simon at josefsson.org
Sun Feb 20 16:14:05 CET 2011
Mark Davis ☕ <mark at macchiato.com> writes:
> That would work fine for me, with a slight change to wording.
>> Mark Davis also contributed to the document, but do not believe the
>> description of the issues in this document is optimal.
>> Mark Davis also contributed to the document, but does not believe the
>> solution for the issues discussed in this document is optimal.
Mark, what solution would you have preferred? I may have missed your
position from earlier discussion, but if we are close to a IETF-wide
last call on this it may be useful re-iterate your point succinctly to
see if others agree.
Personally I feel uncomfortable with changes that takes us from two
different compliant IDNA algorithms to three different compliant IDNA
algorithms depending on when in time you implemented the standards:
IDNA2003, IDNA2008-original, IDNA2008-revised. This is damaging from a
security perspective. I don't know what the alternative is though.
(If we consider non-compliant IDNA algorithms, there is also two other
IDNA2003 variants in wide use: 1) with improper PR-29 fix, and 2) with
improper dot-separation. On the client-side, the non-compliant
implementations are probably more common than compliant IDNA2003.)
More information about the Idna-update