draft-ietf-idnabis-protocol-08.txt   draft-ietf-idnabis-protocol-09.txt 
Network Working Group J. Klensin Network Working Group J. Klensin
Obsoletes: 3490, 3491 Obsoletes: 3490, 3491
(if approved) (if approved)
Updates: 3492 (if approved) Updates: 3492 (if approved)
Intended status: Standards Track Intended status: Standards Track
Expires: June 10, 2009 Expires: August 24, 2009
Internationalized Domain Names in Applications (IDNA): Protocol Internationalized Domain Names in Applications (IDNA): Protocol
draft-ietf-idnabis-protocol-08.txt draft-ietf-idnabis-protocol-09.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any This Internet-Draft is submitted to IETF in full conformance with the
applicable patent or other IPR claims of which he or she is aware provisions of BCP 78 and BCP 79.
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on June 10, 2009. This Internet-Draft will expire on August 24, 2009.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Abstract Abstract
This document supplies the protocol definition for a revised and This document supplies the protocol definition for a revised and
updated specification for internationalized domain names (IDNs). The updated specification for internationalized domain names (IDNs). The
rationale for these changes, the relationship to the older rationale for these changes, the relationship to the older
specification, and important terminology are provided in other specification, and important terminology are provided in other
documents. This document specifies the protocol mechanism, called documents. This document specifies the protocol mechanism, called
Internationalizing Domain Names in Applications (IDNA), for Internationalizing Domain Names in Applications (IDNA), for
registering and looking up IDNs in a way that does not require registering and looking up IDNs in a way that does not require
changes to the DNS itself. IDNA is only meant for processing domain changes to the DNS itself. IDNA is only meant for processing domain
names, not free text. names, not free text.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.1. Discussion Forum . . . . . . . . . . . . . . . . . . . . . 4 1.1. Discussion Forum . . . . . . . . . . . . . . . . . . . . . 5
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Requirements and Applicability . . . . . . . . . . . . . . . . 5 3. Requirements and Applicability . . . . . . . . . . . . . . . . 6
3.1. Requirements . . . . . . . . . . . . . . . . . . . . . . . 5 3.1. Requirements . . . . . . . . . . . . . . . . . . . . . . . 6
3.2. Applicability . . . . . . . . . . . . . . . . . . . . . . 5 3.2. Applicability . . . . . . . . . . . . . . . . . . . . . . 6
3.2.1. DNS Resource Records . . . . . . . . . . . . . . . . . 6 3.2.1. DNS Resource Records . . . . . . . . . . . . . . . . . 7
3.2.2. Non-domain-name Data Types Stored in the DNS . . . . . 6 3.2.2. Non-domain-name Data Types Stored in the DNS . . . . . 7
4. Registration Protocol . . . . . . . . . . . . . . . . . . . . 6 4. Registration Protocol . . . . . . . . . . . . . . . . . . . . 7
4.1. Proposed label . . . . . . . . . . . . . . . . . . . . . . 7 4.1. Input to IDNA Registration Process . . . . . . . . . . . . 8
4.2. Conversion to Unicode and Normalization . . . . . . . . . 7 4.2. Permitted Character and Label Validation . . . . . . . . . 8
4.3. Permitted Character and Label Validation . . . . . . . . . 7 4.2.1. Input Format . . . . . . . . . . . . . . . . . . . . . 8
4.3.1. Input Format . . . . . . . . . . . . . . . . . . . . . 7 4.2.2. Rejection of Characters that are not Permitted . . . . 8
4.3.2. Rejection of Characters that are not Permitted . . . . 8 4.2.3. Label Validation . . . . . . . . . . . . . . . . . . . 9
4.3.3. Label Validation . . . . . . . . . . . . . . . . . . . 8 4.2.4. Registration Validation Summary . . . . . . . . . . . 10
4.3.4. Registration Validation Summary . . . . . . . . . . . 9 4.3. Registry Restrictions . . . . . . . . . . . . . . . . . . 10
4.4. Registry Restrictions . . . . . . . . . . . . . . . . . . 9 4.4. Punycode Conversion . . . . . . . . . . . . . . . . . . . 11
4.5. Punycode Conversion . . . . . . . . . . . . . . . . . . . 10 4.5. Insertion in the Zone . . . . . . . . . . . . . . . . . . 11
4.6. Insertion in the Zone . . . . . . . . . . . . . . . . . . 10 5. Domain Name Lookup Protocol . . . . . . . . . . . . . . . . . 11
5. Domain Name Lookup Protocol . . . . . . . . . . . . . . . . . 10 5.1. Label String Input . . . . . . . . . . . . . . . . . . . . 11
5.1. Label String Input . . . . . . . . . . . . . . . . . . . . 10
5.2. Conversion to Unicode . . . . . . . . . . . . . . . . . . 11 5.2. Conversion to Unicode . . . . . . . . . . . . . . . . . . 11
5.3. Character Changes in Preprocessing or the User 5.3. Character Changes in Preprocessing or the User
Interface . . . . . . . . . . . . . . . . . . . . . . . . 11 Interface . . . . . . . . . . . . . . . . . . . . . . . . 12
5.4. A-label Input . . . . . . . . . . . . . . . . . . . . . . 12 5.4. A-label Input . . . . . . . . . . . . . . . . . . . . . . 13
5.5. Validation and Character List Testing . . . . . . . . . . 12 5.5. Validation and Character List Testing . . . . . . . . . . 13
5.6. Punycode Conversion . . . . . . . . . . . . . . . . . . . 14 5.6. Punycode Conversion . . . . . . . . . . . . . . . . . . . 14
5.7. DNS Name Resolution . . . . . . . . . . . . . . . . . . . 14 5.7. DNS Name Resolution . . . . . . . . . . . . . . . . . . . 14
6. Name Server Considerations . . . . . . . . . . . . . . . . . . 14 6. Security Considerations . . . . . . . . . . . . . . . . . . . 15
6.1. Processing Non-ASCII Strings . . . . . . . . . . . . . . . 14 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
6.2. DNSSEC Authentication of IDN Domain Names . . . . . . . . 15 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 15
6.3. Root and other DNS Server Considerations . . . . . . . . . 15 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 15
7. Security Considerations . . . . . . . . . . . . . . . . . . . 15 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 10.1. Normative References . . . . . . . . . . . . . . . . . . . 16
