Not authoritative IDN labels inside a zone
Dear IDNG WG. I've read the "Guidelines for the Implementation of Internationalized Domain Names - Final Draft for the Public Comment – 3 March 2017" document, and have a comment. I've always missed a clarification regarding the use of IDN labels inside a TLD zone for records that are not-authoritative, like NS names and glue records. A TLD can pose rules and restrictions for labels in the second (or third) level, but not downside and "sibling-side". So my TLD can restrict a certain unicode point for registration purposes, but it could exist inside the TLD zone as an NS name in a level below the TLD as a glue record, and can exist at another TLD as a delegation, over which we don't have any jurisdiction. As an example, if I'm the registry of ".example" TLD and we don't allow "U+00E1 LATIN SMALL LETTER A WITH ACUTE", we can't prohibit a record like: allowed.example. IN NS á.allowed.example á.allowed.example. IN A 192.0.2.1 and certainly we can't prohibit a delegation to other TLD: allowed.example. IN NS á.cl I know this is common sense, but I've found people implementing IDN with this kind of doubts. I'll be very careful to clarify that "labels inside a zone" should meant "labels of authoritative names inside a zone". And maybe add a new guideline of the sort: "a TLD can't restrict the codepoints of names inside its zone for which it's not authoritative (such as delegations to sibling zones or glue records names), but should check such labels are syntactically valid U-labels (in RFC7940 sense)". Best regards, Hugo Salgado NIC Chile - .CL Attachment:
signature.asc |