 Security Consideration IETF Overview and Framework for Internationalized Email ( RFC 6530 ) IETF SMTP Extension for Internationalized Email ( RFC 6531 ) IETF Internationalized Email Headers ( RFC 6532 )

33 EAI framework security considerations SMTP security considerations Header security considerations DSN security considerations

34 Changes to fully support internationalized email addresses include SMTP extension, email header to accommodate UTF-8 data. Internationalized domain names alone have a little value without the identifiers that have to be internationalized like local-part of the email address. Important notes about Overview and Framework for internationalized email “RFC 6531”

35 EAI FRAMEWORK SECURITY CONSIDERATIONS IDN-spoofing or IDN-homograph attacks محمدى @ اختبار - سجل. مصر محمدي @ اختبار - سجل. مصر Confusable characters Attacking messages and encoding layers.

36 SMTP extension for transport and delivery of email message with internationalized email address or header information. Servers offering this extension must provide support for, and announce, the 8BITMIME extension. Important notes about SMTP Extension for internationalized email “RFC 6531” SMTPUTF8 presence asserts that the envelope includes the non- ASCII address, the message being sent is an internationalized message or needs the SMTPUTF8 support Maximum length of a Mail command line is increased by 10 characters to accommodate the possible addition of the SMTPUTF8 parameter.

37 Permits the use of UTF-8 in email addresses in both local and domain parts. Permits the use of UTF-8 in email message headers. Important notes about SMTP Extension specifications UTF-8 SMTP server should advertise the 8BITMIME extension and client support 8-bit transmission.

38 SMTP SECURITY CONSIDERATIONS Logging systems and trouble tickets systems should support full UTF8 Security team members’ ability to quickly understand, read, and identify email addresses from the logs, when they are tracking an incident.

39 IMPORTANT NOTES ABOUT INTERNATIONALIZED EMAIL HEADER “RFC 6532” Many E-mail clients now support MIME, but MIME affects only email messages. HEADER SECURITY CONSIDERATIONS Overflow buffers, truncate addresses, or exceed storage allotments

40 EAI CHALLENGES

41 Because there is no guarantee that a next-hop SMTP server will support the SMTPUTF8 extension, use of the SMTPUTF8 extension always carries a risk of transmission failure. Low adoption of IDNs, but there is a recognition of its benefits Users expect domain names in ASCII not IDN names, so EAI ? Low to moderate awareness of IDNs Not all email clients are compatible with fully IDN email addresses. Not all email servers support EAI EAI Challenges

42 IETF Overview and Framework for Internationalized Email ( RFC 6530 ) IETF Overview and Framework for Internationalized Email IETF SMTP Extension for Internationalized Email ( RFC 6531 ) IETF SMTP Extension for Internationalized Email IETF Internationalized Email Headers ( RFC 6532 ) IETF Internationalized Email Headers IETF Internationalized Delivery Status and Disposition Notifications ( RFC 6533 ) IETF Internationalized Delivery Status and Disposition Notifications References

43


Download ppt "E-MAIL ADDRESS INTERNATIONALIZATION ( EAI ) ICANN-55 Mar 06, 2016 TF-AIDN Member 35+ Min : 10- Min ( Q & A )"

Similar presentations


Ads by Google