9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 16 10.2. Informative References . . . . . . . . . . . . . . . . . . 17
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 17 Appendix A. Summary of Major Changes from IDNA2003 . . . . . . . 18
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 19
11.1. Normative References . . . . . . . . . . . . . . . . . . . 17
11.2. Informative References . . . . . . . . . . . . . . . . . . 18
Appendix A. Summary of Major Changes from IDNA2003 . . . . . . . 19
Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 20
B.1. Changes between Version -00 and -01 of B.1. Changes between Version -00 and -01 of
draft-ietf-idnabis-protocol . . . . . . . . . . . . . . . 20 draft-ietf-idnabis-protocol . . . . . . . . . . . . . . . 19
B.2. Version -02 . . . . . . . . . . . . . . . . . . . . . . . 20 B.2. Version -02 . . . . . . . . . . . . . . . . . . . . . . . 19
B.3. Version -03 . . . . . . . . . . . . . . . . . . . . . . . 21 B.3. Version -03 . . . . . . . . . . . . . . . . . . . . . . . 19
B.4. Version -04 . . . . . . . . . . . . . . . . . . . . . . . 21 B.4. Version -04 . . . . . . . . . . . . . . . . . . . . . . . 20
B.5. Version -05 . . . . . . . . . . . . . . . . . . . . . . . 21 B.5. Version -05 . . . . . . . . . . . . . . . . . . . . . . . 20
B.6. Version -06 . . . . . . . . . . . . . . . . . . . . . . . 21 B.6. Version -06 . . . . . . . . . . . . . . . . . . . . . . . 20
B.7. Version -07 . . . . . . . . . . . . . . . . . . . . . . . 22 B.7. Version -07 . . . . . . . . . . . . . . . . . . . . . . . 20
B.8. Version -08 . . . . . . . . . . . . . . . . . . . . . . . 22 B.8. Version -08 . . . . . . . . . . . . . . . . . . . . . . . 21
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 22 B.9. Version -09 . . . . . . . . . . . . . . . . . . . . . . . 21
Intellectual Property and Copyright Statements . . . . . . . . . . 23 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 21
1. Introduction 1. Introduction
This document supplies the protocol definition for a revised and This document supplies the protocol definition for a revised and
updated specification for internationalized domain names. Essential updated specification for internationalized domain names. Essential
definitions and terminology for understanding this document and a definitions and terminology for understanding this document and a
road map of the collection of documents that make up IDNA2008 appear road map of the collection of documents that make up IDNA2008 appear
in [IDNA2008-Defs]. Appendix A discusses the relationship between in [IDNA2008-Defs]. Appendix A discusses the relationship between
this specification and the earlier version of IDNA (referred to here this specification and the earlier version of IDNA (referred to here
as "IDNA2003") and the rationale for these changes, along with as "IDNA2003") and the rationale for these changes, along with
skipping to change at page 5, line 21 skipping to change at page 6, line 21
[RFC2119]. [RFC2119].
3. Requirements and Applicability 3. Requirements and Applicability
3.1. Requirements 3.1. Requirements
IDNA conformance means adherence to the following requirements: IDNA conformance means adherence to the following requirements:
1. Whenever a domain name is put into an IDN-unaware domain name 1. Whenever a domain name is put into an IDN-unaware domain name
slot (see Section 2 and [IDNA2008-Defs]), it MUST contain only slot (see Section 2 and [IDNA2008-Defs]), it MUST contain only
ASCII characters (i.e., must be either an A-label or an LDH- ASCII characters (i.e., must be either an A-label or an NR-LDH-
label), or must be a label associated with a DNS application that label), or must be a label associated with a DNS application that
is not subject to either IDNA or the historical recommendations is not subject to either IDNA or the historical recommendations
for "hostname"-style names [RFC1034]. for "hostname"-style names [RFC1034].
2. Comparison of labels MUST be done on equivalent forms: either 2. Comparison of labels MUST be done on equivalent forms: either
both A-Label forms or both U-Label forms. Because A-labels and both A-Label forms or both U-Label forms. Because A-labels and
U-labels can be transformed into each other without loss of U-labels can be transformed into each other without loss of
information, these comparisons are equivalent. However, when a information, these comparisons are equivalent. However, when a
pair of putative A-labels are compared, the comparison MUST use pair of putative A-labels are compared, the comparison MUST use
an ASCII case-insensitive comparison (as with all comparisons of an ASCII case-insensitive comparison (as with all comparisons of
skipping to change at page 7, line 10 skipping to change at page 8, line 10
This section defines the procedure for registering an IDN. The This section defines the procedure for registering an IDN. The
procedure is implementation independent; any sequence of steps that procedure is implementation independent; any sequence of steps that
produces exactly the same result for all labels is considered a valid produces exactly the same result for all labels is considered a valid
implementation. implementation.
Note that, while the registration and lookup protocols (Section 5) Note that, while the registration and lookup protocols (Section 5)
are very similar in most respects, they are different and are very similar in most respects, they are different and
implementers should carefully follow the steps they are implementing. implementers should carefully follow the steps they are implementing.
4.1. Proposed label 4.1. Input to IDNA Registration Process
The registrant submits a request for an IDN. The user typically
produces the request string by the keyboard entry of a character
sequence in the local native character set (which might, of course,
be Unicode).
4.2. Conversion to Unicode and Normalization
Some system routine, or a localized front-end to the IDNA process,
ensures that the proposed label is a Unicode string or converts it to
one as appropriate. Independent of its source form, the string MUST
be in Unicode Normalization Form C (NFC [Unicode-UAX15]) before
further processing in this protocol.
