Punycode & nslookup
jefsey at jefsey.com
Sun Dec 6 15:28:06 UTC 2009
At 11:00 06/12/2009, Chris Buxton wrote:
>On Dec 5, 2009, at 5:04 AM, Kai Szymanski wrote:
> > What is the way for the future: Should the browser encode idn's into
> > punycode and send it to the nameserver (like example below) or should
> > the browser send the un-encoded idn to the nameserver and the nameserver
> > have to do the "encoding-stuff" ? Or both ?
>The theory, as JFC Morfin pointed out, is that applications are
>supposed to handle it. But most types of net-enabled applications
>don't - mainly just web browsers.
>The most recent Windows stub resolver now handles the encoding on
>behalf of applications that don't do it themselves. This means that
>DNS servers (and firewalls) still don't need updates - the encoding
>is still handled by the client machine - but it also has the
>advantage that all applications get it automatically unless they
>deliberately try to validate hostnames using the pre-IDNA rules.
>Unfortunately, I don't know of any other operating system stub
>resolver that does this.
Thank you for this information.
I am totally new to BIND. Actually I thought that BIND was late under
Windows where the largest end-user need is. I know pretty well the
IDNA side as being architecturally conflicting on several key DNS
usage main issues. I have a "pre-theoretical" architectural solution
but it must now be confronted to experimentation. My approach is
based upon a strict respect of the existing DNS (not a single bit
change). However, I expect that experimentation may change my
"pre-theory", so this "pre-theory" is of no real interest here.
What is of interest is to be able to use BIND's capacities to carry
the experimentation and see what reality has to say. That capacity,
at this stage and as I see it is only to be able to trim the punyplus
module and to get it consistently at the propre place everywhere (I
want to consider IDNs as generallised Internet Domain Names, that
have to be processed in LC ASCII what ever the format the are in the
request or are to be in the response).
To do that I have practical problems :
- lack of time and of competence (I am a medium level C programmer, I
am not familiar with current tools and prefer to work under Windows
where I develop my current other tools)
- I do not know yet the internal functional and organisational
structure of the set of BIND of programs. Is there a document I
should start from?
- the real DNS operational usage change is due to IDNA2008, which
makes plain IDNA characteristics that one did not so much noticed
with IDNA2003. There are no IDNA2008 tools available yet. However the
core module programing may be the same (punycode is not changed,
punycode is only used with lowercases). Filtering and verification of
inputs may apply.
Nameprep is gone.
More information about the bind-users