[idn] Re: CDNC Final Comments on Last call of IDN drafts

[Paul Hoffman / IMC <phoffman@imc.org>]

At 12:52 PM +0200 6/6/02, Simon Josefsson wrote:
>This means IDN is not guaranteed to be secure on non-Unicode systems.
>There are alot of non-Unicode systems out there today...

Nothing is ever guaranteed to be secure. Even if we supplied mapping 
tables, there is no guarantee that the mapping tables we supplied 
would match those already in use in those systems, so there will be 
the same security issues. In fact, we can be sure that some 
"standardized" mapping tables would disagree with those already 
implemented.

>  > When standards bodies for character sets define such equivalences, and
>>  when those equivalences gain popularity, it might be appropriate for
>>  the IDN effort to consider incorporating these new standards.
>
>This isn't an adequate solution IMHO, when the consequences of errors
>made by such standard bodies, or conflicts between different standard
>bodies, or different interpretations of said standards, or changes
>between different versions of those standards, or simply a complete
>lack of standardisation in the area (which is the situation today),
>may be exploitable for attacking systems on the Internet.

And your proposal for an adequate solution is....? Short of forcing 
every current system to use a single set of standardized mapping 
table (which is patently unrealistic), how could you ever avoid such 
an exploit?

Further, the exploit you descirbe is identical in every application 
that allows an encoding of the Unicode character set (such as UTF-8). 
Are you saying that we shouldn't allow any input in UTF-8 in any 
application until there is both a standard set of mapping tables and 
absolute conformance to them?

--Paul Hoffman, Director
--Internet Mail Consortium