I am working on a replacement for BIP39 and noticed that the password
section mandates a Unicode normalization pass but does not prohibit
unassigned character points.

I believe that this is problematic as newer drafts of Unicode alter the
output of normalization passes.  So if a user assigned a password using a
wallet that linked to Unicode 9 but input a code point reserved in Unicode
10, updating the wallet to Unicode 10 could incorrectly remap that code
point [0].

Thank you,
-Zach Lym

P.S. The relevant RFC on this subject specifies a different normalization
procedure [1]

[BIP39]: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki
[0]: http://unicode.org/reports/tr15/#Stabilized_Strings
[1]: https://tools.ietf.org/html/rfc7564