[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] comments on IDNA-04

To: IETF idn working group <idn@ops.ietf.org>
Subject: Re: [idn] comments on IDNA-04
From: "Adam M. Costello" <idn.amc+0@nicemice.net.RemoveThisWord>
Date: Wed, 21 Nov 2001 01:50:26 +0000
In-Reply-To: <3BFB056A.EE961FBA@ehsco.com>
References: <022e01c1718d$4c0dba20$a4615ed3@jamessonyvaio> <3BFA3816.3063B762@zetnet.co.uk> <01c401c171e8$27c7c740$0201000a@jamessonyvaio> <3BFAB7EC.5D48C61F@zetnet.co.uk> <20011121004858.B880@nicemice.net> <3BFB056A.EE961FBA@ehsco.com>
Reply-To: IETF idn working group <idn@ops.ietf.org>
User-Agent: Mutt/1.3.23i

"Eric A. Hall" <ehall@ehsco.com> wrote:

> > The simplest fully-precise definition is:  An ACE label is a label
> > that gets altered when ToUnicode is applied to it.
>
> In terms of the specific context of domain names embedded in data
> streams, wouldn't the simplest definition be: any label that begins
> with the ACE prefix?

Sorry, I meant the simplest definition consistent with the usage in
the IDNA draft.  Your proposed definition is simpler, but it defines
a different concept from the one the IDNA draft is trying to define.
I wanted a term for non-WYSIWYG label, that is, a label that doesn't
directly say what it means, and is therefore displayed differently in
IDNA-aware applications versus IDN-unaware applications.  Obviously, the
definition "label that gets altered by ToUnicode" corresponds exactly to
this concept.

> The problem scenario is having an app decode and display the name, but
> where DNS does not.  This allows for a hostile party to provide a link
> to www.zz--amazon.com which decodes for display as www.amazon.com on
> the compliant browser, but where DNS is sending the victim party to
> www.zz--amazon.com.

I don't think there is a problem.  The ToUnicode operation will never
return an all-ASCII label that differs from the input.  If the input
is zz--amazon then the result cannot be amazon, because amazon is
all-ASCII.  ToUnicode never alters invalid ACE labels.  If zz--amazon
is an invalid ACE label, then ToUnicode will leave it unchanged, and
therefore the IDNA-compliant application will display it as zz--amazon.

AMC

Follow-Ups:
- Re: [idn] comments on IDNA-04
  - From: "Eric A. Hall" <ehall@ehsco.com>

References:
- [idn] comments on IDNA-04
  - From: "James Seng/Personal" <jseng@pobox.org.sg>
- Re: [idn] comments on IDNA-04
  - From: David Hopwood <david.hopwood@zetnet.co.uk>
- Re: [idn] comments on IDNA-04
  - From: "James Seng/Personal" <jseng@pobox.org.sg>
- Re: [idn] comments on IDNA-04
  - From: David Hopwood <david.hopwood@zetnet.co.uk>
- Re: [idn] comments on IDNA-04
  - From: "Adam M. Costello" <idn.amc+0@nicemice.net.RemoveThisWord>
- Re: [idn] comments on IDNA-04
  - From: "Eric A. Hall" <ehall@ehsco.com>

Prev by Date: Re: [idn] comments on IDNA-04
Next by Date: Re: [idn] hostname history hell
Prev by thread: Re: [idn] comments on IDNA-04
Next by thread: Re: [idn] comments on IDNA-04
Index(es):
- Date
- Thread