Comments on draft-ietf-idnabis-defs-10

Andrew Sullivan ajs at shinkuro.com
Tue Sep 1 17:05:41 CEST 2009


On Wed, Sep 02, 2009 at 12:45:05AM +1000, Wil Tan wrote:
> 2. If A-labels are not allowed to have uppercase ASCII characters, why do we
> define case-insensitive comparison for them? An invalid A-label should not
> be equivalent to a valid one. It should be as Paul suggested, i.e.
> "case-preserving" (why not just "case-sensitive" as it's more
> straightforward?)

This one's easy: we're stuck with what DNS does.  A-labels are all LDH
labels, and LDH labels compare for equivalence according to the
case-insensitive matching rules defined as part of DNS (see STD13).
Attempting to invent special rules for A-label matching will have the
bizarre result that an IDNA-aware application will not match two
"identical" DNS labels, even though an IDNA-oblivious application will
match them.

> 3. We are "violating" (may be too strong a term, "contradicting" perhaps)
> the underlying assumptions that DNS labels are case insensitive. There are
> lots of deployed software that relies on that assumption. Domain names are
> often presented (and perhaps stored) in uppercase by some registries in
> Whois and EPP. I'm also worried about potential security issues that may
> arise if the case insensitivity property is not preserved.

Well, we haven't violated that, precisely because no valid A-label
has, at least, an ASCII capital letter that will remain in the
translation back to a U-label.  But the upper-cased version (or any
mixed-case version) of the same A-label will still be DNS equivalent.
It just won't be an A-label, it seems.

A

-- 
Andrew Sullivan
ajs at shinkuro.com
Shinkuro, Inc.


More information about the Idna-update mailing list