From: Peter Kirk (peterkirk@qaya.org)
Date: Thu Mar 24 2005 - 05:55:55 CST
On 24/03/2005 06:51, Patrick Andries wrote:
> ...
> I wonder what extra security you gain by removing let say apostrophe,
> hyphen, middle dot ? There is nothing wrong using caseless letters or
> marks with other symbols from a bicameral script (it depends on the
> writing system, that is the language using these characters).
>
I suspect the real problem with apostrophe is more one of backward
compatibility with existing software. I remember some years ago a
colleague with an O'Connor type of name using the apostrophe in his
e-mail address. This worked with some software, but not with others
which treated the apostrophe as a separator or something similar. This
is not an argument for banning it in IDNs, but it might require that it
be processed as a non-ASCII character even if it is in fact U+0027. Or
perhaps it should be U+02BC, or U+2019? The security issue would of
course come in if these three, and other near look-alikes, are treated
as distinct allowable characters in IDNs. So perhaps this is a case
where all of them need to be folded on to just one of them.
There is not I think a problem with hyphen, as this is already part of
the allowed set.
-- Peter Kirk peter@qaya.org (personal) peterkirk@qaya.org (work) http://www.qaya.org/ -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.8.1 - Release Date: 23/03/2005
This archive was generated by hypermail 2.1.5 : Thu Mar 24 2005 - 05:58:22 CST