At 3:25 PM +0200 5/27/02, Simon Josefsson wrote: >I think the third paragraph of the security consideration should more >clearly express that IDNA actually is vulnerable to the attack if >machines, like most machines on the Internet, use legacy encodings.
It isn't clear what "the attack" is. There is clearly a problem for the user when System A transcodes text from Encoding X into Unicode differently than System B does, but I don't see what the security issue is. Could you provide some suggested wording for the security consideration? --Paul Hoffman, Director --Internet Mail Consortium
