Re: [PATCH v2] hex2bin: make the function hex_to_bin constant-time

From: Linus Torvalds
Date: Wed May 04 2022 - 15:52:16 EST

Next message: Andy Shevchenko: "Re: [chanwoo:devfreq-testing 5/5] include/linux/list.h:638:9: warning: this 'for' clause does not guard..."
Previous message: Pavel Machek: "Re: [PATCH v7 0/2] Make AUX gpio pin optional for ktd2692"
In reply to: Jason A. Donenfeld: "Re: [PATCH v2] hex2bin: make the function hex_to_bin constant-time"
Next in thread: Linus Torvalds: "Re: [PATCH v2] hex2bin: make the function hex_to_bin constant-time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, May 4, 2022 at 12:43 PM Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
>
> א.cc is correct. If you can't load it, your browser or something in
> your stack is broken.

It's just google-chrome.

And honestly, the last thing I want to ever see is non-ASCII URL's.

Particularly from a security person. It's a *HORRIBLE* idea with
homoglyphs, and personally I think any browser that refuses to look it
up would be doing the right thing.

But I don't think that it's the browser, actually. Even 'nslookup'
refuses to touch it with

** server can't find א.cc: SERVFAIL

and it seems it's literally the local dns caching (dnsmasq?)

> Choosing a non-ASCII domain like that clearly a
> bad decision because people with broken stacks can't load it?

No. It's a bad idea. Full stop. Don't do it.

Linus

Next message: Andy Shevchenko: "Re: [chanwoo:devfreq-testing 5/5] include/linux/list.h:638:9: warning: this 'for' clause does not guard..."
Previous message: Pavel Machek: "Re: [PATCH v7 0/2] Make AUX gpio pin optional for ktd2692"
In reply to: Jason A. Donenfeld: "Re: [PATCH v2] hex2bin: make the function hex_to_bin constant-time"
Next in thread: Linus Torvalds: "Re: [PATCH v2] hex2bin: make the function hex_to_bin constant-time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]