IDN processing-related security considerations for draft-ietf-websec-strict-transport-sec

Frank Ellermann hmdmhdfmhdjmzdtjmzdtzktdkztdjz at gmail.com
Sat Oct 1 01:07:40 CEST 2011


On 30 September 2011 23:47, Andrew Sullivan wrote:

  [RFC 5890 figure 1 and section 2.3.2.5; RFC 5894 section 1.2.2]
>> Otherwise, if you want to find U-labels, take only XN-labels as
>> input for IDNA processing, because anything else cannot be a
>> valid A-label.

> There is actually a perfectly good test of what a valid A-label
> is in the IDNA2008 documents, and it seems to me that rather than
> providing partial advice one ought to just point over there, no?

Dunno.  The proposed text said "not NR-LDH" instead of "R-LDH",
and (apparently) missed many valid LDH labels on the R-LDH side.

The "A-label" descriptions in 589x start with "xn--", and the defined
term for this R-LDH subset and A-label superset is "XN-label".  What
did you have in mind?

-Frank


More information about the Idna-update mailing list