As a local implementation choice, the implementation MAY choose to [[anchor8: Note in Draft: This subsection is new in -08, based on
map some forbidden characters to permitted characters (for instance comments on the mailing list in January and February 2009. It
mapping uppercase characters to lowercase ones), displaying the replaces the previous first two subsections of this section and
result to the user, and allowing processing to continue. This should completely eliminates the discussion of local mapping for
be done very conservatively to prevent interoperability problems with registration.]]
lookup applications that do not follow exactly the same rules. In
particular, it is strongly recommended that, to avoid any possible
ambiguity, entities responsible for zone files ("registries") accept
registrations only for A-labels (to be converted to U-labels by the
registry as discussed above) or U-labels actually produced from
A-labels, not forms expected to be converted by some other process.
4.3. Permitted Character and Label Validation Registration processes are outside the scope of these protocols and
may differ significantly depending on local needs. By the time a
string enters the IDNA registration process as described in this
specification, it is expected to be in Unicode and MUST be in Unicode
Normalization Form C (NFC [Unicode-UAX15]). Entities responsible for
zone files ("registries") are expected to accept only the exact
string for which registration is requested, free of any mappings or
local adjustments. They SHOULD avoid any possible ambiguity by
accepting registrations only for A-labels, possibly paired with the
relevant U-labels so that they can verify the correspondence.
4.3.1. Input Format 4.2. Permitted Character and Label Validation
[[anchor8: Note in -07 -- this section was formerly the second 4.2.1. Input Format
paragraph of Section 4.1. It may need additional work; suggestions
welcome.]]
The registry MAY permit submission of labels in A-label form. If it The registry MAY permit submission of labels in A-label form. If it
does so, it MUST perform a conversion to a U-label, perform the steps does so, it MUST perform a conversion to a U-label, perform the steps
and tests described below, and verify that the A-label produced by and tests described below, and verify that the A-label produced by
the step in Section 4.5 matches the one provided as input. If, for the step in Section 4.4 matches the one provided as input. If, for
some reason, it does not, the registration MUST be rejected. If the some reason, it does not, the registration MUST be rejected. If the
conversion to a U-label is not performed, the registry MUST verify conversion to a U-label is not performed, the registry MUST verify
that the A-label is superficially valid, i.e., that it does not that the A-label is superficially valid, i.e., that it does not
violate any of the rules of Punycode [RFC3492] encoding such as the violate any of the rules of Punycode [RFC3492] encoding such as the
prohibition on trailing hyphen-minus, appearance of non-basic prohibition on trailing hyphen-minus, appearance of non-basic
characters before the delimiter, and so on. Invalid strings that characters before the delimiter, and so on. Invalid strings that
appear to be A-labels MUST NOT be placed in DNS zones. appear to be A-labels MUST NOT be placed in DNS zones.
4.3.2. Rejection of Characters that are not Permitted 4.2.2. Rejection of Characters that are not Permitted
The candidate Unicode string is checked to verify that characters The candidate Unicode string is checked to verify that characters
that IDNA does not permit do not appear in it. Those characters are that IDNA does not permit do not appear in it. Those characters are
identified in the "DISALLOWED" and "UNASSIGNED" lists that are identified in the "DISALLOWED" and "UNASSIGNED" lists that are
specified in [IDNA2008-Tables] and described informally in specified in [IDNA2008-Tables] and described informally in
[IDNA2008-Rationale]. Characters that are either DISALLOWED or [IDNA2008-Rationale]. Characters that are either DISALLOWED or
UNASSIGNED MUST NOT be part of labels to be processed for UNASSIGNED MUST NOT be part of labels to be processed for
registration in the DNS. registration in the DNS.
4.3.3. Label Validation 4.2.3. Label Validation
The proposed label (in the form of a Unicode string, i.e., a putative The proposed label (in the form of a Unicode string, i.e., a putative
U-label) is then examined, performing tests that require examination U-label) is then examined, performing tests that require examination
of more than one character. of more than one character.
4.3.3.1. Rejection of Hyphen Sequences in U-labels 4.2.3.1. Rejection of Hyphen Sequences in U-labels
The Unicode string MUST NOT contain "--" (two consecutive hyphens) in The Unicode string MUST NOT contain "--" (two consecutive hyphens) in
the third and fourth character positions when the label is considered the third and fourth character positions when the label is considered
in "on the wire" order. in "on the wire" order.
4.3.3.2. Leading Combining Marks 4.2.3.2. Leading Combining Marks
The first character of the string (when the label is considered in The first character of the string (when the label is considered in
"on the wire" order) is examined to verify that it is not a combining "on the wire" order) is examined to verify that it is not a combining
mark (or combining character) (see The Unicode Standard, Section 2.11 mark (or combining character) (see The Unicode Standard, Section 2.11
[Unicode] for an exact definition). If it is a combining mark, the [Unicode] for an exact definition). If it is a combining mark, the
string MUST NOT be registered. string MUST NOT be registered.
4.3.3.3. Contextual Rules 4.2.3.3. Contextual Rules
Each code point is checked for its identification as a character Each code point is checked for its identification as a character
requiring contextual processing for registration (the list of requiring contextual processing for registration (the list of
characters appears as the combination of CONTEXTJ and CONTEXTO in characters appears as the combination of CONTEXTJ and CONTEXTO in
[IDNA2008-Tables] as do the contextual rules themselves). If that [IDNA2008-Tables] as do the contextual rules themselves). If that
indication appears, the table of contextual rules is checked for a indication appears, the table of contextual rules is checked for a
rule for that character. If no rule is found, the proposed label is rule for that character. If no rule is found, the proposed label is
rejected and MUST NOT be installed in a zone file. If one is found, rejected and MUST NOT be installed in a zone file. If one is found,
it is applied (typically as a test on the entire label or on adjacent it is applied (typically as a test on the entire label or on adjacent
characters within the label). If the application of the rule does characters within the label). If the application of the rule does
skipping to change at page 9, line 15 skipping to change at page 10, line 5
These contextual rules are required to support the use of characters These contextual rules are required to support the use of characters
that could be used, under other conditions, to produce misleading that could be used, under other conditions, to produce misleading
labels or to cause unacceptable ambiguity in label matching and labels or to cause unacceptable ambiguity in label matching and
interpretation. For example, labels containing invisible ("zero- interpretation. For example, labels containing invisible ("zero-
width") characters may be permitted in context with characters whose width") characters may be permitted in context with characters whose
presentation forms are significantly changed by the presence or presentation forms are significantly changed by the presence or
absence of the zero-width characters, while other labels in which absence of the zero-width characters, while other labels in which
zero-width characters appear may be rejected. zero-width characters appear may be rejected.
