Skip to content

Commit

Permalink
tweak intl domain name note to clarify verbiage
Browse files Browse the repository at this point in the history
Signed-off-by: Daniel Hardman <[email protected]>
  • Loading branch information
dhh1128 committed Jan 13, 2024
1 parent 1cecada commit 0f63f38
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion spec/security_considerations.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ requirements.

### International Domain Names

Like `did:web`, due to [[spec:DID-CORE]] identifier syntax not allowing Unicode in method name or method specific identifiers, implementers should be cautious when implementing support for DID URLs that rely on domain names or path components that contain Unicode characters.
As with `did:web`, implementers of this method should consider how non-ASCII characters manifest in URLs and DIDs. The [[spec:DID-CORE]] identifier syntax does not allow the direct representation of such characters in method name or method specific identifiers. This prevents a `did:webs` value from embodying a homograph attack. However, `did:webs` can hold data encoded with punycode or percent encoding. This means that IRIs constructed from DID values could contain non-ASCII characters that were not obvious in the DID, surprising a casual human reader. Caution is therefore recommended when treating a `did:webs` as the equivalent of an IRI. Treating it as the equivalent of a URL, instead, preserves the punycode and percent encoding and is therefore safe.

See also:
* [UTS-46](https://unicode.org/reports/tr46/)
Expand Down

0 comments on commit 0f63f38

Please sign in to comment.