draft-ietf-lamps-eai-addresses-16.txt   draft-ietf-lamps-eai-addresses-17.txt 
LAMPS A. Melnikov, Ed. LAMPS A. Melnikov, Ed.
Internet-Draft Isode Ltd Internet-Draft Isode Ltd
Updates: 5280 (if approved) W. Chuang, Ed. Updates: 5280 (if approved) W. Chuang, Ed.
Intended status: Standards Track Google, Inc. Intended status: Standards Track Google, Inc.
Expires: July 15, 2018 January 11, 2018 Expires: August 15, 2018 February 11, 2018
Internationalized Email Addresses in X.509 certificates Internationalized Email Addresses in X.509 certificates
draft-ietf-lamps-eai-addresses-16 draft-ietf-lamps-eai-addresses-17
Abstract Abstract
This document defines a new name form for inclusion in the otherName This document defines a new name form for inclusion in the otherName
field of an X.509 Subject Alternative Name and Issuer Alternative field of an X.509 Subject Alternative Name and Issuer Alternative
Name extension that allows a certificate subject to be associated Name extension that allows a certificate subject to be associated
with an Internationalized Email Address. with an Internationalized Email Address.
This document updates RFC 5280. This document updates RFC 5280.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 15, 2018. This Internet-Draft will expire on August 15, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 47 skipping to change at page 3, line 47
restrictions as specified by Section 2.3.1 of [RFC5890] and SHALL be restrictions as specified by Section 2.3.1 of [RFC5890] and SHALL be
restricted to lower case letters. NR-LDH stands for "Non-Reserved restricted to lower case letters. NR-LDH stands for "Non-Reserved
Letters Digits Hyphen" and is the set of LDH labels that do not have Letters Digits Hyphen" and is the set of LDH labels that do not have
"--" characters in the third and forth character position, which "--" characters in the third and forth character position, which
excludes "tagged domain names" such as A-labels. Consistent with the excludes "tagged domain names" such as A-labels. Consistent with the
treatment of rfc822Name in [RFC5280], SmtpUTF8Mailbox is an envelope treatment of rfc822Name in [RFC5280], SmtpUTF8Mailbox is an envelope
<Mailbox> and has no phrase (such as a common name) before it, has no <Mailbox> and has no phrase (such as a common name) before it, has no
comment (text surrounded in parentheses) after it, and is not comment (text surrounded in parentheses) after it, and is not
surrounded by "<" and ">". surrounded by "<" and ">".
Due to operational reasons to be described shortly and name Due to name constraint compatibility reasons described in Section 6,
constraint compatibility reasons described in Section 6, SmtpUTF8Mailbox subjectAltName MUST NOT be used unless the local-part
SmtpUTF8Mailbox subjectAltName MUST only be used when the local-part
of the email address contains non-ASCII characters. When the local- of the email address contains non-ASCII characters. When the local-
part is ASCII, rfc822Name subjectAltName MUST be used instead of part is ASCII, rfc822Name subjectAltName MUST be used instead of
SmtpUTF8Mailbox. This is compatible with legacy software that SmtpUTF8Mailbox. This is compatible with legacy software that
supports only rfc822Name (and not SmtpUTF8Mailbox). The appropriate supports only rfc822Name (and not SmtpUTF8Mailbox). The appropriate
usage of rfc822Name and SmtpUTF8Mailbox is summarized in Table 1 usage of rfc822Name and SmtpUTF8Mailbox is summarized in Table 1
below. below.
SmtpUTF8Mailbox is encoded as UTF8String. The UTF8String encoding SmtpUTF8Mailbox is encoded as UTF8String. The UTF8String encoding
MUST NOT contain a Byte-Order- Mark (BOM) [RFC3629] to aid MUST NOT contain a Byte-Order- Mark (BOM) [RFC3629] to aid
consistency across implementations particularly for comparison. consistency across implementations particularly for comparison.
skipping to change at page 4, line 30 skipping to change at page 4, line 29
+-----------------+-------------+--------------+-----------------+ +-----------------+-------------+--------------+-----------------+
non-ASCII may additionally include ASCII characters. non-ASCII may additionally include ASCII characters.
Table 1: Email address formatting Table 1: Email address formatting
4. IDNA2008 4. IDNA2008
To facilitate comparison between email addresses, all email address To facilitate comparison between email addresses, all email address
domains in X.509 certificates MUST conform to IDNA2008 [RFC5890] (and domains in X.509 certificates MUST conform to IDNA2008 [RFC5890] (and
avoids any "mappings" mentioned in that document). Use of non- avoid any "mappings" mentioned in that document). Use of non-
conforming email address domains introduces the possibility of conforming email address domains introduces the possibility of
conversion errors between alternate forms. This applies to conversion errors between alternate forms. This applies to
SmtpUTF8Mailbox and rfc822Name in subjectAltName, issuerAltName and SmtpUTF8Mailbox and rfc822Name in subjectAltName, issuerAltName and
anywhere else that these are used. anywhere else that these are used.
5. Matching of Internationalized Email Addresses in X.509 certificates 5. Matching of Internationalized Email Addresses in X.509 certificates
In equivalence comparison with SmtpUTF8Mailbox, there may be some In equivalence comparison with SmtpUTF8Mailbox, there may be some
setup work on one or both inputs depending of whether the input is setup work on one or both inputs depending of whether the input is
already in comparison form. Comparing SmtpUTF8Mailboxs consists of a already in comparison form. Comparing SmtpUTF8Mailboxs consists of a
 End of changes. 5 change blocks. 
7 lines changed or deleted 6 lines changed or added

This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/