[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [idn] length restrictions on IDN label
Paul Hoffman / IMC wrote:
At 10:10 PM +0900 10/14/02, Soobok Lee wrote:
Most applications programmer have been reserving 256 bytes for any LDH
FQDN buffer space .
It is amazingly arrogant for anyone to make statements about "most
I accepted. :-)
But that convention should be changed to cover the cases of long utf8
IDN FQDN which may be
3 or 4 times longer than 256 octets.
Why just UTF8? Why not UTF16? Or GB? Or ... ?
I already mentioned other encodings in the early postings.
"6. Apply ToASCII "
If this warning is neglected by application programmers,
some remote malicious crackers will send to users' applications long ACE
IDNs manufactured to
cause buffer overflow errors when toUnicoded and seaze control of the
Oh, come on. Step 6 of ToUnicode is exactly two words long. Which one
of those two words do you think that other applications programmers
will not understand?
is for verification purpose and it won't change that situation.
Step 8 of ToUnicode function which may have enough buffer space itself
will return long unicode string result to cal;ling applications that
may have shorter buffer space.
--Paul Hoffman, Director
--Internet Mail Consortium