GNU bug report logs - #26634
26.0.50; The network security manager doesn't understand IDNA domains

Previous Next

Package: emacs;

Reported by: Lars Ingebrigtsen <larsi <at> gnus.org>

Date: Mon, 24 Apr 2017 03:14:02 UTC

Severity: normal

Tags: fixed

Found in version 26.0.50

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Lars Ingebrigtsen <larsi <at> gnus.org>
To: 26634 <at> debbugs.gnu.org
Subject: bug#26634: 26.0.50; The network security manager doesn't understand IDNA domains
Date: Fri, 13 Apr 2018 16:44:05 +0200

Lars Ingebrigtsen <larsi <at> gnus.org> writes:

> Lars Ingebrigtsen <larsi <at> gnus.org> writes:
>
>> If you type `M-x eww RET https://аррӏе.com RET', the NSM will then say:
>>
>> "certificate host doesn't match hostname"
>
> Hm...  Now Emacs refuses to load that URL completely...

OK; I've now fixed recent breakages so that we can access
https://аррӏе.com again.

Now the question is...  what do we do about this in the network security
manager.

If you go to that domain in Firefox, for instance, it won't say that
there's anything wrong with it...  because it isn't.  It's a totally
normal domain name consisting of ASCII characters and a CYRILLIC SMALL
LETTER PALOCHKA instead of the L.

`puny-highly-restrictive-domain-p' is not triggered for the domain, so
eww doesn't signal anything wrong with it, either.

So...  Do we say "fine, this is all fine" or do we ... do something?
:-)  Opinions welcome.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no
This bug report was last modified 6 years and 304 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.