lsd0001

LSD0001: GNU Name System
Log | Files | Refs | README
commit 568c8c5ae98f45838f630977824dc0520e2aa4cf
parent 6e078b8b5971981f6ef6d5ea099f6a7565663a85
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date:   Fri, 18 Feb 2022 12:21:50 +0100

more on gns2dns IDNA

Diffstat:

Mdraft-schanzen-gns.xml | 26++++++++++++++++++--------


1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -1455,8 +1455,8 @@ S-Decrypt(zk,label,expiration,ciphertext):
        </dl>
        <t>
          NOTE: If an application uses DNS names obtained from GNS2DNS records
-         in a DNS request they MUST first be converted to an IDNA punycode
-         representation <xref target="RFC5891" />.
+         in a DNS request they MUST first be converted to an IDNA compliant
+         representation <xref target="RFC5890" />.
        </t>
      </section>
    </section>
@@ -1510,8 +1510,8 @@ S-Decrypt(zk,label,expiration,ciphertext):
        </dl>
        <t>
          NOTE: If an application uses a LEHO value in an HTTP request header
-         (e.g. "Host:" header) it MUST be converted to an IDNA punycode representation
-         <xref target="RFC5891" />.
+         (e.g. "Host:" header) it MUST be converted to an IDNA compliant representation
+         <xref target="RFC5890" />.
        </t>
      </section>
      <section anchor="gnsrecords_nick" numbered="true" toc="default">
@@ -2064,7 +2064,7 @@ example.com = zk2
              This may in turn trigger a GNS name resolution process depending
              on the system configuration.
              In case resolution continues in DNS, the name MUST first be
-             converted to an IDNA punycode representation <xref target="RFC5891" />.
+             converted to an IDNA complaint representation <xref target="RFC5890" />.
            </t>
            <t>
              In order to prevent infinite loops, the resolver MUST
@@ -2085,8 +2085,8 @@ example.com = zk2
            <t>
              Otherwise, it is expected that the resolver first resolves the
              IP addresses of the specified DNS name servers.
-             The DNS name may have to be converted to an IDNA punycode
-             representation <xref target="RFC5891" /> for resolution in DNS.
+             The DNS name may have to be converted to an IDNA compliant
+             representation <xref target="RFC5890" /> for resolution in DNS.
              GNS2DNS records MAY
              contain numeric IPv4 or IPv6 addresses, allowing the resolver to
              skip this step.
@@ -2115,7 +2115,17 @@ example.com = zk2
              Once the IP addresses of the DNS servers have been determined,
              the DNS name from the GNS2DNS record is appended
              to the remainder of the name to be resolved, and
-             resolved by querying the DNS name server(s).  As the DNS servers
+             resolved by querying the DNS name server(s).
+             The synthesized name may have to be converted to an IDNA compliant
+             representation <xref target="RFC5890" /> for resolution in DNS.
+             If such a conversion is not possible, the resolution MUST be aborted
+             and an error MUST be returned. The information that the critical
+             record could not be processed SHOULD be returned in the error
+             description. The implementation MAY choose not to return the reason for the failure,
+             merely complicating troubleshooting for the user.
+           </t>
+           <t>
+             As the DNS servers
              specified are possibly authoritative DNS servers, the GNS resolver MUST
              support recursive DNS resolution and MUST NOT delegate this to the
              authoritative DNS servers.