At 11:00 06/12/2009, Chris Buxton wrote:
On Dec 5, 2009, at 5:04 AM, Kai Szymanski wrote:
> What is the way for the future: Should the browser encode idn's into
> punycode and send it to the nameserver (like example below) or should
> the browser send the un-encoded idn to the nameserver and the nameserver
> have to do the "encoding-stuff" ? Or both ?
The theory, as JFC Morfin pointed out, is that applications are
supposed to handle it. But most types of net-enabled applications
don't - mainly just web browsers.
The most recent Windows stub resolver now handles the encoding on
behalf of applications that don't do it themselves. This means that
DNS servers (and firewalls) still don't need updates - the encoding
is still handled by the client machine - but it also has the
advantage that all applications get it automatically unless they
deliberately try to validate hostnames using the pre-IDNA rules.
Unfortunately, I don't know of any other operating system stub
resolver that does this.
Thank you for this information.
I am totally new to BIND. Actually I thought that BIND was late under
Windows where the largest end-user need is. I know pretty well the
IDNA side as being architecturally conflicting on several key DNS
usage main issues. I have a "pre-theoretical" architectural solution
but it must now be confronted to experimentation. My approach is
based upon a strict respect of the existing DNS (not a single bit
change). However, I expect that experimentation may change my
"pre-theory", so this "pre-theory" is of no real interest here.
What is of interest is to be able to use BIND's capacities to carry
the experimentation and see what reality has to say. That capacity,
at this stage and as I see it is only to be able to trim the punyplus
module and to get it consistently at the propre place everywhere (I
want to consider IDNs as generallised Internet Domain Names, that
have to be processed in LC ASCII what ever the format the are in the
request or are to be in the response).
To do that I have practical problems :
- lack of time and of competence (I am a medium level C programmer, I
am not familiar with current tools and prefer to work under Windows
where I develop my current other tools)
- I do not know yet the internal functional and organisational
structure of the set of BIND of programs. Is there a document I
should start from?
- the real DNS operational usage change is due to IDNA2008, which
makes plain IDNA characteristics that one did not so much noticed
with IDNA2003. There are no IDNA2008 tools available yet. However the
core module programing may be the same (punycode is not changed,
punycode is only used with lowercases). Filtering and verification of
inputs may apply.
Nameprep is gone.
jfc
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
