[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] UTF-8 / RACE

Hi Dan,

Let me take a stab at some of the comments you have at
http://cr.yp.to/proto/idn.html
Making it work. apache needs to be upgraded. Domain names in
configuration files need to be converted from possibly bad to good, and
from UTF-8 to 7-bit. 7-bit domain names need to be converted to UTF-8
for logs.

Question: Why would apache needs to be upgraded if ACE+Nameprep been
used? The administrator should already have the ACE for his domain and
that could goes directly into the config file. [1]

fetchmail needs to be upgraded. Domain names embedded in POP usernames
need to be converted from possibly bad to good, and from UTF-8 to 7-bit.

Question: Why is this so? See reason [1].

gethostbyname needs to be upgraded. The input domain name needs to be
converted from possibly bad to good, and from UTF-8 to 7-bit, before it
is sent as a DNS query. The output domain names in h_name and h_aliases
need to be converted from 7-bit to UTF-8.

Question: Why would gethostbyname needs to be upgrade? The specification
in IDNA is quite clear that it does not do anything to gethostbyname.
Thus, if you *do* change gethostbyname, you are violating IDNA, no?

lynx needs to be upgraded. Domain names in configuration files need to
be converted from possibly bad to good, and from UTF-8 to 7-bit. 7-bit
domain names need to be converted to UTF-8 for internationalized URL
displays.

Question: Why is this so? See reason [1].

mutt needs to be upgraded. 7-bit domain names need to be converted to
UTF-8 when messages are displayed. UTF-8 needs to be spaced properly.
Addresses in configuration files need to be converted from possibly bad
to good, and from UTF-8 to 7-bit.

Agree.

named needs to be upgraded. Domain names in configuration files such as
/etc/named.boot need to be converted from possibly bad to good, and from
UTF-8 to 7-bit. 7-bit domain names in queries need to be converted to
UTF-8 for logs.

Question: Why is this so? See reason [1].

netscape needs to be upgraded. 7-bit domain names need to be displayed
as Unicode glyphs. Domain names in configuration files need to be
converted from possibly bad to good, and from UTF-8 to 7-bit.

Agree. That is what IDNA is suppose to do. But in realty, actually it is
much more complex since browser actually works with URL at the UI level,
not just domain names.

pine needs to be upgraded. 7-bit domain names need to be converted to
UTF-8 when messages are displayed. UTF-8 needs to be spaced properly.
Addresses in configuration files need to be converted from possibly bad
to good, and from UTF-8 to 7-bit.

Agree. That is what you mean by IDNA.

publicfile needs to be upgraded. Domain names in the /public/file
directory need to be converted from possibly bad to good, and from UTF-8
to 7-bit. 7-bit domain names need to be converted to UTF-8 for logs.

Question: Why is this so? See reason [1].

qmail-send needs to be upgraded. Domain names in configuration files
such as /var/qmail/control/virtualdomains need to be converted from
possibly bad to good, and from UTF-8 to 7-bit. 7-bit domain names need
to be converted to UTF-8 for logs.

Question: Why is this so? See reason [1].

sendmail needs to be upgraded. Domain names in configuration files such
as /etc/sendmail.cw need to be converted from possibly bad to good, and
from UTF-8 to 7-bit. 7-bit domain names need to be converted to UTF-8
for logs.

Question: Why is this so? See reason [1].

sshd needs to be upgraded. Domain names in configuration files such as
/etc/shosts.equiv need to be converted from possibly bad to good, and
from UTF-8 to 7-bit. 7-bit domain names need to be converted to UTF-8
for logs.

Question: Why is this so? See reason [1].

tcpclient needs to be upgraded. The input domain name needs to be
converted from possibly bad to good, and from UTF-8 to 7-bit, before it
is sent as a DNS query.

Question: Why is this so? See reason [1].

tcprules needs to be upgraded. Domain names in configuration files need
to be converted from possibly bad to good, and from UTF-8 to 7-bit.
7-bit domain names need to be converted to UTF-8 for logs.

Question: Why is this so? See reason [1].

tinydns needs to be upgraded. Domain names in configuration files such
as /service/tinydns/root/data need to be converted from possibly bad to
good, and from UTF-8 to 7-bit. 7-bit domain names in queries need to be
converted to UTF-8 for logs.

Question: Why is this so? See reason [1].

w3m needs to be upgraded. Domain names in configuration files need to be
converted from possibly bad to good, and from UTF-8 to 7-bit. 7-bit
domain names need to be converted to UTF-8 for internationalized URL
displays.

Question: Why is this so? See reason [1].

-James Seng

----- Original Message -----
From: "D. J. Bernstein" <djb@cr.yp.to>
To: <idn@ops.ietf.org>
Sent: Monday, May 28, 2001 12:59 AM
Subject: Re: [idn] UTF-8 / RACE


> Patrik writes:
>   [ about 8-bit bytes ]
> > software which is not upgraded destroy the data
>
> False. For example, qmail and tinydns handle 8-bit data without
trouble.
> In message <20010105075541.26564.qmail@cr.yp.to> I gave a complete
> example of setting up a UTF-8 IDN and sending mail to it, with no
> software upgrades. The UTF-8 IDN was displayed properly by xterm.
>
> In contrast, ACE guarantees that the data is unreadable for users of
> today's non-ACE software. When you claim that an ACE IDN is
transmitted
> perfectly, you are ignoring the final step: getting the IDN into the
> user's head!
>
> Yes, there are a few pieces of software that have to be upgraded and
> redeployed to make UTF-8 IDNs work. But there are many more pieces of
> software that have to be upgraded and redeployed to make ACE IDNs
work.
> See http://cr.yp.to/proto/idn.html for details.
>
> ---Dan
>