Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update SmtpUTF8Mailbox support to RFC 9598 #24484

Open
davidben opened this issue May 23, 2024 · 0 comments
Open

Update SmtpUTF8Mailbox support to RFC 9598 #24484

davidben opened this issue May 23, 2024 · 0 comments
Labels
triaged: feature The issue/pr requests/adds a feature

Comments

@davidben
Copy link
Contributor

RFC 9598 was just published. It retracts RFC 8398 so that the domain names are expected to use A-labels. See this section for details:
https://www.rfc-editor.org/rfc/rfc9598.html#section-8

This means verifiers are no longer expected to evaluate punycode to convert name constraints. This change was motivated by OpenSSL's CVE-2022-3602 and CVE-2022-3786, because X.509 validators should not need punycode implementations in the first place. See also https://mailarchive.ietf.org/arch/msg/spasm/0D_ljgmD8y6J2OZ9L6GQubLSO9Q/

If you all update to the new one, you should be able to delete the punycode implementation.
@davidben davidben added the issue: bug report The issue was opened to report a bug label May 23, 2024
@t8m t8m added triaged: feature The issue/pr requests/adds a feature and removed issue: bug report The issue was opened to report a bug labels May 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triaged: feature The issue/pr requests/adds a feature
Projects
Project Board
Status: New
Milestone
No milestone
Development

No branches or pull requests
2 participants
@davidben @t8m