IDN processing should support UTR#36 appendix A restrictions

RESOLVED DUPLICATE of bug 309435

Status

()

RESOLVED DUPLICATE of bug 309435
13 years ago
12 years ago

People

(Reporter: usenet, Unassigned)

Tracking

(Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:dupe 309435])

(Reporter)

Description

13 years ago
Appendix A of Unicode Technical Report #36 recommends a number of restrictions on IDN identifiers for security reasons. These are designed to prevent visual spoofing, and appear to be in addition to the restrictions currently implemented by the IDN RFCs. 

Unlike the display blacklist, these characters should not appear at all in valid IDNs that meet the UTR#36 security restrictions. Since it is likely that the UTR#36 / UTR#39 restrictions may soon be applied to IDNs, the Mozilla IDN code will probably soon need to enforce these restrictions.
(Reporter)

Updated

13 years ago
Blocks: 316730
(Reporter)

Comment 1

13 years ago
*** Bug 316723 has been marked as a duplicate of this bug. ***
Whiteboard: [sg:low] spoof
(Reporter)

Comment 2

13 years ago
The new ICANN IDN v2.0 name policy recommendations are now covered under bug 309435, and probably represent a better-defined target than this bug. Marking as dup.

*** This bug has been marked as a duplicate of 309435 ***
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → DUPLICATE
Group: security
Whiteboard: [sg:low] spoof → [sg:dupe 309435]
You need to log in before you can comment on or make changes to this bug.