Re: [idn] new I-D: Safely Encoding of likeness information into ACE label version 0.2

["James Seng/Personal" <James@Seng.cc>]

Okay folk.

I have recieved some offline comments that this topic on "look-alive" is
way out-of-scope for the IDN WG, which I agree, I have to kill this
topic on the wg. I think it is inappropriate to continue this discussion
given that it is not within the Pool and beyond the charter for this wg.
We should focus on what is in the Pool and to build consensus around it.

Therefore, I would appreciate if this discussion would be carried
off-line with the author or to some other forum (suggestion: try Unicode
Consortium) on the topic of normalization of "look-alive" characters.

The portion of this work that does related to IDN is probably the
security concern of "look alike" characters. If the authors is still
interested to pursue this within the idn wg, then I would suggest the
draft to be modified to be an investigation of the security impacts.

Thanks!

-James Seng


----- Original Message -----
From: "Adam M. Costello" <amc@cs.berkeley.edu>
To: <idn@ops.ietf.org>
Sent: Monday, July 30, 2001 12:01 PM
Subject: Re: [idn] new I-D: Safely Encoding of likeness information into
ACE label version 0.2


> Soobok Lee <lsb@postel.co.kr> wrote:
>
> > Even If we normalize U+6046 into U+6052 ( or U+30AB -> U+529B ), my
> > I-D's likeness encoding will allow recover U+6046 (or U+30AB) as
long
> > as applications do not casefold the produced ACE label.
>
> Today's ASCII domain names already allow visually similar characters
> that don't match (0O 1lI 2Z 5S 6G) and people have lived with it for
> a long time, so I don't think we should feel obligated to eliminate
> this problem in IDNs, especially if it means significantly increasing
> complexity and decreasing efficiency, which it appears to do.
>
> AMC
>