"Eric A. Hall" <[EMAIL PROTECTED]> wrote:
> This would break things that rely on the domain name being preserved.
> With X.509 the client and the server have to agree on the domain name,
> for example. If the resolver recombobulates a UTF-8 domain name from
> ACE output, then the client and server are likely to have different
> ideas of what the domain name should be.
Not so. This is exactly what nameprep is for. By definition, two names
X and Y are equal iff nameprep(X) and nameprep(Y) are byte-for-byte
equal. The "recombobulated" name Y will always be equal to the original
name X according to this definition. If an application works for X
but fails for Y then the application is broken, not the DNS. Even
if DNS didn't use ACE, you never know when a domain name might get
transferred across some 7-bit protocol, so all applications must respect
this definition of equality.
AMC
