In article <f4fb405f-a2a6-0ce0-b14d-1b744280cb86@xxxxxxxxx> you write: >>> I don’t understand where base-emojis are used. Was “emoji" meant to >>> be "emoji_sequence / base-emojis”? > >base-emojis is intended to sit there, as an available set, if an >implementer wants to use it. It is an offer of core commonality among >systems, if they want to adopt it, and encouragement that developers >have a core, common set, if this isn't it. OK, but if that's the intention I think it would be good to say so. It's not clear whether those are supposed to be mandatory to implement, or the only ones you can expect to interoperate, or what. >>> In Security Considerations in Section 5, I think it’s probably useful >>> to talk about the risk of spoofed messages creating spoofed >>> reactions, perhaps a lot of them. What mitigation techniques should >>> be employed? One might be to look for a valid Authentication-Results >>> header. > >Security Considerations is an opportunity with infinite possibilities. >If anyone wants to supply text to add and others like it, then it should >be added... This doesn't sound like a new or very interesting problem. I'm sure we've all gotten mailboxes full of auto-acks from mail we didn't send. Buglet: in section 2 there are two places where it says bytes but appears to mean code points. Individual bytes aren't relevant in strings of UTF-8. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
