[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: idn.el and confusables.txt

From: Ted Zlatanov
Subject: Re: idn.el and confusables.txt
Date: Mon, 16 May 2011 13:31:44 -0500
User-agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)

On Mon, 16 May 2011 15:38:38 +0300 Eli Zaretskii <address@hidden> wrote: 

>> From: Ted Zlatanov <address@hidden>
>> Date: Sun, 15 May 2011 07:14:47 -0500
EZ> If we were to implement the full IDNA protocol, would the above be
EZ> enough?  Or will we need additional information?
>> Oh, all this has been for confusables (TR39) only.  IDNA and uni-idn.el
>> will have their own needs!

EZ> Granted, but I was asking whether IDNA implementation will need
EZ> anything from confusables.txt beyond what we discussed.  That is, will
EZ> a mapping of a character to a string be all IDNA needs to use the
EZ> information in confusables.txt?

I can't think of any other uses, so yes.  Lennart may want to comment.

>> IDNA is better described in http://unicode.org/reports/tr46/ and the
>> links at the end of that document (a whole bunch of RFCs).  I'm not
>> interested in implementing the IDNA code beyond supporting the current
>> character set detection because I don't think IDNA is popular enough,
>> but maybe Lennart and others want to do it.
>> For further possible markchars.el functionality, take a look at
>> http://www.unicode.org/reports/tr36/ (Unicode Security Considerations).
>> It talks about the confusables issues, IDNA issues, and bidi issues
>> among others.  It's a really good explanation of what security-related
>> functionality is needed from the confusables char-table and potentially
>> other places in Emacs.

EZ> Yes, I'm familiar with these specs, but I didn't try to design an
EZ> implementation of IDNA, so the answers to the above questions are not
EZ> clear to me.  If someone can explain how would an IDNA implementation
EZ> use confusables.txt, we could make sure that the tables we produce
EZ> from it will be good for IDNA as well, if and when someone will want
EZ> to implement it.

I may be misunderstanding, but I think you're sort of implying that IDNA
(in domain names and URLs) is the main use for confusables.txt.  I think
file names, shell interactions, and general text (especially source
code) are also important uses of that data because confusables in those
settings can introduce security issues.  Sorry if this is clear to you
and everyone else.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]