nameprep

{{More citations needed|date=March 2024}}

Nameprep is the process of case-folding a string to lowercase and removal of some generally invisible code points before it is suitable to represent a domain name, or other such canonical name. It is used by the Internationalizing Domain Names in Applications (IDNA) standard, using the Unicode standard for NFKC normalization.

Nameprep is defined in RFC 3491, "Nameprep: A Stringprep Profile for Internationalized Domain Names (IDN)",{{Cite web|url=https://datatracker.ietf.org/doc/html/rfc3491|title=RFC 3491|date=March 2003 |access-date=8 March 2024 |last1=Hoffman |first1=Paul E. |last2=Blanchet |first2=Marc }} as a profile of stringprep, which is described in RFC 3454, "Preparation of Internationalized Strings ("stringprep")".{{Cite web|url=https://datatracker.ietf.org/doc/html/rfc3454|title=RFC 3454|date=January 2003 |access-date=8 March 2024 |last1=Hoffman |first1=Paul E. |last2=Blanchet |first2=Marc }}

It does not map lookalike characters to a single character nor prohibit the use of lookalike characters. There are good reasons for this, such as the fact that same sets of characters may be lookalikes in some fonts but not in others, and the fact that any decision on which character to map to will obviously provide a bias towards users of one script; but it also has potentially grave implications for security if not considered by the designers and administrators of systems based on nameprep (the best known example{{which|date=January 2022}}{{Citation needed|date=January 2022}} of this being VeriSign's handling of IDNA names in .com and .net).

See also

References