[Python-Dev] [ssl] The weird case of IDNA

[Ronald Oussoren]

> On 31 Dec 2017, at 18:07, Nathaniel Smith <njs at pobox.com> wrote:
> 
> On Dec 31, 2017 7:37 AM, "Stephen J. Turnbull" <turnbull.stephen.fw at u.tsukuba.ac.jp <mailto:turnbull.stephen.fw at u.tsukuba.ac.jp>> wrote:
> Nathaniel Smith writes:
> 
>  > Issue 1: Python's built-in IDNA implementation is wrong (implements
>  > IDNA 2003, not IDNA 2008).
> 
> Is "wrong" the right word here?  I'll grant you that 2008 is *better*,
> but typically in practice versions coexist for years.  Ie, is there no
> backward compatibility issue with registries that specified IDNA 2003?
> 
> Well, yeah, I was simplifying, but at the least we can say that always and only using IDNA 2003 certainly isn't right :-). I think in most cases the preferred way to deal with these kinds of issues is not to carry around an IDNA 2003 implementation, but instead to use an IDNA 2008 implementation with the "transitional compatibility" flag enabled in the UTS46 preprocessor? But this is rapidly exceeding my knowledge.
> 
> This is another reason why we ought to let users do their own IDNA handling if they want…

Do you know what the major browser do w.r.t. IDNA support? If those unconditionally use IDNA 2008 is should be fairly safe to move to that in Python as well because that would mean we’re less likely to run into backward compatibility issues.

Ronald

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20180102/a63a1ff4/attachment.html>