Web Key Directory handling of IDN

Jürgen Schäpker Juergen.Schaepker at giepa.de
Thu Nov 3 10:48:29 CET 2016


the current draft currently does not appear to handle possible issues with IDN addresses, specifically there is no definition if only punycode domain names are to be used by client search requests or if UTF8 is allowed for lookups. Request URLs are probably expected to be in punycode on the server while the local-part hash might be generated from an UTF8-string that is lower-cased for ASCII-only, ignoring case for non-ASCII.

I believe the standard should allow for searches for IDN email addresses. The hash should be calculated from the complete address, local and domain part, to avoid all possible issues with the request URL and domain association. Lower-casing should probably be applied to all characters before hashing, using a defined algorithm.

Best regards,

More information about the Gnupg-devel mailing list