Thanks.

But the fact is that many finger daemons send out 8bit characters, and
reading Finnish with the 8th bit stripped is really difficult.  Other
finger implementations allow the 8bit characters, and I still don't see
the danger that you seem to find in the current implementation.

Is there a control sequence on some terminals that now can be exploited,
but could not be before?  That's the sort of danger we are trying to
cover, without making the information illegible.

E.g. on VT100 it was common to set the answerback, and then trigger it.
This should still not be possible, just like before.

My changes also should not prevent adopting a protocol extension when
one is defined.  But the existing finger servers would still just send
8bit without any new negotiation, and I'd still like to be able to read
the information.  Recall when SMTP started going 8bit -- "just-send-8"
was a very common practise, and in the benefit of users, it was best to
try to accept it if at all possible.

+ Kim


| From:    itojun@iijlab.net
| Date:    Mon, 12 Aug 2002 01:40:12 +0900
|
| >Can you point me at an example?  I've never dealt with multibyte.
|
| 	i'll try it tomorrow.  but my main point is, without the querier
| 	(finger) and the responder (fingerd) have explicit agreement on charset
| 	to be used, we should stick to ASCII.  we really need a protocol
| 	extension.
|
| itojun
|