IDNA 2008 Question Re: "Confusable" Characters in Domain Names

Shawn Steele Shawn.Steele at
Fri Nov 5 23:58:30 CET 2010

But the "zones" are DNS, and they define the rules for their zones.  There's no way any browser can tell what rules a particular zone is using.


-----Original Message-----
From: idna-update-bounces at [mailto:idna-update-bounces at] On Behalf Of Andrew Sullivan
Sent: Friday, November 05, 2010 2:17 PM
To: idna-update at
Subject: Re: IDNA 2008 Question Re: "Confusable" Characters in Domain Names

On Thu, Nov 04, 2010 at 08:40:47PM +0000, Shawn Steele wrote:

> I’d like to throw in my 2 cents.  Clearly a browser has no clue if the 
> DNS layer is operating under IDNA2003 or IDNA2008 rules

I have no idea what this would me.  The DNS layer is not operating under _either_ IDNA2003 or IDNA2008 rules.  It's operating like it always did: it matches labels, one label at a time, and it matches them exactly, bit for bit.  Moreover, under IDNA of any flavour, it does that under the constraint of the old-fashioned hostname rules (which means, roughly, letters, digits, hyphen or LDH).

> IMO it’s not the client’s responsibility to say whether DNS rules are 
> being followed, but rather the DNS layer’s responsibility to correctly 
> resolve names and provide the appropriate errors when the name isn’t 
> valid.

The rules _are not_ DNS rules, and if that isn't perfectly clear from reading IDNA2008, I have no idea how to make it more so.


Andrew Sullivan
ajs at
Shinkuro, Inc.
Idna-update mailing list
Idna-update at

More information about the Idna-update mailing list