ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Internationalized domain names

2006-07-20 10:01:53
from [Douglas Otis] [Permanent Link] 

On Jul 19, 2006, at 10:01 PM, Douglas Otis wrote:

A follow-on:
A sub-domain, with respect to IDNA, should be specified from the perspective of validating the label. DKIM never encodes these labels. DKIM needs to decide whether these labels are valid and will never see the Unicode input string passed to an encoder. It is not clear how a RFC3490 decode process can check whether an ACE label encoding is valid.
Unfortunately label definitions within STD13 (RFC1034) have changed somewhat. The current sub-domain ABNF referenced from RFC2821 is insufficient. For validating the label, the RFC3490 reference that Paul suggested offers little clarity with regard to validating the tag parameters. DKIM should define the sub-domain ABNF, especially for the i= tag. There is no reference that indicates a valid length for the label, and the RFC2821 ABNF reference has an error, but STD13 referenced in RFC3490 is also in error with respect to this definition. It is common to see in the domains in the wild begin with either a letter or a digit, but STD13 requires that a label begin with a letter. It should also be noted that RFC2821 ABNF fails to exclude a trailing hyphen or provide a valid label length, which is also missing from the DKIM base draft. 

----------
Remove:

2.5  Imported ABNF Tokens
 RFC2821 sub-domain token reference

References to RFC3492 following i= and d= signature tag definitions:

 Internationalized domain names MUST be punycode-encoded
 [RFC3492].

-----------
Add (prior to or in Section 3):

 ABNF:

 hyphen = %x2D ; "-"
 ldh = ALPHA | DIGIT | hyphen
 let-dig = ALPHA | DIGIT
 sub-domain =  let-dig [*61(ldh) let-dig]
When a sub-domain label begins with an ACE label prefix as defined in RFC3490, this label MUST be encoded accordingly. 

----------

As reference:

RFC2821:

Let-dig = ALPHA / DIGIT
Ldh-str = *( ALPHA / DIGIT / "-" ) Let-dig
sub-domain = Let-dig [Ldh-str]


RFC1034 (STD13):

<label> ::= <letter> [ [ <ldh-str> ] <let-dig> ]
<ldh-str> ::= <let-dig-hyp> | <let-dig-hyp> <ldh-str>
<let-dig-hyp> ::= <let-dig> | "-"
<let-dig> ::= <letter> | <digit>

-Doug

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] More on naked CR canonicalization, Michael Thomas
Next by Date:  Re: [ietf-dkim] Internationalized domain names, Paul Hoffman
Previous by Thread:  Re: [ietf-dkim] Internationalized domain names, Douglas Otis
Next by Thread:  Re: [ietf-dkim] Internationalized domain names, Paul Hoffman
Indexes:  [Date] [Thread] [Top] [All Lists]