| draft-ietf-lamps-rfc5280-i18n-update-00.txt | draft-ietf-lamps-rfc5280-i18n-update-01.txt | |||
|---|---|---|---|---|
| INTERNET-DRAFT | INTERNET-DRAFT | |||
| Internet Engineering Task Force R. Housley | Internet Engineering Task Force R. Housley | |||
| Intended Status: Proposed Standard Vigil Security | Intended Status: Proposed Standard Vigil Security | |||
| Updates: RFC 5280 (once approved) | Updates: RFC 5280 (once approved) | |||
| Expires: 9 November 2017 9 May 2017 | Expires: 14 December 2017 14 June 2017 | |||
| Internationalization Updates to RFC 5280 | Internationalization Updates to RFC 5280 | |||
| draft-ietf-lamps-rfc5280-i18n-update-00 | draft-ietf-lamps-rfc5280-i18n-update-01 | |||
| Abstract | Abstract | |||
| These updates to RFC 5280 provide clarity on the handling of | These updates to RFC 5280 provide clarity on the handling of | |||
| Internationalized Domain Names (IDNs) and Internationalized Email | Internationalized Domain Names (IDNs) and Internationalized Email | |||
| Addresses in X.509 Certificates. | Addresses in X.509 Certificates. | |||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted to IETF in full conformance with the | This Internet-Draft is submitted to IETF in full conformance with the | |||
| skipping to change at page 6, line 41 ¶ | skipping to change at page 6, line 41 ¶ | |||
| The comparison of two internationalized email addresses is specified | The comparison of two internationalized email addresses is specified | |||
| in Section 5 of [ID.lamps-eai-addresses]. | in Section 5 of [ID.lamps-eai-addresses]. | |||
| Implementations should convert the local-part and the host-part of | Implementations should convert the local-part and the host-part of | |||
| internationalized email addresses placed in these extensions to | internationalized email addresses placed in these extensions to | |||
| Unicode before display. | Unicode before display. | |||
| 3. Security Considerations | 3. Security Considerations | |||
| Conforming CAs SHOULD ensure that IDNs are represented as valid | Conforming CAs SHOULD ensure that IDNs are valid. This can be done | |||
| A-labels. This can be accomplished by taking a provided U-label, | by validating all code points according to IDNA2008 [RFC5892]. | |||
| validating the code points, converting it to an A-label, back to an | Failure to use valid A-labels and valid U-labels may yield a domain | |||
| U-label, and then checking to see that the result is the same as the | name that cannot be correctly represented in the Domain Name System | |||
| original U-label. Failure to use valid A-labels may yield a name | (DNS). In addition, the CA/Browser Forum offers some guidance | |||
| that cannot be correctly represented in the Domain Name System (DNS). | regarding internal server names in certificates [CABF]. | |||
| In addition, the CA/Browser Forum offers some guidance regarding | ||||
| internal server names in certificates [CABF]. | ||||
| 4. IANA Considerations | 4. IANA Considerations | |||
| No IANA registries are changed by this update. | No IANA registries are changed by this update. | |||
| 5. Normative References | 5. Normative References | |||
| [ID.lamps-eai-addresses] | [ID.lamps-eai-addresses] | |||
| Melnikov, A. (Ed.) and W. Chuang (Ed.), | Melnikov, A. (Ed.) and W. Chuang (Ed.), | |||
| "Internationalized Email Addresses in X.509 certificates", | "Internationalized Email Addresses in X.509 certificates", | |||
| End of changes. 3 change blocks. | ||||
| 10 lines changed or deleted | 8 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||