Description | It is possible to add domains to my account which contains non ascii characters. This is possible as all other checks (whois, mailping) gets internally translated into ace encoding. However these domains are of no use as the signing process seems to require an CN in ascii.
The Input should be checked to be RFC1035 2.3.1 compliant. If it does contain non compliant characters the user could be asked if he wants to enter an IDN which helps the user to ACE encode the string entered and explain him why the string entered and domain listed looks different. I have not seen yet how ace encoded domains are listet, but I would suggest showing them both decoded and encoded would fit into the purpose to train CAcert users about the technology involved. |
---|