From: Simon Montagu (smontagu@smontagu.org)
Date: Wed Mar 18 2009 - 14:18:09 CST
On 03/18/2009 08:42 PM, John H. Jenkins wrote:
>
> On Mar 17, 2009, at 11:05 PM, Chris Weber wrote:
>
>> In I’m reading RFC 3491 correctly, then IDNA allows for unassigned
>> code points to exist in strings and domain names. This makes spoofing
>> attacks possible when one these code points don’t have associated
>> glyphs and basically show up as white space.
>
> If a system has no font that will cover a certain character, it should
> not be showing white space. Typically you'll see boxes of some sort,
> which is the better thing to do, as it lets the user know that there's
> something there.
Normally Firefox displays the hexadecimal code point in a box for
characters with no font coverage, but apparently there are fonts on
Vista (batang.ttc and gulim.ttc) that have blank glyphs defined for
U+115A-U+115E.
This archive was generated by hypermail 2.1.5 : Wed Mar 18 2009 - 14:20:27 CST