From: Richard Wordingham (firstname.lastname@example.org)
Date: Tue Jan 23 2007 - 15:31:48 CST
Philippe Verdy wrote on Monday, January 22, 2007 9:14 AM
+AD4- For me, a pure HTML document that contains PUAs should be declared invalid
+AD4- or should remap all PUAs to non-characters with the same default +ACI-square
+AD4- box+ACI-, whatever their source, unless the HTMLdocuments instructs explicitly
+AD4- the browser to use a specific PUA convention.
+AD4- I consider this +ACI-PUA leakage bug+ACI- as a serious security issue, much more
+AD4- serious than a interoperability problem (which it is not). To close this
+AD4- bug, a protocol should be created to allow transmitting those private
+AD4- convention agreements, in addition to the character encoding information.
Isn't there already an existing protocol? It's something like, 'To read
this page properly, you need to install xxx font, which may be downloaded
from yyy.' It's used for hack fonts based on encoded scripts. Why allow
these and ban material using the PUA?
This archive was generated by hypermail 2.1.5 : Tue Jan 23 2007 - 17:15:03 CST