IDNA 2008 Question Re: "Confusable" Characters in Domain Names

Andrew Sullivan ajs at
Fri Nov 5 22:17:11 CET 2010

On Thu, Nov 04, 2010 at 08:40:47PM +0000, Shawn Steele wrote:

> I’d like to throw in my 2 cents.  Clearly a browser has no clue if
> the DNS layer is operating under IDNA2003 or IDNA2008 rules

I have no idea what this would me.  The DNS layer is not operating
under _either_ IDNA2003 or IDNA2008 rules.  It's operating like it
always did: it matches labels, one label at a time, and it matches
them exactly, bit for bit.  Moreover, under IDNA of any flavour, it
does that under the constraint of the old-fashioned hostname rules
(which means, roughly, letters, digits, hyphen or LDH).

> IMO it’s not the client’s responsibility to say whether DNS rules
> are being followed, but rather the DNS layer’s responsibility to
> correctly resolve names and provide the appropriate errors when the
> name isn’t valid.

The rules _are not_ DNS rules, and if that isn't perfectly clear from
reading IDNA2008, I have no idea how to make it more so.


Andrew Sullivan
ajs at
Shinkuro, Inc.

More information about the Idna-update mailing list