* Gervase Markham: > On 01/04/09 16:58, Florian Weimer wrote: >> The ß-β near-collision is not a problem because ß is normalized to ss. >> I've been joking that the<http://www.buße.de> (which once was about >> buses, not penance) was one of the first IDNs. > > As a sidenote, the status of ß is one of the big arguments currently > going on in the IDN-revision working group.
Yes, the current behavior is clearly a mistake ... >> This highlights a significant problem with IDNA implementations: IDNA >> only makes sense as some sort of opaque hashing mechanism to get a >> resource from DNS. The protocol does not actually support going >> backwards, from IDNA-encoded name to the original Unicode string. The >> Mozilla implementation is totally broken in this regard. > > I'm sorry, I don't understand what you mean here. Are you saying that > the protocol doesn't support going from www.xn--caf-dma.com > www.café.com? Because it certainly does. ... because there actually is an official way to go back from Punycode to Unicode. I was under the impression (when the IDNA RFCs were ratified) that once you use Nameprep, the expectation was that you never go back from Punycode. You'd just keep using the representation you received from the Unicode-capable data source. However, with the explicit reverse mapping for Punycode and the way all this has actually been implemented, I can understand that the ß behavior is wrong in retrospect. (IMHO, the answer to the homograph issue is to give users better indicators and tools to see what's going on. Restricting the character set every few years with the accumulated badies doesn't appear to make much sense, and legitimate domain owners won't like it.) _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
