On Thu, Feb 16, 2023 at 03:48:30PM +0300, Valery Smyslov wrote:
> But how does this knowledge help implementers to properly implement
> matching IDNs against the names in certificates, which is performed
> using A-labels?
Not at all, because the problems with IDNs don't happen at the
certificate validation layer.
1. The application employs some library and obtains an A-label
representation of the reference identifier.
2. The application then uses this document to verify the certificate.
This document covers step 2 only, with the details of step 1 as out of
scope prerequisites. The application developer can consult many fine
documents on how to perform step 1, but this document will not be it.
Referring as briefly as possible to the IDNA2008 documents seems the
reponsibly cautious thing to do. Even if many applications end up
following a more "daring" (or just different) specification.
--
Viktor.
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
