Punycode & nslookup

jefsey jefsey at jefsey.com
Sun Dec 6 15:28:06 UTC 2009

At 11:00 06/12/2009, Chris Buxton wrote:
>On Dec 5, 2009, at 5:04 AM, Kai Szymanski wrote:
> > What is the way for the future: Should the browser encode idn's into
> > punycode and send it to the nameserver (like example below) or should
> > the browser send the un-encoded idn to the nameserver and the nameserver
> > have to do the "encoding-stuff" ? Or both ?
>The theory, as JFC Morfin pointed out, is that applications are 
>supposed to handle it. But most types of net-enabled applications 
>don't - mainly just web browsers.
>The most recent Windows stub resolver now handles the encoding on 
>behalf of applications that don't do it themselves. This means that 
>DNS servers (and firewalls) still don't need updates - the encoding 
>is still handled by the client machine - but it also has the 
>advantage that all applications get it automatically unless they 
>deliberately try to validate hostnames using the pre-IDNA rules.
>Unfortunately, I don't know of any other operating system stub 
>resolver that does this.

Thank you for this information.

I am totally new to BIND. Actually I thought that BIND was late under 
Windows where the largest end-user need is. I know pretty well the 
IDNA side as being architecturally conflicting on several key DNS 
usage main issues. I have a "pre-theoretical" architectural solution 
but it must now be confronted to experimentation. My approach is 
based upon a strict respect of the existing DNS (not a single bit 
change). However, I expect that experimentation may change my 
"pre-theory", so this "pre-theory" is of no real interest here.

What is of interest is to be able to use BIND's capacities to carry 
the experimentation and see what reality has to say. That capacity, 
at this stage and as I see it is only to be able to trim the punyplus 
module and to get it consistently at the propre place everywhere (I 
want to consider IDNs as generallised Internet Domain Names, that 
have to be processed in LC ASCII what ever the format the are in the 
request or are to be in the response).

To do that I have practical problems :
- lack of time and of competence (I am a medium level C programmer, I 
am not familiar with current tools and prefer to work under Windows 
where I develop my current other tools)
- I do not know yet the internal functional and organisational 
structure of the set of BIND of programs. Is there a document I 
should start from?
- the real DNS operational usage change is due to IDNA2008, which 
makes plain IDNA characteristics that one did not so much noticed 
with IDNA2003. There are no IDNA2008 tools available yet. However the 
core module programing may be the same (punycode is not changed, 
punycode is only used with lowercases). Filtering and verification of 
inputs may apply.
Nameprep is gone.


More information about the bind-users mailing list