Re: Non-English Domain Names Likely Delayed

North American Network Operators Group

Re: Non-English Domain Names Likely Delayed

From: Iljitsch van Beijnum
Date: Mon Jul 18 18:04:49 2005

On 18-jul-2005, at 23:43, Crist Clark wrote:

Isn't someone more eloquent than I going to point out that that spending
a lot of effort eliminating homographs from DNS to stop phishing is a
security measure on par with cutting cell service to underground trains
to prevent bombings? It focuses on one small vulnerability that phishers
exploit, and "fixing" this one vulnerability just may make things worse.

If you make a bunch of assumptions (SSL certificate chain is ok, binary is trustworthy, etc) you can be sure that when it says https:// www.blah.com/ in your browser, you're actually communicating with the entity holding the name www.blah.com in a secure way. So when something that looks exactly like www.blah.com is in fact different from www.blah.com, that's a pretty big deal because it breaks the whole system. So how would fixing this make things worse? And what else should we be doing instead?

Follow-Ups:
- Re: Non-English Domain Names Likely Delayed Crist Clark

References:
- Re: Non-English Domain Names Likely Delayed Brandon Butterworth
- Re: Non-English Domain Names Likely Delayed Neil Harris
- Re: Non-English Domain Names Likely Delayed Brad Knowles
- Re: Non-English Domain Names Likely Delayed Iljitsch van Beijnum
- Re: Non-English Domain Names Likely Delayed Brad Knowles
- Re: Non-English Domain Names Likely Delayed Crist Clark

Prev by Date: Re: Non-English Domain Names Likely Delayed
Next by Date: Re: Non-English Domain Names Likely Delayed
Date Index
Thread Index
Author Index
Historical