- From: Felix Sasaki <fsasaki@w3.org>
- Date: Wed, 25 May 2005 12:22:27 +0900
- To: public-i18n-core@w3.org
Hi all, With this mail I sent some personal comments to "UTR #36 Unicode Security Considerations". Best regards, Felix. *1 I'm wondering what the role of upper level protocols / specific formats is, since you often speak in general of "software interfaces". The security issues might be different e.g. for the XML Schema data type any:URI, or the http protocol, since they have a different level of adoption of IRI. The IRI-specification (RFC3987, sec. 6.3) gives some examples of such differences. *2 In addition to the last comment: a section might be useful which summarizes the necessary security efforts for different areas, e.g. user agens / protocol developers. *3 Sec. 2.8: "It is unlikely, for example, that ㋕ would be typed by a Japanese user, nor that it need work in copied text." I don't see an explanation of ㋕ in the text. Maybe you want to point to the half-width Japanese katakana character カ, which you mentioned in the text above? *4 You should describe the role of normalization in the non-domain part of URL, as you already mention at the end of sec. 2.10.3. Probably you will rely on the IRI specification for that. The mapping of IRI to URI (sec. 3.1 of that spec) requires that IRI with characters which are already in a Unicode-based character encoding, are not normalized. This might lead to ambiguity. An example for this is given by [2], focusing on CSS. Again this is an issues which depends on a specific format / protocol. [1] http://www.unicode.org/reports/tr36/draft/ [2] http://lists.w3.org/Archives/Public/www-style/2005Mar/0102
Received on Wednesday, 25 May 2005 03:22:32 UTC