[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] nameprep2 and the slash homograph issue

To: Erik van der Poel <erik@vanderpoel.org>
Subject: Re: [idn] nameprep2 and the slash homograph issue
From: Gervase Markham <gerv@mozilla.org>
Date: Wed, 02 Mar 2005 08:56:05 +0000
Cc: idn@ops.ietf.org
In-reply-to: <42251159.1040300@vanderpoel.org>
Organization: mozilla.org
References: <421B8484.3070802@vanderpoel.org> <20050223072837.GA21463~@nicemice.net> <D872CCF059514053ECF8A198@scan.jck.com> <20050223105244.GE21463~@nicemice.net> <421CA114.9090302@vanderpoel.org> <20050224081721.GB12336~@nicemice.net> <421DEDFF.2000300@vanderpoel.org> <4225A87B.7030204@mozilla.org> <42251159.1040300@vanderpoel.org>
User-agent: Mozilla Thunderbird 1.0 (X11/20041206)

Erik van der Poel wrote:

Perhaps I was wrong to use the word "tool". There is a fundamental tension between security and user-friendliness.

Well, maybe. I'm not convinced the tension is absolute, but I agree you need to work very hard indeed to get both.

A couple of questions/comments: It might be nice to have this domain-only display even for non-secure sites (http).

We are probably going to change this for 1.1. It takes some careful thought so as not to confuse people.

Also, do you know what happens if the domain name is very long?


It just gets very long, currently.

Finally, do you have any thoughts about the slash homograph problem? Thanks.

Well, the current domain indicator will show the domain, slash homographs and all. We're still developing our response, but it's likely that we'll have to blacklist this character. Opera's new beta already has a small set of characters it doesn't allow.

Ideally, we wouldn't be acting unilaterally on this one, and would be doing the restrictions based on consensus. But before we can go there, we need to figure out what we think is needed first. That process is still going on.

Indeed, why wait? I filed a bug a while ago:
https://bugzilla.mozilla.org/show_bug.cgi?id=282079


Thanks :-)

My feeling is that a sans-serif font (such as Arial) places the characters too close to each other and does not have the serifs that often serve to distinguish the characters better. How about a fixed width font with serifs, such as Courier New?

The issue, of course, is that the font designation we use has to produce a good font on all platforms. This isn't fundamentally impossible, it just requires work and testing.

Gerv

Follow-Ups:
- Re: [idn] nameprep2 and the slash homograph issue
  - From: Erik van der Poel <erik@vanderpoel.org>

References:
- [idn] nameprep2 and the slash homograph issue
  - From: Erik van der Poel <erik@vanderpoel.org>
- Re: [idn] nameprep2 and the slash homograph issue
  - From: "Adam M. Costello" <idn.amc+0@nicemice.net.RemoveThisWord>
- Re: [idn] nameprep2 and the slash homograph issue
  - From: John C Klensin <klensin@jck.com>
- Re: [idn] nameprep2 and the slash homograph issue
  - From: "Adam M. Costello" <idn.amc+0@nicemice.net.RemoveThisWord>
- Re: [idn] nameprep2 and the slash homograph issue
  - From: Erik van der Poel <erik@vanderpoel.org>
- Re: [idn] nameprep2 and the slash homograph issue
  - From: "Adam M. Costello" <idn.amc+0@nicemice.net.RemoveThisWord>
- Re: [idn] nameprep2 and the slash homograph issue
  - From: Erik van der Poel <erik@vanderpoel.org>
- Re: [idn] nameprep2 and the slash homograph issue
  - From: Gervase Markham <gerv@mozilla.org>
- Re: [idn] nameprep2 and the slash homograph issue
  - From: Erik van der Poel <erik@vanderpoel.org>

Prev by Date: Re: [idn] Re: character tables
Next by Date: Re: [idn] nameprep2 and the slash homograph issue
Previous by thread: Re: [idn] nameprep2 and the slash homograph issue
Next by thread: Re: [idn] nameprep2 and the slash homograph issue
Index(es):
- Date
- Thread