<div dir="ltr">The UTC *did* what you say it should have done.<div><br></div><div>It did not revise Unicode 3.2; it changed a *later* version of the Unicode Standard, *and* issued a corrigendum so that people could either still claim conformance to U3.2 as it was, or could claim conformance to U3.2 with the corrigendum. From <a href="http://www.unicode.org/versions/corrigenda.html">http://www.unicode.org/versions/corrigenda.html</a> - <span class="Apple-style-span" style="font-style: italic; ">An implementation claiming conformance to any version of Unicode in that range <span class="Apple-style-span" style="font-weight: bold; ">may</span> also claim conformance to one or more of the corrigenda applicable to that version.</span></div>
<div><br></div><div>Until and if IDNA2003 was revised, it referred to U3.2 without the corrigendum, and was unaffected by any later corrigendum.</div><div><br></div><div>I agree with Martin that in an ideal world, IDNA2003 should have been had an erratum/corrigendum for that, but none was issued. And now, of course, this is completely moot, since the effects of the normalization changes from the UTC are stunningly small compared to the other changes from IDNA2003 to IDNA2008.</div>
<div><br clear="all">Mark<br>
<br><br><div class="gmail_quote">On Tue, Oct 14, 2008 at 8:45 AM, Simon Josefsson <span dir="ltr"><<a href="mailto:simon@josefsson.org">simon@josefsson.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
We are getting off-topic, so I'll try to finalize this aspect.<br>
<div class="Ih2E3d"><br>
Martin Duerst <<a href="mailto:duerst@it.aoyama.ac.jp">duerst@it.aoyama.ac.jp</a>> writes:<br>
<br>
> It is simply a fact that both implementations and specifications<br>
> are written by humans. It is a corollary that both implementations<br>
> and specifications occasionally contain bugs, and that when these<br>
> bugs are found, one has to carefully think about whether and how<br>
> to fix them. Treating specs as sacrosanct or written in stone<br>
> doesn't help at all.<br>
<br>
</div>Of course, but the normal approach is to revise the specification and<br>
let applications and specifications upgrade to it to fix the problem.<br>
My impression was that the UTC tried to fix existing implementations<br>
that needed to depend on the unfixed specification.<br>
<div class="Ih2E3d"><br>
> In the case at hand, the bug in the normalization operation that<br>
> (in theory) affected IDNA2003 was carefully considered, and it<br>
> was concluded that:<br>
> a) The bug only affected certain character combinations that<br>
> did not appear in practice, in particular not in domain names.<br>
<br>
</div>IDNA2003 supported profiles, and one of the profiles (SASLPrep) was used<br>
to prepare passwords rather than domain names. Passwords may contain<br>
such strings, although unlikely.<br>
<div class="Ih2E3d"><br>
> b) For the (nonexistent, see a)) data where the bug actually<br>
> would have affected normalization, the outcome before the<br>
> bug fix could lead to different or unexpected behavior for<br>
> different implementations because the bug violated a<br>
> (pretty obvious) idempotence assumption about normalization<br>
> that the designers of IDNA2003 had implicitly made.<br>
><br>
> So in practice, the effect of the bug fix on IDNA2003 was<br>
> none, and just in case there ever was one, it would have<br>
> been positive.<br>
<br>
</div>Sure, but I'm talking about the process around integrating the fix, not<br>
the fix itself.<br>
<div class="Ih2E3d"><br>
> In conclusion, I think it's good for spec writers to know that<br>
> implementers expect specs to be stable, and to do everything<br>
> possible to keep it that way. However, it's also important<br>
> for implementers to understand that specs aren't infallible,<br>
> and in case of bug fixes (called "errata" in the case of specs)<br>
> to look at them with a clear and open mind, rather than to<br>
> continue to spread FUD.<br>
<br>
</div>There were no errata for IDNA2003 in this area.<br>
<font color="#888888"><br>
/Simon<br>
</font><div><div></div><div class="Wj3C7c">_______________________________________________<br>
Idna-update mailing list<br>
<a href="mailto:Idna-update@alvestrand.no">Idna-update@alvestrand.no</a><br>
<a href="http://www.alvestrand.no/mailman/listinfo/idna-update" target="_blank">http://www.alvestrand.no/mailman/listinfo/idna-update</a><br>
</div></div></blockquote></div><br></div></div>