Consensus Call Tranche 8 Results
Simon Josefsson
simon at josefsson.org
Wed Nov 5 09:47:55 CET 2008
"Mark Davis" <mark at macchiato.com> writes:
> It is still premature to add eszett and final sigma until we have some
> accompanying text that addresses the security exploit.
> The two possibilities I could think of are:
>
> 1. Change the prefix for xn--
That would work, but it is costly. It is good to keep this option in
the discussion, as a sanity test of the cost-benefits of other options.
I claim that any solution that is more expensive to implement and deploy
than changing the xn-- prefix should be disqualified. Of course, the
difficult part is to assess costs.
> 2. Recommend or require that if the name contains either eszett or final
> sigma, that any DNS lookup by client software has to be done twice: once
> with the original, and once with a second string that has these remapped to
> "ss" and sigma respectively, and is then NFC'ed.
I'd like to see this option explored more in detail wrt stored strings
and compatibility with non-DNS protocols.
/Simon
More information about the Idna-update
mailing list