4.3.3.4. Labels Containing Characters Written Right to Left 4.2.3.4. Labels Containing Characters Written Right to Left
Special tests are required for strings containing characters that are Special tests are required for strings containing characters that are
normally written from right to left. The criteria for classifying normally written from right to left. The criteria for classifying
characters in terms of directionality are identified in the "Bidi" characters in terms of directionality are identified in the "Bidi"
document [IDNA2008-BIDI] in this series. That document also document [IDNA2008-BIDI] in this series. That document also
describes conditions for strings that contain one or more of those describes conditions for strings that contain one or more of those
characters to be U-labels. The tests for those conditions, specified characters to be U-labels. The tests for those conditions, specified
there, are applied. Strings that contain right to left characters there, are applied. Strings that contain right to left characters
that do not conform to the IDNA Bidi rules MUST NOT be inserted as that do not conform to the IDNA Bidi rules MUST NOT be inserted as
labels in zone files. labels in zone files.
4.3.4. Registration Validation Summary 4.2.4. Registration Validation Summary
Strings that contain at least one non-ASCII character, have been Strings that contain at least one non-ASCII character, have been
produced by the steps above, whose contents pass the above tests, and produced by the steps above, whose contents pass the above tests, and
are 63 or fewer characters long in ACE form (see Section 4.5), are are 63 or fewer characters long in ACE form (see Section 4.4), are
U-labels. U-labels.
To summarize, tests are made in Section 4.3 for invalid characters, To summarize, tests are made in Section 4.2 for invalid characters,
invalid combinations of characters, and for labels that are invalid invalid combinations of characters, and for labels that are invalid
even if the characters they contain are valid individually. even if the characters they contain are valid individually.
4.4. Registry Restrictions 4.3. Registry Restrictions
Registries at all levels of the DNS, not just the top level, are Registries at all levels of the DNS, not just the top level, are
expected to establish policies about the labels that may be expected to establish policies about the labels that may be
registered, and for the processes associated with that action. While registered, and for the processes associated with that action. While
exact policies are not specified as part of IDNA2008 and it is exact policies are not specified as part of IDNA2008 and it is
expected that different registries may specify different policies, expected that different registries may specify different policies,
there SHOULD be policies. Even a trivial policy (e.g., "anything can there SHOULD be policies. Even a trivial policy (e.g., "anything can
be registered in this zone that can be represented as an A-label - be registered in this zone that can be represented as an A-label -
U-label pair") has value because it provides notice to users and U-label pair") has value because it provides notice to users and
applications implementers that the registry cannot be relied upon to applications implementers that the registry cannot be relied upon to
skipping to change at page 10, line 14 skipping to change at page 11, line 5
zone files) deep in the DNS hierarchy. As discussed in zone files) deep in the DNS hierarchy. As discussed in
[IDNA2008-Rationale], such restrictions have always existed in the [IDNA2008-Rationale], such restrictions have always existed in the
DNS. That document also contains a discussion and recommendations DNS. That document also contains a discussion and recommendations
about possible types of rules. about possible types of rules.
The string produced by the above steps is checked and processed as The string produced by the above steps is checked and processed as
appropriate to local registry restrictions. Application of those appropriate to local registry restrictions. Application of those
registry restrictions may result in the rejection of some labels or registry restrictions may result in the rejection of some labels or
the application of special restrictions to others. the application of special restrictions to others.
4.5. Punycode Conversion 4.4. Punycode Conversion
The resulting U-label is converted to an A-label. The A-label, more The resulting U-label is converted to an A-label. The A-label, more
precisely defined elsewhere, is the encoding of the U-label according precisely defined elsewhere, is the encoding of the U-label according
to the Punycode algorithm [RFC3492] with the ACE prefix "xn--" added to the Punycode algorithm [RFC3492] with the ACE prefix "xn--" added
at the beginning of the string. The resulting string much, of at the beginning of the string. The resulting string must, of
course, conform to the length limits imposed by the DNS. This course, conform to the length limits imposed by the DNS. This
document updates RFC 3492 only to the extent of replacing the document updates RFC 3492 only to the extent of replacing the
reference to the discussion of the ACE prefix. The ACE prefix is now reference to the discussion of the ACE prefix. The ACE prefix is now
specified in this document rather than as part of RFC 3490 or specified in this document rather than as part of RFC 3490 or
Nameprep [RFC3491] but is the same in both sets of documents. Nameprep [RFC3491] but is the same in both sets of documents.
The failure conditions identified in the Punycode encoding procedure The failure conditions identified in the Punycode encoding procedure
cannot occur if the input is a U-label as determined by the steps cannot occur if the input is a U-label as determined by the steps
above. above.
4.6. Insertion in the Zone 4.5. Insertion in the Zone
The A-label is registered in the DNS by insertion into a zone. The A-label is registered in the DNS by insertion into a zone.
