Leaving out scripts (Re: Unicode versions (Re: Criteria for exceptional characters))

[Mark Davis]

That's a good point. I would point out however, that if my browser isn't
updated at least every few months for security problems, I have a *whole*
lot more to worry about than whether I can see mixed scripts or not, so the
lag is in practice not that bad. And I see baking it into the protocol
(IDNA) as the least flexible of these in terms of delay, since that takes
years to change.

Mark

On 12/21/06, Gervase Markham <gerv at mozilla.org> wrote:
>
> Mark Davis wrote:
> > I am not yet, however, so sure that it should be baked into the
> > protocol. This is a pretty big hammer, and it may be better to leave it
> > to the registrars and/or the user-agents, which have a lot more
> > flexibility. It is very simple for a user-agent to have a mixed-script
> > test, and then loosen it for particular languages where the spoofing
> > opportunities don't arise (eg mixing Latin and Devanagari).
>
> There's one big difference between implementing the mix test in browsers
> and implementing it at the registry level. If you implement it in
> browsers, then decide that a loosening is necessary in a particular
> case, you need to update 1 billion+ installed bits of software before
> you can sell the new IDNs. That would probably take, based on past
> experience, about four or five years.
>
> If you implement it at a registry policy level, you can start immediately.
>
> Gerv
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.alvestrand.no/pipermail/idna-update/attachments/20061221/0ab3bc23/attachment.html