[ietf-dkim] Internationalized domain names

Douglas Otis dotis at mail-abuse.org
Thu Jul 20 09:57:21 PDT 2006 

On Jul 19, 2006, at 10:01 PM, Douglas Otis wrote:

A follow-on:

A sub-domain, with respect to IDNA, should be specified from the  
perspective of validating the label.  DKIM never encodes these  
labels.  DKIM needs to decide whether these labels are valid and will  
never see the Unicode input string passed to an encoder.  It is not  
clear how a RFC3490 decode process can check whether an ACE label  
encoding is valid.

Unfortunately label definitions within STD13 (RFC1034) have changed  
somewhat.  The current sub-domain ABNF referenced from RFC2821 is  
insufficient.  For validating the label, the RFC3490 reference that  
Paul suggested offers little clarity with regard to validating the  
tag parameters.  DKIM should define the sub-domain ABNF, especially  
for the i= tag.  There is no reference that indicates a valid length  
for the label, and the RFC2821 ABNF reference has an error, but STD13  
referenced in RFC3490 is also in error with respect to this  
definition.  It is common to see in the domains in the wild begin  
with either a letter or a digit, but STD13 requires that a label  
begin with a letter.  It should also be noted that RFC2821 ABNF fails  
to exclude a trailing hyphen or provide a valid label length, which  
is also missing from the DKIM base draft.

----------
Remove:

2.5  Imported ABNF Tokens
  RFC2821 sub-domain token reference

References to RFC3492 following i= and d= signature tag definitions:

  Internationalized domain names MUST be punycode-encoded
  [RFC3492].

-----------
Add (prior to or in Section 3):

  ABNF:

  hyphen = %x2D ; "-"
  ldh = ALPHA | DIGIT | hyphen
  let-dig = ALPHA | DIGIT
  sub-domain =  let-dig [*61(ldh) let-dig]

  When a sub-domain label begins with an ACE label prefix as defined  
in RFC3490, this label MUST be encoded accordingly.

----------

As reference:

RFC2821:

Let-dig = ALPHA / DIGIT
Ldh-str = *( ALPHA / DIGIT / "-" ) Let-dig
sub-domain = Let-dig [Ldh-str]


RFC1034 (STD13):

<label> ::= <letter> [ [ <ldh-str> ] <let-dig> ]
<ldh-str> ::= <let-dig-hyp> | <let-dig-hyp> <ldh-str>
<let-dig-hyp> ::= <let-dig> | "-"
<let-dig> ::= <letter> | <digit>

-Doug

More information about the ietf-dkim mailing list