[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[idn] Re: Document Status?

To: Patrik Fältström <paf@cisco.com>
Subject: [idn] Re: Document Status?
From: Simon Josefsson <jas@extundo.com>
Date: Mon, 02 Sep 2002 08:25:05 +0200
Cc: Soobok Lee <lsb@postel.co.kr>, "vinton g. cerf"<vinton.g.cerf@wcom.com>, IETF idn working group <idn@ops.ietf.org>
In-reply-to: <38116291.1030950319@localhost> (PatrikFältström's message of "Mon, 02 Sep 2002 07:05:19+0200")
References: <5.1.0.14.0.20020831142253.03198200@mail.jefsey.com><5.1.1.2.2.20020830092156.042c6600@jay.songbird.com><3CD14E451751BD42BA48AAA50B07BAD60336FDA3@vsvapostal3.prod.netsol.com><5.1.1.2.2.20020830092156.042c6600@jay.songbird.com><5.1.1.2.2.20020830110236.0260f0b0@jay.songbird.com><01cd01c25096$b6845ec0$8e00a8c0@JAMESSONYVAIO><3609004.1030770370@localhost><5.1.0.14.0.20020831142253.03198200@mail.jefsey.com><5.1.1.6.2.20020901083625.0274e508@pop.wcomnet.com><35299856.1030903380@localhost> <20020901185904.GA3431@postel.co.kr><ilu65xp4i7x.fsf@latte.josefsson.org> <38116291.1030950319@localhost>
User-agent: Gnus/5.090008 (Oort Gnus v0.08) Emacs/21.3.50(i686-pc-linux-gnu)

Patrik Fältström <paf@cisco.com> writes:

> --On 2002-09-01 21.34 +0200 Simon Josefsson <jas@extundo.com> wrote:
>
>> The specifications seems quite clear on what should happen here -- if
>> there is no negotiation, ACE should be used.  TTY MUAs therefor must
>> display ACE strings as there is no negotiation between xterm and the
>> MUA that an IDNA string is being displayed.
>
> It is not more strange than what we have for Subject-lines today.

There is a important difference; subject lines aren't used to route
mail or identify persons.

If I cut'n'paste a subject line and it is garbled, the only harm will
be a garbled subject line.

If I cut'n'paste an IDN email address and it is garbled, I will send
mail to the wrong person, potentially even encrypted mail embedding
sensitive information, as security systems like OpenPGP and S/MIME
uses email addresses to identify people.

Just making IDN "work", as in displaying fancy glyphs, isn't good
enough, it also shouldn't generate new security problems.  MIME only
dealt with the data, it did not modify interpretation of the
addressing system, and still managed to generate security problems.

Follow-Ups:
- [idn] Re: Document Status?
  - From: Patrik Fältström <paf@cisco.com>

References:
- Re: [idn] Document Status?
  - From: "JFC (Jefsey) Morfin" <jefsey@jefsey.com>
- Re: [idn] Document Status?
  - From: Dave Crocker <dhc@dcrocker.net>
- [idn] Document Status?
  - From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
- Re: [idn] Document Status?
  - From: Dave Crocker <dhc@dcrocker.net>
- Re: [idn] Document Status?
  - From: "James Seng" <jseng@pobox.org.sg>
- Re: [idn] Document Status?
  - From: John C Klensin <klensin@jck.com>
- Re: [idn] Document Status?
  - From: "vinton g. cerf" <vinton.g.cerf@wcom.com>
- Re: [idn] Document Status?
  - From: Patrik Fältström <paf@cisco.com>
- Re: [idn] Document Status?
  - From: Soobok Lee <lsb@postel.co.kr>
- [idn] Re: Document Status?
  - From: Simon Josefsson <jas@extundo.com>
- [idn] Re: Document Status?
  - From: Patrik Fältström <paf@cisco.com>

Prev by Date: Re: [idn] Re: Document Status?
Next by Date: [no subject]
Previous by thread: Re: [idn] Re: Document Status?
Next by thread: [idn] Re: Document Status?
Index(es):
- Date
- Thread