[Python-Dev] [ssl] The weird case of IDNA
Nathaniel Smith
njs at pobox.com
Sun Dec 31 12:07:01 EST 2017
On Dec 31, 2017 7:37 AM, "Stephen J. Turnbull" <
turnbull.stephen.fw at u.tsukuba.ac.jp> wrote:
Nathaniel Smith writes:
> Issue 1: Python's built-in IDNA implementation is wrong (implements
> IDNA 2003, not IDNA 2008).
Is "wrong" the right word here? I'll grant you that 2008 is *better*,
but typically in practice versions coexist for years. Ie, is there no
backward compatibility issue with registries that specified IDNA 2003?
Well, yeah, I was simplifying, but at the least we can say that always and
only using IDNA 2003 certainly isn't right :-). I think in most cases the
preferred way to deal with these kinds of issues is not to carry around an
IDNA 2003 implementation, but instead to use an IDNA 2008 implementation
with the "transitional compatibility" flag enabled in the UTS46
preprocessor? But this is rapidly exceeding my knowledge.
This is another reason why we ought to let users do their own IDNA handling
if they want...
This is not entirely an idle question: I'd like to tool up on the
RFCs, research existing practice (especially in the East/Southeast Asian
registries), and contribute to the implementation if there may be an
issue remaining. (Interpreting RFCs is something I'm reasonably good
at.)
Maybe this is a good place to start:
https://github.com/kjd/idna/blob/master/README.rst
-n
[Sorry if my quoting is messed up; posting from my phone and Gmail for
Android apparently generates broken text/plain.]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20171231/c5625fd3/attachment.html>
More information about the Python-Dev
mailing list