@thisismissem @by_caballero @cocoa_vrc Here's the translation:

According to Section 4 (“Definition”) of RFC 7565, which defines the acct URI scheme:

If an application needs to compare two 'acct' URIs (e.g., for purposes of authentication and authorization), it MUST do so using case normalization and percent-encoding normalization as specified in Sections 6.2.2.1 and 6.2.2.2 of RFC 3986.

This leads us to examine Section 6.2.2.1 (“Case Normalization”) of RFC 3986, which states (the emphasis is mine):

When a URI uses components of the generic syntax, the component syntax equivalence rules always apply; namely, that the scheme and host are case-insensitive and therefore should be normalized to lowercase. For example, the URI HTTP://www.EXAMPLE.com/ is equivalent to http://www.example.com/. The other generic syntax components are assumed to be case-sensitive unless specifically defined otherwise by the scheme.

Therefore:

1. For acct: URIs:

   • The scheme part (acct:) is case-insensitive
   • The host part (after @) is case-insensitive
   • The userpart (before @) is case-sensitive, as RFC 7565 does not specify otherwise

2. This means that:

   • acct:FOO@example.com and acct:foo@example.com are different URIs
   • acct:user@EXAMPLE.COM and acct:user@example.com are equivalent
   • ACCT:user@example.com and acct:user@example.com are equivalent

This interpretation follows directly from the combination of the normalization requirements in RFC 7565 and the case sensitivity rules defined in RFC 3986.

@hongminhee @thisismissem @by_caballero @cocoa_vrc

Last time I looked into it, opinions were split. My own conclusion was identical to @hongminhee's, but I've seen arguments in the opposite direction based on other specs (I have sadly forgotten which ones).

I think the current gold standard is to preserve and respect username capitalization as given by the origin server, and not trying to normalize username case.

Misskey used to force acct: URIs to lower case. I wonder if it still does that.