[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC5280 update for IDNA2008

From: Tim Ruehsen
Subject: Re: RFC5280 update for IDNA2008
Date: Mon, 16 Jan 2017 16:07:30 +0100
User-agent: KMail/5.2.3 (Linux/4.8.0-2-amd64; KDE/5.28.0; x86_64; ; )

On Monday, January 16, 2017 1:12:00 PM CET Nikos Mavrogiannopoulos wrote:
> Hi,
>  There is an attempt to update RFC5280 with IDNA2008:
> Do you have any comments on the effort? I do not know whether the
> conversion rules listed in section 7.2 apply in IDNA2008, nor whether
> the TR#46 should be referred to or ignored (as it is done now).


   Domain Names may also be represented as distinguished names using
   domain components in the subject field, the issuer field, the
   subjectAltName extension, or the issuerAltName extension.  As with
   the dNSName in the GeneralName type, the value of this attribute is
   defined as an IA5String.  Each domainComponent attribute represents a
   single label.  To represent a label from an IDN in the distinguished
   name, the implementation MUST perform the "ToASCII" label conversion
   specified in Section 4.1 of [RFC3490].  The label SHALL be considered
   a "stored string".  That is, the AllowUnassigned flag SHALL NOT be

The draft doesn't mention preprocessing of IDNs at all, just mentions still  
RFC3490 (known as IDNA 2003).
This doesn't clarify anything, just changes the wording...
At it's current state, it is useless (for me).


Attachment: signature.asc
Description: This is a digitally signed message part.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]