the rule is in the definitions.<div><br></div><div>the string is valid for non-IDN aware programs but under IDNA, all strings with "--" in positions 3,4 are reserved.</div><div><br></div><div>v</div><div><br><br>
<div class="gmail_quote">On Wed, Mar 9, 2011 at 1:08 PM, Simon Josefsson <span dir="ltr"><<a href="mailto:simon@josefsson.org">simon@josefsson.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><div></div><div class="h5">Andrew Sullivan <<a href="mailto:ajs@shinkuro.com">ajs@shinkuro.com</a>> writes:<br>
<br>
> On Wed, Mar 09, 2011 at 06:13:57PM +0100, Simon Josefsson wrote:<br>
>> Andrew Sullivan <<a href="mailto:ajs@shinkuro.com">ajs@shinkuro.com</a>> writes:<br>
>><br>
>> > On Wed, Mar 09, 2011 at 05:36:10PM +0100, Simon Josefsson wrote:<br>
>> >> To verify my understanding: the label "ab--cd" is permitted by IDNA2008<br>
>> >> despite it having "--" in the third and fourth characater positions?<br>
>> >> That would be because section 5.4 only applies to non-ascii labels.<br>
>> ><br>
>> > No. See section 2.3.1 of RFC 5890.<br>
>><br>
>> I don't see any MUST/SHOULD language there. RFC 5891 says:<br>
>><br>
>> Putative U-labels with any of the<br>
>> following characteristics MUST be rejected prior to DNS lookup:<br>
>> ...<br>
>> o Labels containing "--" (two consecutive hyphens) in the third and<br>
>> fourth character positions.<br>
>><br>
>> Is "ab--cd" a putative U-label?<br>
><br>
> Certainly not. It has no high bits. But,<br>
><br>
> To facilitate clear description, two new subsets of LDH labels are<br>
> created by the introduction of IDNA. These are called Reserved LDH<br>
> labels (R-LDH labels) and Non-Reserved LDH labels (NR-LDH labels).<br>
> Reserved LDH labels, known as "tagged domain names" in some other<br>
> contexts, have the property that they contain "--" in the third and<br>
> fourth characters but which otherwise conform to LDH label rules.<br>
> Only a subset of the R-LDH labels can be used in IDNA-aware<br>
> applications. That subset consists of the class of labels that begin<br>
> with the prefix "xn--" (case independent), but otherwise conform to<br>
> the rules for LDH labels. That subset is called "XN-labels" in this<br>
> set of documents. XN-labels are further divided into those whose<br>
> remaining characters (after the "xn--") are valid output of the<br>
> Punycode algorithm [RFC3492] and those that are not (see below). The<br>
> XN-labels that are valid Punycode output are known as "A-labels" if<br>
> they also meet the other criteria for IDNA-validity described below.<br>
> Because LDH labels (and, indeed, any DNS label) must not be more than<br>
> 63 octets in length, the portion of an XN-label derived from the<br>
> Punycode algorithm is limited to no more than 59 ASCII characters.<br>
> Non-Reserved LDH labels are the set of valid LDH labels that do not<br>
> have "--" in the third and fourth positions.<br>
><br>
> So, according to the above, NR-LDH labels never have -- in position 3<br>
> and 4. So ab--cd must be an R-LDH label.<br>
><br>
> Of the R-LDH labels, only XN-labels are possibly A-labels.<br>
><br>
> Only A-labels and U-labels are allowed under IDNA2008 (or NR-LDH<br>
> labels, but those aren't actually subject to IDNA2008 of course).<br>
><br>
> This is illustrated in Figure 1 in RFC 5890, although only fans of<br>
> Venn diagrams (of which I am one) will find it helpful.<br>
<br>
</div></div>I don't see any of this reflected in RFC 5891. As far as I can tell,<br>
"ab--cd" is permitted since there is no rule to forbid it.<br>
<br>
Is a new rule needed to forbid "ab--cd" in RFC 5891 or is there an error<br>
in the existing "--" rule for U-labels, or something else?<br>
<font color="#888888"><br>
/Simon<br>
</font><div><div></div><div class="h5">_______________________________________________<br>
Idna-update mailing list<br>
<a href="mailto:Idna-update@alvestrand.no">Idna-update@alvestrand.no</a><br>
<a href="http://www.alvestrand.no/mailman/listinfo/idna-update" target="_blank">http://www.alvestrand.no/mailman/listinfo/idna-update</a><br>
</div></div></blockquote></div><br></div>