Replies inline. On 11/14/18 3:04 AM, Dmitry Belyavsky wrote:
Dear John,
As I wrote before, I've started to implement RFC 8399 and the show-stopper for now is obtaining a set of test cases.
The UASG document talking about library support has a list of test cases although I'm not sure they're exhaustive. It's a starting point anyway.
OpenSSL team does not want to link OpenSSL with, say, libidn (and to implement IDN conversion inside the library for domains). I've found out that 2-3 functions inherited from RFC 3492 will fit all the purposes necessary to implement RFC 8399.
Is there an email conversation or bug report I can read to catch up on upstream's current state of mind on this? Secondly, what's your current progress on this? It was your original posting that inspired me to look at this (and I think I commented on it then). OpenSSL is under a weird license so they really can't link to external libraries and not to (L)GPL code so adding the necessary support for U-labels will likely require rolling your own code or finding an implementation in the public domain and cutting it down to size for direct embedding in the BIO module of OpenSSL. Getting support for U-labels will be a major win for IDNs as it simplifies IDNs for all OpenSSL applications, and opens the door to getting EAI S/MIME working. I'd also like to see a fairly extensive shakedown of TLS in general with IDNs to see if we can shake loose any bugs especially in regards to revocation, OCSP stapling, AIA, and certificate transparency. Michael