Perhaps, only display non-punycode from codepoint sets used in
languages already installed on the computer?
i.e., if the Russian language is installed on the computer, it might
be a strong indicator that Cyrillic codepoints should be shown as
Cyrillic. Otherwise, it's someone who probably can't even read it,
and so the commitment to displaying non-punycode probably can only be
On Wed, Apr 19, 2017 at 4:40 AM, Gervase Markham wrote:
> On 19/04/17 02:13, Kyle Hamilton wrote:
>> How did the algorithm in
>> https://bugzilla.mozilla.org/show_bug.cgi?id=722299 (which points to
>> https://wiki.mozilla.org/IDN_Display_Algorithm#Algorithm ) fail to
>> help in this instance?
> Because it is a known issue that it does not deal with whole-script
> confusables. This was documented at the time we adopted it - see:
>> Are there other instances in which it could be expected to fail?
>> If there are, the hypothesis set forth in
>> https://bugzilla.mozilla.org/show_bug.cgi?id=843689 (that the new IDN
>> display algorithm was sufficient enough to prevent IDN weirdnesses
>> that the whitelist could be removed) is shown to be false, and Mozilla
>> either needs to either find a better solution, or go back to the
> That was not the hypothesis. As noted above, this edge case was a known
> and accepted part of the solution, because all of the alternatives are
> The argument is that the browser only has sufficient knowledge to solve
> a part of this problem; we can't solve the entire thing using an
> algorithm without privileging some scripts over others, which is not an
> appropriate action for an organization which believes in a truly World
> Wide web. Fixing whole-script spoofing is the responsibility of those
> who have databases of all the existing registrations - i.e. registries.
> See https://wiki.mozilla.org/IDN_Display_Algorithm_FAQ for more details.