-----BEGIN PGP SIGNED MESSAGE----- [EMAIL PROTECTED] wrote: > Those who think the DNS is being overly strict in enforcing ASCII in > domain names are invited to consider the following: > > 1) RFC1035 says this in section 3.1: > > Although labels can contain any 8 bit values in octets that make up a > label, it is strongly recommended that labels follow the preferred > syntax described elsewhere in this memo, which is compatible with > existing host naming conventions.
That's a recommendation about what names should be chosen for hosts, *not* about what names should be accepted by applications in domain name fields. If the purpose of RFC 1035 and RFC 2181 allowing 8-bit was not that at some point the 8th bit would be *used*, then what on earth was it? > Name servers and resolvers must > compare labels in a case-insensitive manner (i.e., A=a), assuming ASCII > with zero parity. Non-alphabetic codes must match exactly. > > RFC2181, section 11, re-iterates that the DNS is codeset-agnostic. > > So what do you know... the DNS spec is already using an N-bit-clean > length-data encoding. So obviously there's some Very Evil Restriction > that makes it not allow non-ASCII. And the favorite whipping boy here > is BIND, which by default restricts it (you can put 'check-names off;' > for a zone in the named.conf file, and you can put 'options no-check-names' > in your resolv.conf). > > 2) Why does it get restricted? Consider the parsing issues involved if you > have a domain name that uses raw Unicode and embeds the character > known as "Malayalam Letter UU". A hint why this is Very Bad are available > at http://www.unicode.org/charts/PDF/U0D00.pdf What are you talking about? There's nothing about U+0D0A that makes it any different from any other character (hint: its UTF-8 encoding is *not* 0x0D 0x0A, if that's what you meant). - -- David Hopwood <[EMAIL PROTECTED]> Home page & PGP public key: http://www.users.zetnet.co.uk/hopwood/ RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01 Nothing in this message is intended to be legally binding. If I revoke a public key but refuse to specify why, it is because the private key has been seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQEVAwUBPJu+XzkCAxeYt5gVAQEqLgf+NpZf2v9AE4EE5VO3XaxVOsMjEo/BlcNm faOAfZjtPl7us0mJYa3yAKWB0VE28GrzuHh14INYDhBbsxqk/eXsPLm1ieldvq9y IFpZhkv2Bk/BDma1/BBpZ089k2+TSR29Y+RsDJkfXdHzvzqoBz5W7TtdERR3tlP1 bORaGNblI3L4AXtvEbSfPsQ9ZyiO6aAbqK+QtdOnZ08I4MOJ0qJ0hxnIFDgs+yqT /+2L9vZqWHIGJ+S9ajcgXIqc+RClmQhaYnlPKG1DmN0DVVTjwRlizacI60CnpguD +Ys6ANjSIh7k4JhXYWu7efdIe0cm1iFya8Hxk8fyLx4I+qy3v4SWeQ== =y6PN -----END PGP SIGNATURE-----
