Description of problem: Internationalized domain names exist for quite some time (IDNA2003), although the protocols describing them have evolved in an incompatible way (IDNA2008). These incompatibilities will prevent applications written for IDNA2003 to access certain problematic domain names defined with IDNA2008, e.g., faß.de is translated to domain xn--fa-hia.de with IDNA2008, while in IDNA2003 it is translated to fass.de domain. That not only causes incompatibility problems, but may be used as an attack vector to redirect users to different web sites. The change is about deprecating libidn, which supports IDNA2003, and switch all applications using libidn, to libidn2 2.0.0, which supports IDNA2008. The switch should be transparent as the libidn2 library is API compatible. See instructions at: https://libidn.gitlab.io/libidn2/manual/libidn2.html#Converting-from-libidn This is part of the IDNA2008 change: https://fedoraproject.org/wiki/Changes/IDNA2008 If upstream is not aware of that change please involve them on the process.
A bit more comple fox this extension which expose these functions to user land. BTW, this extension can use - libicu (both 2003 and 2008) - libidn (2003) - libidn2 (2008) - libidnkit - libidnkit2 So dropping libidn dependency, and only requires on libicu seems the way to go.
I'd use libidn2 due to being more compact than libicu, but libicu change seems reasonable if that would bring IDNA2008.
Additional information: This extension use 2008 by default (excepted if option force 2003 usage) Fixed in: http://pkgs.fedoraproject.org/cgit/rpms/php-pecl-http.git/commit/?h=master&id=572a49493e516c29f7b357db22bb8fc1644cab2e
thank you