[cabfpub] Implementation of UTR-36 confusable text security considerations.
Hill, Brad
bhill at paypal-inc.com
Thu Aug 23 18:30:18 UTC 2012
In response to questions on today's call about implementations about the confusable Unicode restrictions suggested for inclusion in BR 1.1, I can suggest the International Components for Unicode library:
http://site.icu-project.org/
And, specifically, the SpoofChecker class:
http://icu-project.org/apiref/icu4j/com/ibm/icu/text/SpoofChecker.html
And uspoof.h
http://icu-project.org/apiref/icu4c/uspoof_8h.html
This doesn't forbid the Left To Right Override character that I can tell from simple examination, but that's an easy check to add with a regex or character search.
Brad Hill
Ecosystem Security
PayPal Information Risk Management
cell: 206.245.7844
skype/twitter: hillbrad
email: bhill at paypal-inc.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20120823/fbc69e2a/attachment-0003.html>
More information about the Public
mailing list