Comments on draft-ietf-idnabis-defs-10

[Andrew Sullivan]

On Wed, Sep 02, 2009 at 03:38:50AM +1000, Wil Tan wrote:
>     If the input to this procedure appears to be an A-label (i.e., it
>    starts in "xn--"), the lookup application MAY attempt to convert it
>    to a U-label and apply the tests of Section 5.4 and the conversion of
>    Section 5.5 to that form.
> 
> So an application doesn't _have_ to convert it to U-label, and goes ahead to
> lookup the domain name. This would be true of non IDNA-aware applications,
> as well as conforming IDNA2008 applications that chooses the easy way out
> (it just cannot display the label in native form.)

Yep.  This is also true, however, if it makes a DNS resolution attempt
for (say) xn--bobsyeruncle, or anything that, when decoded back to
Unicode, turned out to have some other DISALLOWED character in it.
Generally speaking, it's a bad idea not to validate the labels.  Maybe
that text needs to be more clear?  Perhaps the MAY ought to be a
SHOULD?

> I'm not too worried about that though. IDNA2008 is supposed to work at a
> higher level than DNS, keeping constant the DNS underlying case-insensitive
> property. As long as the resolver library keeps the original
> case-permutations and restores it from the answer as part of the demux step,
> all that case-mutilations only happens on the wire, no?

Exactly right.  Just worth keeping in mind (but off-topic here
anyway).

A

-- 
Andrew Sullivan
ajs at shinkuro.com
Shinkuro, Inc.