Christian Heimes added the comment: I'm considering lack of IDNA 2008 a security issue for applications that perform DNS lookups and X.509 cert validation. Applications may end up connecting to the wrong machine and even validate the cert correctly.
Wrong: >>> import socket >>> u'straße.de'.encode('idna') 'strasse.de' >>> socket.gethostbyname(u'straße.de'.encode('idna')) '72.52.4.119' Correct: >>> import idna >>> idna.encode(u'straße.de') 'xn--strae-oqa.de' >>> socket.gethostbyname(idna.encode(u'straße.de')) '81.169.145.78' ---------- priority: high -> critical type: enhancement -> security _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue17305> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com