Lookup for reserved LDH labels
simon at josefsson.org
Wed Nov 7 09:51:05 CET 2012
Marcos Sanz <sanz at denic.de> writes:
> Thus, the protocol should never fail on lookup for "ad--acta.de". Is that
I believe the intention is that it should fail, however the lookup
specification has an issue here.
The problem is that any implementation that takes an all-ASCII string
(like "foo" or "ad-acta") and follows the steps in section 5 of RFC 5891
will (if the string is permitted for lookup) end up in a punycode
encoded string. For example, the input "foo" will be converted into
To avoid this problem, I suspect implementers typically check whether
the input is all ascii before proceeding with the section 5 stuff. This
has a side effect that your string will be permitted.
One way to resolve this is to modify section 5.5 in RFC 5892 like this:
The string that has now been validated for lookup is converted to ACE
form by applying the Punycode algorithm to the string and then adding
the ACE prefix ("xn--").
Any string that has now been validated for lookup and contains
Unicode code points is converted to ACE form by applying the Punycode
algorithm to the string and then adding the ACE prefix ("xn--").
Strings containing only ASCII characters MUST NOT be Punycode
More information about the Idna-update