Re: [idn] How should labels be encoded?

[David Hopwood <david.hopwood@zetnet.co.uk>]

-----BEGIN PGP SIGNED MESSAGE-----

Dan Oscarsson wrote:
> So now my question is: how should the labels in the DNS protocol
> be encoded?

RFC 2181 forces the answer to that: they are 8-bit clean binary.
They can also be interpreted as text at the edges of DNS, i.e. when
preparing a name to be resolved, and when comparing against a zone
file. (What encoding is used when interpreting them as non-ASCII text
is obviously not decided yet.)

> Which labels are "host names"?

That is defined by the application protocol.

> The SOA record contains one that is an e-mail address.

Since the local part of an email address is internationalizable text,
and is subject to exactly the same compatibility and normalization
considerations as domain names, it should use the same encoding as
domain names, IMHO.

> The SRV record has an owner name that represents a protocol.

The encoding of the protocol name is defined by RFC 2782. Since it is
ASCII ('_' followed by an LDH identifier), it is not affected by ACE
encoding or nameprep. So even though the protocol name is not
internationalizable, it won't matter if something applies ACE and/or
nameprep to it.

This does make clear, however, that it is not correct for a general
purpose resolver interface to reject non-LDH ASCII characters; instead,
it should pass through such characters (if no non-LDH characters are
used in that domain, the query will simply fail).

> Also not every thing which has an IP-address is a "host".

That doesn't matter. Any domain name can map to zero or more IP
addresses. Normally there should be a machine at each address that
satisfies the requirements on hosts (RFCs 1122 & 1123), but if there
isn't, that is no concern of DNS.

> As DNS is more than "host names", how are labels that are not
> "host names" to be encoded when non-ASCII is used?

If the protocol that uses DNS defines the label to be binary, or
some type of identifier that does not need to be internationalized,
its interpretation should stay exactly as it is. If it defines the
label to be internationalizable text, the obvious design decision
would be to use the same encoding as for host names.

> IDNA does not answer this and it does not define which labels
> are "host names" and must be ACE+nameprep encoded.
> It can happen that one application thinks a label in a
> DNS record is a host names, and another application uses it
> as something else (using some other encoding that ACE+nameprep).

I don't see any situation where this would happen in practice,
although I may be missing something. Are there any protocols that
currently allow text DNS labels in some 8-bit encoding other than
ASCII, or labels that are likely to be confused with an ACE encoding?
(SRV and SOA don't pose any problems in this respect. Is there an
exhaustive list of DNS RRs and query types anywhere?)

- -- 
David Hopwood <david.hopwood@zetnet.co.uk>

Home page & PGP public key: http://www.users.zetnet.co.uk/hopwood/
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5  0F 69 8C D4 FA 66 15 01
Nothing in this message is intended to be legally binding. If I revoke a
public key but refuse to specify why, it is because the private key has been
seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBO2cHsjkCAxeYt5gVAQHZsQgAj94X3vDuUHn/fP3mjU1Sm89hptMaJ/1d
/6Adll/i3s/d7z1gFDH81To+ZiGCFUnkGkDWy6ZfERmDpcnPYcGzXHRF8ZlCI3Jh
0pvilWTRmdClOIxBtuNAX10zVt/WgV9yHz8Hik83K8qZ0yTGREwJ+mKI7VKE0qDn
vvuClgYYsdeBVu6uGIRKvIVKcNjwb3GjAo2d057gdzIBlVIq01QNWAtBiWBgp3f1
OS9WuugEBrBBXOKkVWHhPx7lJrqu5Q8b6TZM2iMZ68Lkd1wsbWk3qgTzPWzJ/zGx
ta1NAKXdlHqejlJQ95qsFQb+Ttd3A+kedNu92kyT0V5ZVnBDAfrrPA==
=kMKH
-----END PGP SIGNATURE-----