5. Domain Name Lookup Protocol 5. Domain Name Lookup Protocol
Lookup is conceptually different from registration and different Lookup is conceptually different from registration and different
tests are applied on the client. Although some validity checks are tests are applied on the client. Although some validity checks are
necessary to avoid serious problems with the protocol (see necessary to avoid serious problems with the protocol (see
Section 5.5ff.), the lookup-side tests are more permissive and rely Section 5.5ff.), the lookup-side tests are more permissive and rely
on the assumption that names that are present in the DNS are valid. on the assumption that names that are present in the DNS are valid.
skipping to change at page 11, line 14 skipping to change at page 12, line 4
involving the user may read the string from a file or obtain it in involving the user may read the string from a file or obtain it in
some other way. Processing in this step and the next two are local some other way. Processing in this step and the next two are local
matters, to be accomplished prior to actual invocation of IDNA, but matters, to be accomplished prior to actual invocation of IDNA, but
at least the two steps in Section 5.2 and Section 5.3 must be at least the two steps in Section 5.2 and Section 5.3 must be
accomplished in some way. accomplished in some way.
5.2. Conversion to Unicode 5.2. Conversion to Unicode
The string is converted from the local character set into Unicode, if The string is converted from the local character set into Unicode, if
it is not already Unicode. The exact nature of this conversion is it is not already Unicode. The exact nature of this conversion is
beyond the scope of this document, but may involve normalization as beyond the scope of this document, but may involve normalization
described in Section 4.2. The result MUST be a Unicode string in NFC identical to that discussed in Section 4.1. The result MUST be a
form. Unicode string in NFC form.
5.3. Character Changes in Preprocessing or the User Interface 5.3. Character Changes in Preprocessing or the User Interface
The Unicode string MAY then be processed to prevent confounding of The Unicode string MAY then be processed to prevent confounding of
user expectations. For instance, it might be reasonable, at this user expectations. For instance, it might be reasonable, at this
step, to convert all upper case characters to lower case, if this step, to convert all upper case characters to lower case, if this
makes sense in the user's environment, but even this should be makes sense in the user's environment, but even this should be
approached with caution due to some edge cases: in the long term, it approached with caution due to some edge cases: in the long term, it
is probably better for users to understand IDNs strictly in lower- is probably better for users to understand IDNs strictly in lower-
case, U-label, form. More generally, preprocessing may be useful to case, U-label, form. More generally, preprocessing may be useful to
skipping to change at page 12, line 25 skipping to change at page 13, line 15
5.4. A-label Input 5.4. A-label Input
If the input to this procedure appears to be an A-label (i.e., it If the input to this procedure appears to be an A-label (i.e., it
starts in "xn--"), the lookup application MAY attempt to convert it starts in "xn--"), the lookup application MAY attempt to convert it
to a U-label and apply the tests of Section 5.5 and the conversion of to a U-label and apply the tests of Section 5.5 and the conversion of
Section 5.6 to that form. If the label is converted to Unicode Section 5.6 to that form. If the label is converted to Unicode
(i.e., to U-label form) using the Punycode decoding algorithm, then (i.e., to U-label form) using the Punycode decoding algorithm, then
the processing specified in those two sections MUST be performed, and the processing specified in those two sections MUST be performed, and
the label MUST be rejected if the resulting label is not identical to the label MUST be rejected if the resulting label is not identical to
the original. See also Section 6.1. the original. See the Name Server Considerations section of
[IDNA2008-Rationale] for additional discussion on this topic.
That conversion and testing SHOULD be performed if the domain name That conversion and testing SHOULD be performed if the domain name
will later be presented to the user in native character form (this will later be presented to the user in native character form (this
requires that the lookup application be IDNA-aware). If those steps requires that the lookup application be IDNA-aware). If those steps
are not performed, the lookup process SHOULD at least make tests to are not performed, the lookup process SHOULD at least make tests to
determine that the string is actually an A-label, examining it for determine that the string is actually an A-label, examining it for
the invalid formats specified in the Punycode decoding specification. the invalid formats specified in the Punycode decoding specification.
Applications that are not IDNA-aware will obviously omit that Applications that are not IDNA-aware will obviously omit that
testing; others MAY treat the string as opaque to avoid the testing; others MAY treat the string as opaque to avoid the
additional processing at the expense of providing less protection and additional processing at the expense of providing less protection and
skipping to change at page 13, line 15 skipping to change at page 14, line 4
o Labels that are not in NFC form as defined in [Unicode-UAX15]. o Labels that are not in NFC form as defined in [Unicode-UAX15].
o Labels containing prohibited code points, i.e., those that are o Labels containing prohibited code points, i.e., those that are
assigned to the "DISALLOWED" category in the permitted character assigned to the "DISALLOWED" category in the permitted character
table [IDNA2008-Tables]. table [IDNA2008-Tables].
o Labels containing code points that are identified in o Labels containing code points that are identified in
[IDNA2008-Tables] as "CONTEXTJ", i.e., requiring exceptional [IDNA2008-Tables] as "CONTEXTJ", i.e., requiring exceptional
contextual rule processing on lookup, but that do not conform to contextual rule processing on lookup, but that do not conform to
that rule. Note that this implies that a rule much be defined, that rule. Note that this implies that a rule much be defined,
not missing: a character that requires a contextual rule but for not null: a character that requires a contextual rule but for
which the rule is missing is treated in this step as having failed which the rule is null is treated in this step as having failed to
to conform to the rule. conform to the rule.
o Labels containing code points that are identified in in o Labels containing code points that are identified in
[IDNA2008-Tables] as "CONTEXTO", but for which no such rule [IDNA2008-Tables] as "CONTEXTO", but for which no such rule
appears in the table of rules. Applications resolving DNS names appears in the table of rules. Applications resolving DNS names
or carrying out equivalent operations are not required to test or carrying out equivalent operations are not required to test
contextual rules for "CONTEXTO" characters, only to verify that a contextual rules for "CONTEXTO" characters, only to verify that a
rule exists (although they MAY make such tests to give better rule is defined (although they MAY make such tests to give better
information to the user). information to the user).
o Labels whose first character is a combining mark (see o Labels whose first character is a combining mark (see
Section 4.3.3.2. Section 4.2.3.2.
