RE: UTS46 "transitional period"

From: Shawn Steele <Shawn.Steele_at_microsoft.com>
Date: Fri, 8 Jul 2011 21:48:40 +0000

Yes they should be bundled. Because they aren't, and separate servers is a HUGE security risk, IE will likely* be following the transitional rules for the foreseeable future. Future == years.

Note that, rather obviously, the .Net IdnMapping class and Windows' IdnToAscii, etc. IDNA2003 APIs have shipped and been deployed on millions of machines for several years. A huge number of those are NOT automagically updatable for whatever reasons, even if people were willing to break a ton of machines with a breaking behavioral change to IDNA2008. So one must assume that IDNA2003 based resolution will continue to happen for quite some time, regardless of what any future products or releases may provide. I think that goes for our competitors' as well: there are many "older" deployed versions of other browsers, etc., that people haven't felt like updating.

Note that the transitional rules distinguish between lookup and display, which I think is a key point.

-Shawn

*likely == my guess, no promises, particularly as this is an evolving area.

-----Original Message-----
From: unicode-bounce_at_unicode.org [mailto:unicode-bounce_at_unicode.org] On Behalf Of Chris Weber
Sent: Friday, July 08, 2011 10:11 AM
To: unicode_at_unicode.org
Subject: Re: UTS46 "transitional period"

I downloaded Opera 12 pre-alpha and IDNA2008 doesn't seem to be in here either... correct?

Another question around bundling and blocking. Is the recommendation here that all domains containing an "ss" should be considered for bundling and blocking? So for all new domain name registrations that would use U+00DF ( ß ) LATIN SMALL LETTER SHARP S, the registry should protect existing registrants where the new domain name would map to the existing domain name under IDNA2003 rules. Or at least give them a heads up like DENIC did with their short sunrise period.

The same would apply to cases where the registration of other deviation characters would map to existing customer domain names under IDNA2003.
So e.g. in Table 1's examples from UTS46, the owner of http://%ce%b2%cf%8c%ce%bb%ce%bf%cf%83.com should be protected from someone trying to register http://%ce%b2%cf%8c%ce%bb%ce%bf%cf%82.com.
At least during the transitional period.

I understand that registries don't have t bundle/block if they don't want to, but protecting their customers is advised.

-Chris

On 6/28/2011 11:20 PM, Peter Krefting wrote:
> Den 2011-06-29 04:41:22 skrev Chris Weber <chris_at_lookout.net>:
>
>> I was trying to understand the implementation differences in some
>> browsers and registrars. Using your example from UTS46
>> http://xn--fa-hia.de/
>>
>> Opera - error, doesn't resolve
>
> We have recently implemented support for IDNA 2008 internally, but it
> was not finished in time for the just recently released Opera 11.50.
> Our latest greatest internal test build resolves that URL just fine
> (not that there is much interesting to see).
>
Received on Fri Jul 08 2011 - 16:51:16 CDT

This archive was generated by hypermail 2.2.0 : Fri Jul 08 2011 - 16:51:17 CDT