Why is OpenSSL using punycode? To do internationalized domain name parsing? | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

TacticalCoder 6 months ago | parent | context | favorite | on: Why the OpenSSL punycode vulnerability was not det...

Why is OpenSSL using punycode? To do internationalized domain name parsing?

amiga386 6 months ago | [–]

I would assume it's needed for hostname validation. Is one hostname equivalent to another? Does this wildcard match this hostname?

EDIT: I looked it up. It is used to implement RFC 8398 (Internationalized Email Addresses in X.509 Certificates)

https://www.rfc-editor.org/rfc/rfc8398#section-5

cryptonector 6 months ago | [–]

Yes.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact