[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [idn] Fw: Cyrillics - Latin
On Mon, Feb 04, 2002 at 11:09:34AM -0500, John C Klensin wrote:
> --On Monday, 04 February, 2002 08:01 -0800 Mark Davis
> > On the other hand, I think it would be quite useful--as I
> > suggested some time ago--to add some text that strongly
> > recommended that browsers and similar programs that display
> > URLs indicate with some sort of visual mechanism where they
> > contains mixed scripts, e.g. highlight those characters not in
> > the script of the majority of the characters (with a different
> > color or background).
>
> I believe that it would be a significant service to the
> community --I would suggest that it is nearly necessary-- to
> write strong "security considerations" sections for these
> documents, or separate documents, that explicitly identify the
> character and range of as many of these problems as are
> well-understood. I think that incorporating suggestions like
> Mark's into such explanations would be very helpful.
Dear John C Klensin and others,
Even though I doubt whether peoples out there may take "security
considerations" seriously enough to minimize problems, this is
one of what we MUST do.
I want to elaborate this idea a little bit. The security consideration
section should cover at least three areas;
* For IDNA implementers
* For zone administrators (especially gTLD registries)
* For end users
Some may disagree with second and/or third area, we should never
forget that all of those problems will arise from registration
and use of domain name not from bad implementation.
Regards
--
/*------------------------------------------------
YangWoo Ko : newcat@spsoft.co.kr
We Invent Enterprise Software Solutions
and Make You Secure & Powerful.
------------------------------------------------*/