Re: Unicode and Security

[Mark Davis]

 I must apologize for calling this a "waste of time". There are so many wastes of time that it is really unfair of me to single this particular one out.   The bidi algorithm was developed by the companies early in Unicode's formation. You can read about the early stages in http://www.unicode.org/unicode/consortium/consort.html. It involved review and input from the subsidiaries of those companies in the Middle East. The basic algorithm was designed to give as good a rendering of the backing store as possible for most cases, across different languages. However, we knew we would never be able to handle all of the edge cases, that's why the overrides and embeddings were added so that the rendering could be controlled precisely (e.g. for part numbers).   As to why it can't be reversible; there were too many cases where dissimilar backing-store had to produce the same visual appearance, even in the basic algorithm. And once the overrides and embeddings were included, it would be clearly impossible to recover the original order.   As for the notion that the backing-store is what is "signed", that's just odd. Look at the following: ...I promise to pay Joe $1000 for his stereo on January 1, 2002. This clause is only applicable if we are both living on the moon at the time. All looks very good (in most browsers), but if you look at the HTML code, it is:   ...I promise to pay Joe $1000 for his stereo on January 1, 2002. <font color="#FFFFFF">This clause is only applicable if we are both living on the moon at the time.</font>   The last sentence is set to white, and thus not visible.   Mark   —————   Πόλλ’ ἠπίστατο ἔργα, κακῶς δ’ ἠπίστατο πάντα — Ὁμήρου Μαργίτῃ [For transliteration, see http://oss.software.ibm.com/cgi-bin/icu/tr]   http://www.macchiato.com ----- Original Message ----- From: Moe Elzubeir To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, February 04, 2002 09:34 Subject: Re: Unicode and Security   Hello,   Before you call this thread a waste of time, and out of curiosity.. what were the considerations put forth which determined the way the bidi algorithm is (uax#9). Ie. what were the pros and cons of a reversible bidi?   Also, who make up the 'bidi community'? The users or the developer(s) of the bidi algorithm?   Thank you -- Mohammed Elzubeir >>> "Mark Davis" <[EMAIL PROTECTED]> 02/04/02 10:13AM >>> > >Outlook Express, at least the version you are using, has a bug; The BIDI algorithm is not reversible, and could not be made reversible without eliminating features that are important to the bidi community. This was considered at the time the bidi algorithm was developed. This thread is a waste of time. Mark