At 15:51 02-03-10, Takaaki Higuchi wrote:
Fist of all, I don't think IDN has interoperability problems with DKIM.
IDN is designed not to affect any impact to existing DNS system.
(So punycode encoding, which encodes unicode to ascii, is used)
If you consider that only A-labels are used for the "d=" tag, it does
not affect the retrieval of the (DKIM) public key. Selectors can be
constrained similar to what is being done for service labels.
At first, I thought EAI is only extend IDN punycode to local part of E-mail
address. But it is wrong. EAI extends SMTP to express full E-mail address
as internationalized.
Yes.
My rough understanding is that EAI is put e-mail address into From: with
both unicode encoded and current style. When recipient SMTP server
Yes.
does not support EAI, it downgrades to connect to the recipient.
Which means delete unicode part from From: hearder. That makes DKIM
verification breaks.
There may be changes to Downgrade. Both the experimental
specification or its revision will cause DKIM verification failures
when the message is downgraded.
DKIM signing and verification of UTF-8 headers will require a change
in some implementations. There will be more room for visual
spoofing. There is also the question of whether to use U-labels.
Regards,
-sm
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html