[UA-discuss] OpenSSL, was Where should IDN translation happen?
John Levine
john.levine at standcore.com
Wed Nov 14 12:59:44 UTC 2018
On Wed, 14 Nov 2018, Dmitry Belyavsky wrote:
> OpenSSL team does not want to link OpenSSL with, say, libidn (and to
> implement IDN conversion inside the library for domains).
> I've found out that 2-3 functions inherited from RFC 3492 will fit all the
> purposes necessary to implement RFC 8399.
Wait -- surely you know that you can't just punycode any old UTF-8 and
expect it to work. I can understand why openssl wouldn't want all of
libidn2 but at least you need to check that the strings are all valid
IDNA2008 code points.
If you don't, you're going to have hard to find bugs with names that look
the same but aren't normalized so comparisons will fail.
Regards,
John Levine, john.levine at standcore.com
Standcore LLC
More information about the UA-discuss
mailing list