gnutls_server_name_set and IDN

Simon Josefsson simon at josefsson.org
Wed Sep 23 10:57:28 CEST 2009


Daniel Black <daniel at cacert.org> writes:

> Should gnutls_server_name_set convert the domain name to ACE as per 
> RFC4366 3.1 where it talks about IDNA (RFC 3490)?
>
> Using libidn function call can make this occur using idna_to_ascii_8z can 
> make this happen though this is adding dependency.

That text has been dropped from RFC 4366bis:

http://tools.ietf.org/html/draft-ietf-tls-rfc4366-bis-05#section-3

I think the text in RFC 4366 is confusing and difficult to implement
interoperably.

What the new text means is that GnuTLS applications are responsible for
converting any internationalized domain name into ACE before passing the
string on to GnuTLS.

Let me know what you think of this, there is still time to bring this up
in the IETF.

/Simon





More information about the Gnutls-devel mailing list