IDNA 2008 Question Re: "Confusable" Characters in Domain Names

Andrew Sullivan ajs at
Sat Nov 6 10:35:21 CET 2010

On Fri, Nov 05, 2010 at 10:58:30PM +0000, Shawn Steele wrote:
> But the "zones" are DNS, and they define the rules for their zones.  There's no way any browser can tell what rules a particular zone is using.

I think you're not making a distinction you may need.

Anyone looking up anything in the DNS can tell what rules everyone
else is using: they're using RFC 1034 and RFC1035 and a larger or
smaller set of subsequent RFCs that refine the way the DNS is used.
Nothing in IDNA, or for that matter the policies encoded in RFC 1123
or in ICANN's various agreements or in the CIRA .ca (or pick your
favourite ccTLD) or the .name registration agreement or the rules
about names or whatever else you like constrains any of
that.  Moreover, if you want to set up and put
ISO-8859-1 labels in the next level down, _that's also_ perfetly
legitimate in the DNS, and will "work" in the sense that someone else
who knows what kind of bitstring you have in that 8859-1 label will be
able to interpret it.  

The distinction you need is that there is no way, in the DNS or,
currently as far as I know, outside of it, to look up the policies for
what code points would be acceptable U-label pieces in a U-label in
that zone.  It might be the case that having such a mechanism would be
good.  But we don't have it right now.  If we think making such a
mechanism (or even just defining conventions for how to publish that
policy) is important, then people should speak up.  The last couple
times I proposed it, the reaction seemed to me that it wasn't
important.  So I never bothered to write it up.


Andrew Sullivan
ajs at
Shinkuro, Inc.

More information about the Idna-update mailing list