Dear John, On Wed, Nov 14, 2018 at 7:59 PM Dmitry Belyavsky <beldmit@gmail.com> wrote:
On Wed, Nov 14, 2018 at 7:07 PM John Levine <john.levine@standcore.com> wrote:
On Wed, 14 Nov 2018, Dmitry Belyavsky wrote:
If I read the RFC 8398 correctly, to verify the chain we do not need to punycode anything. We need to unpunycode to compare email with nameConstraints.
I suppose, if you are 100% sure that the UTF-8 email you're comparing it with has the domain part fully normalized according to IDNA2008 specs.
Got your point.
If nameConstraints and email itself are encoded with the same errors, it will work; otherwise we get nasty errors.
I've got a response from Victor Dukhovni. His position is: 1. It's better to ask OpenSSL about their plans :) via openssl-project@openssl.org 2. (Limiting scope to EAI certificates) OpenSSL must trust the CA software that has provided punycode representation of the domain name. So we can decode A-labels and compare them. So the certificate itself can be verified, and questions whether the EAI address matches the address in From: header is out of scope of the certificate validation process. -- SY, Dmitry Belyavsky