Nameprep

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Nameprep is the process of case-folding to lowercase and removal of some generally invisible code points before it is suitable to represent a domain name, or other such canonical name. It is used by IDNA, using the Unicode standard for NFKC normalization.

Nameprep is defined in RFC 3491, "Nameprep: A Stringprep Profile for Internationalized Domain Names (IDN)", as a profile of Stringprep, which is described in RFC 3454, "Preparation of Internationalized Strings ("stringprep")."

It does not map lookalike characters to a single character nor prohibit the use of lookalike characters. There are good reasons for this, such as the fact that fonts differ in which characters are lookalikes, and the fact that any decision on which character to map to will obviously provide a bias towards users of one script, but it has potentially grave implications for security if not considered by the designers and administrators of systems based on nameprep (the best known example of this being VeriSign's handling of IDNA names in .com and .net).

See also[edit]