Dear Russ, Thank you for your consideration regarding my comment. I agree with your suggestions. Regards, Nemo > 2024/01/03 3:58、Russ Housley <housley@xxxxxxxxxxxx>のメール: > > Thanks for the review. I suggest: > > Conforming CAs SHOULD ensure that IDNs are valid according to > IDNA2008, which is defined in [RFC5892] and updated by [RFC8753]. > This can be done by verifying all code points against [IDNA-Tables]. > Failure to use valid A-labels may yield a domain name that cannot be > correctly represented in the Domain Name System (DNS). In addition, > the CA/Browser Forum offers some guidance regarding internal server > names in certificates [CABF]. > > [IDNA-Tables] > "IDNA Rules and Derived Property Values", 4 April 2022, > <https://www.iana.org/assignments/idna-tables>. > > Russ > > >> On Jan 1, 2024, at 8:50 AM, Takahiro Nemoto via Datatracker <noreply@xxxxxxxx> wrote: >> >> Reviewer: Takahiro Nemoto >> Review result: Ready with Nits >> >> I am the assigned ART-ART reviewer for this draft. >> >> Summary: >> >> This draft to update RFC 8399 is clear on the revisions and is almost ready for >> publication without major/minor issues. However, I found one point of concern, >> which I comment on below as nits, and I hope you will consider revising them if >> necessary. >> >> Nits: >> In section "3. Security Considerations", RFC 5892 has been updated to RFC 8753 >> and needs to be corrected. However, RFC8753 does not describe the algorithm to >> derive property values or the code points list like RFC5892. So, if you want to >> reflect this suggestion, it would be easier to convey the intention to the >> reader to write, "This can be done by verifying all code points >> <https://www.iana.org/assignments/idna-tables> determined by IDNA2008 >> [RFC8753]." rather than "This can be done by validating all code points >> according to IDNA2008 [RFC5892].". > > -- > last-call mailing list > last-call@xxxxxxxx > https://www.ietf.org/mailman/listinfo/last-call -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
