F27 System Wide Change: Switch libidn-using applications to IDNA2008

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



= Proposed System Wide Change: Switch libidn-using applications to IDNA2008 =
https://fedoraproject.org/wiki/Changes/IDNA2008

Change owner(s):
* Nikos Mavrogiannopoulos <nmav AT redhat DOT com>
* Robert Scheck <robert AT fedoraproject DOT org>

The proposed change is about deprecating libidn, which supports
IDNA2003, and switch all applications using libidn, to libidn2 2.0.0,
which supports IDNA2008.


== Detailed Description ==
Internationalized domain names exist for quite some time (IDNA2003),
although the protocols describing them have evolved in an incompatible
way (IDNA2008). These incompatibilities will prevent applications
written for IDNA2003 to access certain problematic domain names
defined with IDNA2008, e.g., faß.de is translated to domain
xn--fa-hia.de with IDNA2008, while in IDNA2003 it is translated to
fass.de domain. That not only causes incompatibility problems, but may
be used as an attack vector to redirect users to different web sites.

The proposed change is about deprecating libidn, which supports
IDNA2003, and switch all applications using libidn, to libidn2 2.0.0,
which supports IDNA2008. The switch should be transparent as the
libidn2 library is API compatible.

Note that even in the web browsers, field there is much confusion on
the topic. Chromium appears to use IDNA2008 transitional (i.e.,
IDNA2003 mapping for the problematic characters), while Firefox and
Safari have already moved to IDNA2008.

For more information see:
* http://nmav.gnutls.org/2017/04/the-mess-with-internationalized-domain.html
* https://www.plesk.com/blog/what-is-the-problem-with-s/
* http://unicode.org/faq/idn.html#6


== Scope ==
* Proposal owners:
The proposal owner is expected to co-ordinate and fill the required
bugs on the distribution.

* Other developers:
Maintainers, should
- Verify that their software is linked with the libidn library
- Update the software from upstream if it already has been converted to libidn2
- Check the libidn2 instructions on converting a package to libidn2.
- Propose patches (trivial task) to convert to libidn2, and notify
upstream about it.
In short switch software from libidn to libidn2, it is sufficient
replacing idna.h header with idn2.h.

* Release engineering:
This feature requires not action from release engineering.

* Policies and guidelines:
Currently Fedora has no guidelines for IDNA support. With this change
the recommended guideline for applications would be to support
IDNA2008 by default.

* Trademark approval:
N/A (not needed for this Change)
-- 
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux