[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [idn] IDNA section 3.1 requirement 3
James Seng wrote:
I am also concern about "standardizing" how applications should flag out
IDN or determine dangerous IDNs etc. I dont see why we need
standardization in this area when we never really standardize the "lock
icon" for https or etc. Instead, I think we should let market force work
this out, and lets apps developers innovates on how to display these IDN
properly.
I'm afraid I disagree. I was having dinner with some Microsoft security
guys only this evening where we agreed that having the lock as a
standard image really helped, but now we need to move to a slightly more
fine-grained model and it would be extremely useful if everyone used the
same notations for the new trust states.
Having said that, I believe that if we get to a situation where we need
to "flag out IDN", we've failed.
Gerv