wrt IDNA2003->IDNA2008 transitionn (was: IDN processing-related, security considerations for draft-ietf-websec-strict-transport-sec)

=JeffH Jeff.Hodges at KingsMountain.com
Thu Oct 6 06:40:35 CEST 2011

Adam Barth said:
 > On Fri, Sep 30, 2011 at 1:02 PM, =JeffH <Jeff.Hodges at kingsmountain.com> wrote:
 >> Adam Barth <ietf at adambarth.com> said:
 >>> More concretely, I can tell you that Chrome plans to continue to
 >>> implement IDNA2003 for the foreseeable future.
 >> Does that mean just Chrome itself, or Webkit as a whole (and thus having
 >> implications for all webkit-based browsers) ?
 > Different WebKit ports can make different choices in this regard.
 > However, I don't know of any major ports choosing anything other than
 > IDNA2003.

So I'm wondering how well this is going to work out if the DNS registry & 
registrar world migrates to IDNA2008 per se (i.e. with or without RFC5895, but 
without UTS#46) ?

If I understand correctly, one example issue is:

   If some DNS registries do not allow Esszet and Final Sigma (Latin
   small letter sharp S and Greek small final sigma) to be registered,
   and if some applications that use DNS are applying IDNA2003, then some
   lookups will make it appear that, for example, Esszet HAS been registered
   because of the conversion to "ss" (assuming a target using the "ss"
   form actually exists). And of course, the bit about having a target
   actually exist could be conveniently arranged by phishers.

What are other potential impedance-mismatch issues that might arise that folks 
might be aware of?

Thus I'm curious about what the momentum is like for ccTLDs and gTLDs to 
support IDNA and which version thereof ( IDNA2008, IDNA2008 + RFC5895, IDNA2008 
+ UTS46, or IDNA2003) ?

And also which IETF lists might such momentum be discussed on? I don't really 
see anything pertinent on dnsop at ietf.org in the last year except for specific 
discussion of draft-liman-tld-names.



More information about the Idna-update mailing list