[Top] [All Lists]

Re: UTF8 vs. Punycode

2007-08-13 13:50:58
On Aug 13, 2007, at 2:35 PM, Russ Housley wrote:

This issue was raised by my review of

However, I think that the issue goes beyond this document. The decision made here ought to set a precedent.

What's the risk of *not* forcing to ASCII via punycode? Leave aside flaws in unicode handling routines for the moment. In the IBE context, a sender would derive an "incorrect" public key (more correctly, a different public key) and the recipient would be unable to decrypt the message.

-- Tim

Attachment: smime.p7s
Description: S/MIME cryptographic signature

<Prev in Thread] Current Thread [Next in Thread>