In addition, the application SHOULD apply the following test. The In addition, the application SHOULD apply the following test. The
test may be omitted in special circumstances, such as when the lookup test may be omitted in special circumstances, such as when the lookup
application knows that the conditions are enforced elsewhere, because application knows that the conditions are enforced elsewhere, because
an attempt to look up and resolve such strings will almost certainly an attempt to look up and resolve such strings will almost certainly
lead to a DNS lookup failure except when wildcards are present in the lead to a DNS lookup failure except when wildcards are present in the
zone. However, applying the test is likely to give much better zone. However, applying the test is likely to give much better
information about the reason for a lookup failure -- information that information about the reason for a lookup failure -- information that
may be usefully passed to the user when that is feasible -- than DNS may be usefully passed to the user when that is feasible -- than DNS
resolution failure information alone. In any event, lookup resolution failure information alone. In any event, lookup
skipping to change at page 14, line 15 skipping to change at page 15, line 5
5.6. Punycode Conversion 5.6. Punycode Conversion
The validated string, a U-label, is converted to an A-label using the The validated string, a U-label, is converted to an A-label using the
Punycode algorithm with the ACE prefix added. Punycode algorithm with the ACE prefix added.
5.7. DNS Name Resolution 5.7. DNS Name Resolution
The A-label is looked up in the DNS, using normal DNS resolver The A-label is looked up in the DNS, using normal DNS resolver
procedures. procedures.
6. Name Server Considerations 6. Security Considerations
[[anchor15: Note in draft: If we really want this document to contain
only information that is necessary to proper implementation of IDNA
by implementers who are familiar with the DNS, the material in this
section is either tutorial, explanatory, or totally unnecessary.
Should some or all of it be moved back to Rationale?]]
6.1. Processing Non-ASCII Strings
Existing DNS servers do not know the IDNA rules for handling non-
ASCII forms of IDNs, and therefore need to be shielded from them.
All existing channels through which names can enter a DNS server
database (for example, master files (as described in RFC 1034) and
DNS update messages [RFC2136]) are IDN-unaware because they predate
IDNA. Other sections of this document provide the needed shielding
by ensuring that internationalized domain names entering DNS server
databases through such channels have already been converted to their
equivalent ASCII A-label forms.
Because of the design of the algorithms in Section 4 and Section 5 (a
domain name containing only ASCII codepoints can not be converted to
an A-label), there can not be more than one A-label form for any
given U-label.
As specified in RFC 2181 [RFC2181], the DNS protocol explicitly
allows domain labels to contain octets beyond the ASCII range
(0000..007F), and this document does not change that. Note, however,
that there is no defined interpretation of octets 0080..00FF as
characters. If labels containing these octets are returned to
applications, unpredictable behavior could result. The A-label form,
which cannot contain those characters, is the only standard
representation for internationalized labels in the DNS protocol.
6.2. DNSSEC Authentication of IDN Domain Names
DNS Security (DNSSEC) [RFC2535] is a method for supplying
cryptographic verification information along with DNS messages.
Public Key Cryptography is used in conjunction with digital
signatures to provide a means for a requester of domain information
to authenticate the source of the data. This ensures that it can be
traced back to a trusted source, either directly or via a chain of
trust linking the source of the information to the top of the DNS
hierarchy.
IDNA specifies that all internationalized domain names served by DNS
servers that cannot be represented directly in ASCII MUST use the
A-label form. Conversion to A-labels MUST be performed prior to a
zone being signed by the private key for that zone. Because of this
ordering, it is important to recognize that DNSSEC authenticates a
domain name containing A-labels or conventional LDH-labels, not
U-labels. In the presence of DNSSEC, no form of a zone file or query
response that contains a U-label may be signed or the signature
validated.
One consequence of this for sites deploying IDNA in the presence of
DNSSEC is that any special purpose proxies or forwarders used to
transform user input into IDNs must be earlier in the lookup flow
than DNSSEC authenticating nameservers for DNSSEC to work.
6.3. Root and other DNS Server Considerations
IDNs in A-label form will generally be somewhat longer than current
domain names, so the bandwidth needed by the root servers is likely
to go up by a small amount. Also, queries and responses for IDNs
will probably be somewhat longer than typical queries historically,
so EDNS0 [RFC2671] support may be more important (otherwise, queries
and responses may be forced to go to TCP instead of UDP).
7. Security Considerations
The general security principles and issues for IDNA appear in
[IDNA2008-Defs] with additional explanation in [IDNA2008-Rationale].
The comments below are specific to the registration and loopup
protocols specified in this document, but should be read in the
context of the material in the first of those documents and the
definitions and specifications, identified there, on which this one
depends.
This memo describes procedures for registering and looking up labels
that are not compatible with the preferred syntax described in the
base DNS specifications (STD13 [RFC1034] [RFC1035] and Host
Requirements [RFC1123]) because they contain non-ASCII characters.
These procedures depend on the use of a special ASCII-compatible
encoding form that contains only characters permitted in host names
by those earlier specifications. The encoding used is Punycode
[RFC3492]. No security issues such as string length increases or new
allowed values are introduced by the encoding process or the use of
these encoded values, apart from those introduced by the ACE encoding
itself.
Domain names (or portions of them) are sometimes compared against a
set of domains to be given special treatment if a match occurs, e.g.,
treated as more privileged than others or blocked in some way. In
such situations, it is especially important that the comparisons be
done properly, as specified in Requirement 2 of Section 3.1. For
labels already in ASCII form (i.e., are LDH-labels or A-labels), the
proper comparison reduces to the same case-insensitive ASCII
comparison that has always been used for ASCII labels.
The introduction of IDNA means that any existing labels that start Security Considerations for this version of IDNA except for the
with the ACE prefix would be construed as A-labels, at least until special issues associated with right to left scripts and characters
they failed one of the relevant tests, whether or not that was the are described in [IDNA2008-Defs]. Specific issues for labels
intent of the zone administrator or registrant. There is no evidence containing characters associated with scripts written right to left
that this has caused any practical problems since RFC 3490 was appear in [IDNA2008-BIDI].
adopted, but the risk still exists in principle.
