On Aug 13, 2007, at 2:35 PM, Russ Housley wrote:
This issue was raised by my review of
http://www.ietf.org/internet-drafts/draft-ietf-smime-bfibecms-03.txt
However, I think that the issue goes beyond this document. The
decision made here ought to set a precedent.
What's the risk of *not* forcing to ASCII via punycode? Leave aside
flaws in unicode handling routines for the moment. In the IBE
context, a sender would derive an "incorrect" public key (more
correctly, a different public key) and the recipient would be unable
to decrypt the message.
-- Tim
smime.p7s
Description: S/MIME cryptographic signature