Proposed new Firefox IDN display algorithm
J-F C. Morfin
jfc at morfin.org
Sat Jan 28 20:36:55 CET 2012
At 19:38 20/01/2012, Gervase Markham wrote:
>Comments, particularly on the "Possible Issues and Open Questions",
>would be very welcome.
I will answer this for the records, as you will probably not consider it :-).
>If we just display any possible IDN domain label, we open ourselves
>up to IDN homograph attacks,
who are this "ourselves". It should be the users.
Users do not mind the browser they use and expect to reach the same
host with the same entry. Otherwise this is Foxnet. I.E. you say:
>I think that this would make us display a superset of the IDN
>domains that the other browsers display, in a way which was
>consistent across all copies of Firefox (maintaining the certainty
>which is a benefit of the current system) and which was pretty safe
Is that not some sort of balkanization if this is imposed on every users?
>Should we document our character hard-blacklist as part of this
>exercise? Are any characters in it legal in IDNA2008?
>Do we want to allow the user to choose between multiple "restriction
>levels", or have a hidden pref? There are significant downsides to
The browser should be IDNA neutral. What you discuss is a user IDNA
layer. You may want to add it to Firefox as an extention/plugin:
actually it should be like an OPES subject to a presentation layer standard.
The way I read IDNA2008, this OPES is to be deployed as part of the
presentation layer interface. The resulting architectural framework
the emerging IUTF is to work on is explored at:
Please note that this I_D does not document how/where the
presentation layer support is to occur. This because IMHO there may
be several possible propositions. My working reference is the PLUS
approach (Plugged Layers on the User side) that initially adds 2.5
extended network layers on the user systems:
1. extended network applications
3. exploratory support of the presentation layer at the ML-DNS level,
with a multilayered vision of a digital name pile (ASCII, IDNA2008,
UTF-8, etc.) with an occurrence per presentation format and CLASS.
More information about the Idna-update