[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] Unicode security issues (fwd)

To: Bill Manning <bmanning@ISI.EDU>
Subject: Re: [idn] Unicode security issues (fwd)
From: RJ Atkinson <rja@inet.org>
Date: Fri, 25 Aug 2000 16:26:50 -0400
Cc: idn@ops.ietf.org
Delivery-date: Fri, 25 Aug 2000 13:32:16 -0700
Envelope-to: idn-data@psg.com

At 16:10 25/08/00, Bill Manning wrote:
> A break from our discussions of registrars experimentation with 
> one form or another of multilingual support.
>
> It seems that use of unicode itself will inject new integrity/security
> concerns if/as it is deployed in the DNS.

No.  Those issues are handled as part of canonicalisation/normalisation
of an IDN.  It would still be possible for someone to implement badly, 
such that there are residual buffer overflow issues, but that would be 
an implementation shortcoming (though worth warning against in a
Security Considerations section), rather than a protocol or standards
problem.

Ran
rja@inet.org

Prev by Date: [idn] Unicode security issues (fwd)
Next by Date: RE: [idn] NSI Multilingual Testbed Information (fwd)
Prev by thread: [idn] Unicode security issues (fwd)
Next by thread: [idn] NSI Multilingual Testbed Information (fwd)
Index(es):
- Date
- Thread