8. IANA Considerations 7. IANA Considerations
IANA actions for this version of IDNA are specified in IANA actions for this version of IDNA are specified in
[IDNA2008-Tables] and discussed informally in [IDNA2008-Rationale]. [IDNA2008-Tables] and discussed informally in [IDNA2008-Rationale].
The components of IDNA described in this document do not require any The components of IDNA described in this document do not require any
IANA actions. IANA actions.
9. Contributors 8. Contributors
While the listed editor held the pen, the original versions of this While the listed editor held the pen, the original versions of this
document represent the joint work and conclusions of an ad hoc design document represent the joint work and conclusions of an ad hoc design
team consisting of the editor and, in alphabetic order, Harald team consisting of the editor and, in alphabetic order, Harald
Alvestrand, Tina Dam, Patrik Faltstrom, and Cary Karp. This document Alvestrand, Tina Dam, Patrik Faltstrom, and Cary Karp. This document
draws significantly on the original version of IDNA [RFC3490] both draws significantly on the original version of IDNA [RFC3490] both
conceptually and for specific text. This second-generation version conceptually and for specific text. This second-generation version
would not have been possible without the work that went into that would not have been possible without the work that went into that
first version and its authors, Patrik Faltstrom, Paul Hoffman, and first version and its authors, Patrik Faltstrom, Paul Hoffman, and
Adam Costello. While Faltstrom was actively involved in the creation Adam Costello. While Faltstrom was actively involved in the creation
of this version, Hoffman and Costello were not and should not be held of this version, Hoffman and Costello were not and should not be held
responsible for any errors or omissions. responsible for any errors or omissions.
10. Acknowledgements 9. Acknowledgments
This revision to IDNA would have been impossible without the This revision to IDNA would have been impossible without the
accumulated experience since RFC 3490 was published and resulting accumulated experience since RFC 3490 was published and resulting
comments and complaints of many people in the IETF, ICANN, and other comments and complaints of many people in the IETF, ICANN, and other
communities, too many people to list here. Nor would it have been communities, too many people to list here. Nor would it have been
possible without RFC 3490 itself and the efforts of the Working Group possible without RFC 3490 itself and the efforts of the Working Group
that defined it. Those people whose contributions are acknowledged that defined it. Those people whose contributions are acknowledged
in RFC 3490, [RFC4690], and [IDNA2008-Rationale] were particularly in RFC 3490, [RFC4690], and [IDNA2008-Rationale] were particularly
important. important.
Specific textual changes were incorporated into this document after Specific textual changes were incorporated into this document after
suggestions from the other contributors, Stephane Bortzmeyer, Vint suggestions from the other contributors, Stephane Bortzmeyer, Vint
Cerf, Mark Davis, Paul Hoffman, Kent Karlsson, Erik van der Poel, Cerf, Mark Davis, Paul Hoffman, Kent Karlsson, Erik van der Poel,
Marcos Sanz, Andrew Sullivan, Ken Whistler, and other WG Marcos Sanz, Andrew Sullivan, Ken Whistler, and other WG
participants. Special thanks are due to Paul Hoffman for permission participants. Special thanks are due to Paul Hoffman for permission
to extract material from his Internet-Draft to form the basis for to extract material from his Internet-Draft to form the basis for
Appendix A Appendix A
11. References 10. References
11.1. Normative References 10.1. Normative References
[IDNA2008-BIDI] [IDNA2008-BIDI]
Alvestrand, H. and C. Karp, "An updated IDNA criterion for Alvestrand, H. and C. Karp, "An updated IDNA criterion for
right-to-left scripts", July 2008, <https:// right-to-left scripts", July 2008, <https://
datatracker.ietf.org/drafts/draft-ietf-idnabis-bidi/>. datatracker.ietf.org/drafts/draft-ietf-idnabis-bidi/>.
[IDNA2008-Defs] [IDNA2008-Defs]
Klensin, J., "Internationalized Domain Names for Klensin, J., "Internationalized Domain Names for
Applications (IDNA): Definitions and Document Framework", Applications (IDNA): Definitions and Document Framework",
November 2008, <https://datatracker.ietf.org/drafts/ February 2009, <https://datatracker.ietf.org/drafts/
draft-ietf-idnabis-defs/>. draft-ietf-idnabis-defs/>.
[IDNA2008-Tables] [IDNA2008-Tables]
Faltstrom, P., "The Unicode Codepoints and IDNA", Faltstrom, P., "The Unicode Codepoints and IDNA",
July 2008, <https://datatracker.ietf.org/drafts/ July 2008, <https://datatracker.ietf.org/drafts/
draft-ietf-idnabis-tables/>. draft-ietf-idnabis-tables/>.
A version of this document is available in HTML format at A version of this document is available in HTML format at
http://stupid.domain.name/idnabis/ http://stupid.domain.name/idnabis/
draft-ietf-idnabis-tables-02.html draft-ietf-idnabis-tables-02.html
skipping to change at page 18, line 36 skipping to change at page 17, line 20
[Unicode-Scripts] [Unicode-Scripts]
The Unicode Consortium, "Unicode Standard Annex #24: The Unicode Consortium, "Unicode Standard Annex #24:
Unicode Script Property", February 2008, Unicode Script Property", February 2008,
<http://www.unicode.org/reports/tr24/>. <http://www.unicode.org/reports/tr24/>.
[Unicode-UAX15] [Unicode-UAX15]
The Unicode Consortium, "Unicode Standard Annex #15: The Unicode Consortium, "Unicode Standard Annex #15:
Unicode Normalization Forms", 2006, Unicode Normalization Forms", 2006,
<http://www.unicode.org/reports/tr15/>. <http://www.unicode.org/reports/tr15/>.
