[cabfpub] ICU library patch for Unicode spoof checks

Hill, Brad bhill at paypal-inc.com
Thu Mar 7 17:09:15 UTC 2013

Should be available in v51.1, http://bugs.icu-project.org/trac/milestone/51.1%20(release)


They accepted a "competing" patch submitted by Google as theirs also included C++ code, but theirs didn't include the bidirectional text requirement.

That is extremely simple to implement by simply forbidding the following code points (punycode encoded or native) in hostnames:

LRE:  U+202A
RLE:  U+202B
PDF: U+202C
LRO: U+202D
RLO: U+202E

Brad Hill
Ecosystem Security
PayPal Information Risk Management
cell: 206.245.7844
skype/twitter: hillbrad
email: bhill at paypal-inc.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130307/5f2e2bd0/attachment-0002.html>

More information about the Public mailing list