That comment from the public-iri list has been disposed a long time ago by the authors of the now RFC 3987 (IRI). BIDI introduces its own set of security issues on IDN and IRI but these issues are not homograph related.
Furthermore, the recommendation concerning mix of rtl and ltr characters in IRI (such mix may make the host name in a IRI visually undetectable because of the mix with with path and query parts) is only a 'should' in RFC speak, because an IRI (as well as URI) may be opaque (i.e, never visually displayed). However it is pretty clear that it is expected that a user agent displaying an IRI containing bidi content would enforce the IRI bidi restrictions. In all cases the IDN bidi restrictions apply. Please refere to the IRI RFC for more details. Michel -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Soobok Lee Sent: Wednesday, February 23, 2005 1:03 AM To: Soobok Lee Cc: [email protected] Subject: Re: [idn] another BIDI/ASCII representation problem on w3.org Soobok Lee wrote: > > Even stringprep-validated name label maybe cause problems when being > prefixed by name lable ==> BIDI name lable. this label may be arabic or hebrew one. > > digits-only label or digits-only mailbox names. If we should redesign > stringprep/nameprep we should take the following BIDI issue together. > > Please see this article from W3.org: > > http://lists.w3.org/Archives/Public/public-iri/2003Sep/0000.html > > Soobok Lee
