On Feb 3, 2017, at 2:38 PM, Wei Chuang <weihaw(_at_)google(_dot_)com> wrote:
Can you clarify what this means for addresses such as:
U: ietf-dane@духовный.org
Not recommended but supported by SmtpUtf8Name.
A: ietf-dane(_at_)xn--b1adqpd3ao5c(_dot_)org
Use rfc822Name. This is recommended.
So, to be clear, for the same domain, some addresses will be
represented as rfc822Name SAN elements (with the domain in
A-label form), and other addresses (those with non-ASCII
localparts) will be represented as SmtpUtf8Name SAN elements
(with the domain in U-label form).
A verifier checking for an address with a non-ASCII localpart
will compare against SmtpUtf8Name elements with U-label domain
encodings, while a verifier checking for an address with an all
ASCII localpart will check against rfc822Name elements using an
A-label domain encoding (of the same domain).
Is that right? Thus the verifier would sometimes need to convert
from U-labels to A-labels (when the localpart is all ASCII), and
at other times from A-labels to U-labels (when the localpart is not
all ASCII)...
--
Viktor.