Re: IDN inclusion-based model

• Previous message: Chris Weber \(Casaba Security\): "RE: IDN inclusion-based model"
• In reply to: Chris Weber \(Casaba Security\): "RE: IDN inclusion-based model"
• Next in thread: Phillips, Addison: "RE: IDN inclusion-based model"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

That page is informational only. (For those who know, it is targeted at
IDNA2003 and not IDNAbis.) It simply categorizes valid IDNA2003 characters
according to script, and some potentially useful subcategories. While it may
be useful for registries in helping to guide choice of characters, in and of
itself it has no normative impact.

However, the characters valid in IDNA are defined by a set of RFCs, and any
implementation claiming conformance to those RFCs need to obey the
restrictions specified by them

Mark

On Wed, Jul 23, 2008 at 1:47 PM, Chris Weber (Casaba Security) <
chris@casabasecurity.com> wrote:

> So then is it safe to assume IDN Character Categorization documented at
> http://www.unicode.org/reports/tr36/idn-chars.html are recommendations
> only?
>
> Further is it safe to assume that user-agents like web browsers are free to
> recognize any Unicode code point (even the IDN-illegal ones from above) as
> valid?
>
> Chris
>
>
> -----Original Message-----
> From: Stephane Bortzmeyer [mailto:bortzmeyer@nic.fr]
> Sent: Wednesday, July 23, 2008 1:23 AM
> To: Chris Weber (Casaba Security)
> Cc: unicode@unicode.org
> Subject: Re: IDN inclusion-based model
>
> On Wed, Jul 23, 2008 at 12:33:06AM -0700,
> Chris Weber (Casaba Security) <chris@casabasecurity.com> wrote
> a message of 129 lines which said:
>
> > Is the decision for what's allowed to be included up to the
> > registrars?
>
> In most of the cases I know, it it up to the registry.
>
> > At that point, should it be up to user-agents or registrars, or
> > both, to ensure that legality is checked?
>
> All the registries I know check that the requested domain name
> complies with their local rules which include the list of authorized
> characters.
>
> A registry cannot rely on users or registrars to do the check because
> not all of them are nice people.
>
>
>
> From: unicode-bounce@unicode.org [mailto:unicode-bounce@unicode.org] On
> Behalf Of Chris Weber (Casaba Security)
> Sent: Wednesday, July 23, 2008 12:33 AM
> To: unicode@unicode.org
> Subject: IDN inclusion-based model
>
> How does the IDN Character Categorization documented at
> http://www.unicode.org/reports/tr36/idn-chars.html fit into the
> 'inclusion-based approach' referenced in
> http://www.unicode.org/reports/tr36/#Country_Specific_IDN_Restrictions,
> ICANN guidelines, and the RFC 4690?
>
> Is the decision for what's allowed to be included up to the registrars? Or
> can I gather from the idn-chars.html above that U+FF0F (FULLWIDTH SOLIDUS),
> for example, is an illegal? At that point, should it be up to user-agents
> or registrars, or both, to ensure that legality is checked?
>
> Thank you,
> Chris
>
>
>

• Next message: Phillips, Addison: "RE: IDN inclusion-based model"
• Previous message: Chris Weber \(Casaba Security\): "RE: IDN inclusion-based model"
• In reply to: Chris Weber \(Casaba Security\): "RE: IDN inclusion-based model"
• Next in thread: Phillips, Addison: "RE: IDN inclusion-based model"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.5 : Wed Jul 23 2008 - 16:22:31 CDT