On Thu, Feb 16, 2023 at 03:48:30PM +0300, Valery Smyslov wrote: > But how does this knowledge help implementers to properly implement > matching IDNs against the names in certificates, which is performed > using A-labels?
Not at all, because the problems with IDNs don't happen at the certificate validation layer. 1. The application employs some library and obtains an A-label representation of the reference identifier. 2. The application then uses this document to verify the certificate. This document covers step 2 only, with the details of step 1 as out of scope prerequisites. The application developer can consult many fine documents on how to perform step 1, but this document will not be it. Referring as briefly as possible to the IDNA2008 documents seems the reponsibly cautious thing to do. Even if many applications end up following a more "daring" (or just different) specification. -- Viktor. _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta