[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [idn] New draft: draft-ietf-idn-idna
- To: idn@ops.ietf.org
- Subject: Re: [idn] New draft: draft-ietf-idn-idna
- From: William <wil@dready.org>
- Date: Fri, 15 Sep 2000 15:11:21 +0800
- Delivery-date: Fri, 15 Sep 2000 00:08:04 -0700
- Envelope-to: idn-data@psg.com
- Mail-Followup-To: William <wil@dready.org>, idn@ops.ietf.org
- Organization: Dready
- User-Agent: Mutt/1.2i
On Fri, 15 Sep 2000, James Seng wrote:
> > there's another possible security consideration - if RACEs can be used
> > to encode pure-ascii labels then it becomes possible to have an
> > alternate set of DNS records for a particular domain - one of which
> > is keyed by the RACEd name and another of which is keyed by
> > the ASCII name.
>
> That is not possible according to the algorithm for RACE.
>
> However, an interesting variant of the problem which *might* occur with this
> maybe the interaction between nameprep and RACE.
>
> For example, supposing we folding (*) dotless i to Latin i.
>
> Now, given a domain name "*dn.tld" (or idn with a dotless i), should it retain
> as "idn.tld" or "race.tld"?
>
> I see this as an issue for nameprep, not in idna tho.
>
According to the RACE I-D, nameprep must be done before the conversion,
so it would be idn.tld.
So we have a supposedly idn label which, after folding, might clash with a
pure ascii label.
wil.