Last Call Review of draft-klensin-idna-rfc5891bis-07
review-klensin-idna-rfc5891bis-07-dnsdir-lc-rose-2024-10-16-00

Ready with nits/comment

The draft itself does not directly deal with the DNS protocol but does discuss
the DNS as it relates to IDNA. Overall the draft may seem confusing at times to
readers unfamiliar with IDNA, this doesn't necessarily need to be fixed, as it
is assumed the intended audience understands the current state of IDNA in the
IETF and in use with the DNS.

The sections that update RFC 5890 and 5891 are clear and provide enough
information to understand the changes.

One part that seems confusing: in Section 4, paragraph 6, there is a sentence:

   "IDNA (and IDNs generally) would work better and
   Internet users would be better protected and more secure if
   registries and registrars (of any type) confined their registrations
   to scripts and code point sequences that they understood thoroughly."

Not sure who the "they" are in this sentence: the registry/registrars, or
Internet users? I assume it is the former, but a case could be made for the
latter - registry/registrars should confine registrations to to scripts and
code points that their primary user base understood. If that is possible.
Either way, this is a recommendation and not a protocol requirement so the
wording does not need to be changed.

Some of the recommendations may feel out of scope for the IETF and more in the
realm of ICANN, but the logic in the draft primarily focuses on the technical
(domain names/labels that use scripts that may appear confusing or used for
malicious purposes should be prevented as a security policy). This draft has no
issues from a DNS protocol perspective however.

There is also a forward reference, is that known to be the title of the
reference?  If not, does it need to be included?

Scott