Dňa 7. októbra 2024 6:42:28 UTC používateľ Viktor Dukhovni via mailop <mailop@mailop.org> napísal:
>One can reasonably take the view that U-labels are largely a matter of >the user-interface (presentation) layer, the *real* domain name is the >A-label form! But users don't directly work with attrleaf names, these >arise only internally in applications, and applications that support >U-labels should convert names to A-label form *before* adding any >attrleaf prefixes, as part of converting what the user typed to internal >form. Similarly, IDNA A-labels are converted to U-labels as part of >displaying them to the user. Yes, but the border between UI (user interface) andd app use can be not as clear, consider this: I have script to shows some info about IP, including its PTR name. That is clearly UI, thus it shows decoded (U-label) form. From time to time i am interested in details about PTR's name/domain, eg. its DMARC record, thus i copy&paste that PTR name, prepend it by _dmarc and voila, we have service record in UI... Another case, where underscores causes problem are the PTR names itself. I mostly inspect suspicious IPs/names (rejected/blocked and so), thus (while not as common) i meet PTR with underscore. We can state, that it is not valid char, we can complain, but it happens... My main problem is, that i use aiodns for DNS in that script (as it is minimalistic) and pycares doesn't care about decoding, Dnspython does it, but i don't want to depend on both libs nor to switch library, thus i have to decode PTR names by self. The idna is near to zero documented, and its basic usage (as shown in readme) is not usable in all cases. When i send ASCII only name (no IDNA) to idna.decode(), it returns it as is. That is what i am expecting from it, but it fails with these underscores and that is not what i expect from such library, especially that i cannot distinguish invalid char in ASCII-only label from that in U-label... I checked in depth how both, the pycares (aiodns backend) and the dnspython does encoding, and both basically does the same, they splits name to labels, then sends to idna only U-labels and finally joins labels back (the dnspython does more checks). I am able now to do that for decoding too, split, send to idna only R-LDH labels and then join labels back, seems to work. BTW, Cyrillic domain names are relative common PTRs for these suspicious IPs. I checked .rus (no Cyrillic keyboard here) price and it is about 2 €/year... regards -- Slavko https://www.slavino.sk/ _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop