IDNs in TLS and Kerberos
Erik van der Poel
erikv at google.com
Fri Jan 23 15:45:49 CET 2009
On Fri, Jan 23, 2009 at 4:21 AM, Simon Josefsson <simon at josefsson.org> wrote:
> Harald Tveit Alvestrand <harald at alvestrand.no> writes:
>> I haven't seen anyone claiming that they want to register a TLD in
>> Dhivehi or Yiddish (the two BIDI cases where it matters that 2003 is
>> more restrictive than 2008). But there are people arguing for
>> registration of a TLD with a ZWNJ in it.
>
> There seems to be security problems with such a zone, if you consider
> IDN strings in TLS certificates and Kerberos realms etc.
Do the major implementations only accept Punycode in TLS certificates
and Kerberos realms? Or do they also accept UTF-8, ISO-8859-1,
upper-case, etc?
Erik
More information about the Idna-update
mailing list