gnutls_server_name_set and IDN
simon at josefsson.org
Thu Sep 24 08:56:46 CEST 2009
Daniel Black <daniel at cacert.org> writes:
> On Thursday 24 September 2009 01:59:05 you wrote:
>> Improved now, thanks, see:
> thank you. I'm assuming no mention of ACE because of reasons below.
>> > As the UTF-8/ ASCII error may be common is it beneficial to validate
>> > this input to check for >7F characters?
>> ....not being able to interop
>> against such a server just because of a input sanitation code seems
> I assume people are passing UTF-8 to the socket connect method and then
> passing the same string to gnutls_server_name_set (IP or not). Which reminds
> me I need to find and IP address or not method out of socket structures.
>> > Its clarify also simplifies it to the point that their is no mention
>> > of IDNA as an appropriate mechanism to convert encodings to ASCII. Was
>> > this intentional?
>> Yes I think/hope so -- not mentioning IDNA specifically avoids
>> inheriting the problems associated with it: support of non-ASCII
>> hostnames then becomes entirely the IDNA specifications' problem.
> it totally leaves the implementer in the dark find that spec though. I guess
> once its approved, provide documentation on gnutls and see what happens.
Yes I think that is better. IDNA has implications for all protocols
that use domain names, and referencing IDNA from everywhere does not
necessarily improve anything.
More information about the Gnutls-devel