11.2. Informative References 10.2. Informative References
[ASCII] American National Standards Institute (formerly United [ASCII] American National Standards Institute (formerly United
States of America Standards Institute), "USA Code for States of America Standards Institute), "USA Code for
Information Interchange", ANSI X3.4-1968, 1968. Information Interchange", ANSI X3.4-1968, 1968.
ANSI X3.4-1968 has been replaced by newer versions with ANSI X3.4-1968 has been replaced by newer versions with
slight modifications, but the 1968 version remains slight modifications, but the 1968 version remains
definitive for the Internet. definitive for the Internet.
[IDNA2008-Rationale] [IDNA2008-Rationale]
Klensin, J., Ed., "Internationalizing Domain Names for Klensin, J., Ed., "Internationalizing Domain Names for
Applications (IDNA): Issues, Explanation, and Rationale", Applications (IDNA): Issues, Explanation, and Rationale",
November 2008, <https://datatracker.ietf.org/drafts/ February 2009, <https://datatracker.ietf.org/drafts/
draft-ietf-idnabis-rationale>. draft-ietf-idnabis-rationale>.
[RFC2136] Vixie, P., Thomson, S., Rekhter, Y., and J. Bound, [RFC2136] Vixie, P., Thomson, S., Rekhter, Y., and J. Bound,
"Dynamic Updates in the Domain Name System (DNS UPDATE)", "Dynamic Updates in the Domain Name System (DNS UPDATE)",
RFC 2136, April 1997. RFC 2136, April 1997.
[RFC2181] Elz, R. and R. Bush, "Clarifications to the DNS [RFC2181] Elz, R. and R. Bush, "Clarifications to the DNS
Specification", RFC 2181, July 1997. Specification", RFC 2181, July 1997.
[RFC2535] Eastlake, D., "Domain Name System Security Extensions", [RFC2535] Eastlake, D., "Domain Name System Security Extensions",
skipping to change at page 20, line 37 skipping to change at page 19, line 21
contexts or as part of running text in paragraphs. contexts or as part of running text in paragraphs.
9. Remove the dot separator from the mandatory part of the 9. Remove the dot separator from the mandatory part of the
protocol. protocol.
10. Make some currently-valid labels that are not actually IDNA 10. Make some currently-valid labels that are not actually IDNA
labels invalid. labels invalid.
Appendix B. Change Log Appendix B. Change Log
[[anchor24: RFC Editor: Please remove this appendix.]] [[anchor20: RFC Editor: Please remove this appendix.]]
B.1. Changes between Version -00 and -01 of draft-ietf-idnabis-protocol B.1. Changes between Version -00 and -01 of draft-ietf-idnabis-protocol
o Corrected discussion of SRV records. o Corrected discussion of SRV records.
o Several small corrections for clarity. o Several small corrections for clarity.
o Inserted more "open issue" placeholders. o Inserted more "open issue" placeholders.
B.2. Version -02 B.2. Version -02
skipping to change at page 22, line 15 skipping to change at page 20, line 48
o Revised for consistency with the new Definitions document and to o Revised for consistency with the new Definitions document and to
make the text read more smoothly. make the text read more smoothly.
B.7. Version -07 B.7. Version -07
o Multiple small textual and editorial changes and clarifications. o Multiple small textual and editorial changes and clarifications.
o Requirement for normalization clarified to apply to all cases and o Requirement for normalization clarified to apply to all cases and
conditions for preprocessing further clarified. conditions for preprocessing further clarified.
o Substantive change to Section 4.3.1, turning a SHOULD to a MUST o Substantive change to Section 4.2.1, turning a SHOULD to a MUST
(see note from Mark Davis, 19 November, 2008 18:14 -0800). (see note from Mark Davis, 19 November, 2008 18:14 -0800).
B.8. Version -08 B.8. Version -08
o Added some references and altered text to improve clarity. o Added some references and altered text to improve clarity.
o Changed the description of CONTEXTJ/CONTEXTO to conform to that in o Changed the description of CONTEXTJ/CONTEXTO to conform to that in
Tables. In other words, these are now treated as distinction Tables. In other words, these are now treated as distinction
categories (again), rather than as specially-flagged subsets of categories (again), rather than as specially-flagged subsets of
PROTOCOL VALID. PROTOCOL VALID.
o The discussion of label comparisons has been rewritten to make it o The discussion of label comparisons has been rewritten to make it
more precise and to clarify that one does not need to verify that more precise and to clarify that one does not need to verify that
a string is a [valid] A-label or U-label in order to test it for a string is a [valid] A-label or U-label in order to test it for
equality with another string. The WG should verify that the equality with another string. The WG should verify that the
current text is what is desired. current text is what is desired.
o Other changes to reflect post-IETF discussions or editorial o Other changes to reflect post-IETF discussions or editorial
improvements. improvements.
Author's Address B.9. Version -09
John C Klensin
1770 Massachusetts Ave, Ste 322
Cambridge, MA 02140
USA
Phone: +1 617 245 1457 o Removed Security Considerations material to Defs document.
Email: john+ietf@jck.com
Full Copyright Statement o Removed the Name Server Considerations material to Rationale.
That material is not normative and not needed to implement the
protocol itself.
Copyright (C) The IETF Trust (2008). o Adjusted terminology to match new version of Defs.
This document is subject to the rights, licenses and restrictions o Removed all discussion of local mapping and option for it from
contained in BCP 78, and except as set forth therein, the authors registration protocol.
retain all their rights.
This document and the information contained herein are provided on an o Removed some old placeholders and inquiries because no comments
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS have been received.
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property o Small editorial corrections.
The IETF takes no position regarding the validity or scope of any Author's Address
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any John C Klensin
assurances of licenses to be made available, or the result of an 1770 Massachusetts Ave, Ste 322
attempt made to obtain a general license or permission for the use of Cambridge, MA 02140
such proprietary rights by implementers or users of this USA
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any Phone: +1 617 245 1457
copyrights, patents or patent applications, or other proprietary Email: john+ietf@jck.com
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
 End of changes. 56 change blocks. 
259 lines changed or deleted 147 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/