Around a year ago I discussed two concerns with software release archives (tarball artifacts) that could be improved to increase confidence in the supply-chain security of software releases. Repeating the goals for simplicity:| Simon Josefsson's blog
In a bug report against libidn, Erik van der Poel gives an example of an internationalized domain name that is handled differently by different implementation. Another example of one such string is: ‘räksmörgÃ¥s’ U+2024 ‘com’ If your browser supports Unicode, Continue reading IDNA flaws with regard to U+2024→| Simon Josefsson's blog