Re: IDN Security

From: Peter Kirk (peterkirk@qaya.org)
Date: Tue Feb 15 2005 - 04:46:51 CST

Next message: Michael Everson: "Re: 03F3 j Greek Letter yot (was Re: IDN problem.... :( )"

Previous message: Cary Karp: "Re: IDN Security"
In reply to: Mark E. Shoulson: "Re: IDN Security"
Next in thread: Neil Harris: "Re: IDN Security"
Reply: Neil Harris: "Re: IDN Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Mail actions: [ respond to this message ] [ mail a new topic ]

On 15/02/2005 00:55, Mark E. Shoulson wrote:

> ...
>
> Why are the YOD-YOD and VAV-YOD and DOUBLE-VAV digraphs considered
> atomic? Typographically they're often realized as two separate
> letters, even in Yiddish. On the other hand, the ALEF-LAMED ligature
> is more likely to deserve consideration as an atomic character (but
> not enough that I'd actually argue for it), and yet it's missing.
> What gives?

Whether or not they are formally decomposable in Unicode (and my feeling
is that it is a mistake that they are not at least as compatibility
decompositions, but then I don't know Yiddish), they are clearly
confusable with strings of separate letters. And that can serve as a
reminder that confusability is a property of strings, not individual
letters. It has already been mentioned that "rn" is confusable with
"m", and we have all seen cases of "\/" used for deliberately spoofing "V".

>
> Having all the vowels and accents(!) available, in Hebrew and in
> Arabic as well, is almost certainly overkill (I can't imagine anyone
> would want to complicate a URL so much), but I suppose it's okay for
> completeness' sake.

I agree that it is overkill but not that it is OK. Hebrew vowels and
accents are too small and confusable to be suitable for use in IDNs, at
least unless much larger character sizes are used. But there are all
sorts of spoofing opportunities here. Hebrew IDNs should be base
characters only, or at least versions with points should be folded with
and treated as synonymous with unpointed versions. In fact I would
suggest the same for all scripts, but maybe the French, Germans etc want
IDNs distinguished only by accents, umlaut etc.

>
> ...
> The dingbats, obviously, are going to be an interesting battleground
> of domain buyers...

Those trying to use dingbats as a kind of corporate logo IDN should be
warned that glyphs are not standardised. I once (for fun) made a font
for a Mac with a rotten apple core glyph (complete with worm) for the
apple character! ;-)

-- 
Peter Kirk
peter@qaya.org (personal)
peterkirk@qaya.org (work)
http://www.qaya.org/
-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.8.7 - Release Date: 10/02/2005

Next message: Michael Everson: "Re: 03F3 j Greek Letter yot (was Re: IDN problem.... :( )"
Previous message: Cary Karp: "Re: IDN Security"
In reply to: Mark E. Shoulson: "Re: IDN Security"
Next in thread: Neil Harris: "Re: IDN Security"
Reply: Neil Harris: "Re: IDN Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.5 : Tue Feb 15 2005 - 04:48:37 CST