[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] impacted systems investigation

To: "D. J. Bernstein" <djb@cr.yp.to>, idn@ops.ietf.org
Subject: Re: [idn] impacted systems investigation
From: "Allen Smith" <easmith@beatrice.rutgers.edu>
Date: Thu, 22 Mar 2001 23:11:52 -0500
Delivery-date: Thu, 22 Mar 2001 20:13:11 -0800
Envelope-to: idn-data@psg.com

On Mar 12,  3:54am, D. J. Bernstein wrote:
> Mark Andrews, from the BIND company, writes:
> > UTF8 does not require a server upgrade
> 
> Right. But Patrik and Paul claim the opposite. This claim is, in fact,
> the centerpiece of the IDNA ``design philosophy.''
> 
> > gethostbyname() and gethostbyaddr() are clients of the DNS
> > and as such are not covered by RFC 2181.
> 
> RFC 2181 says that character-set restrictions are forbidden in all
> ``implementations of the DNS protocols.'' It doesn't matter whether the
> implementations are clients, caches, or servers.

Umm... "Clients of the DNS can impose whatever restrictions are
appropriate to their circumstances on the values they use as keys for
DNS lookup requests, and on the values returned by the DNS". Moreover, 
RFC 2181 specifically states that it is not considering security; I
therefore would argue that if one is to be concerned with security, if 
there is a contradition between RFC 2181 and security concerns,
security concerns override.

	-Allen

-- 
Allen Smith				easmith@beatrice.rutgers.edu

Prev by Date: Re: [idn] impacted systems investigation
Next by Date: Re: [idn] impacted systems investigation
Prev by thread: Re: [idn] impacted systems investigation
Next by thread: Re: [idn] impacted systems investigation
Index(es):
- Date
- Thread