|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: lo0kal1ke domains, Non-English Domain Names Likely Delayed
>Isn't someone more eloquent than I going to point out that that spending >a lot of effort eliminating homographs from DNS to stop phishing ... I sat in on some of the discussion at ICANN in Lux, and I simultaneously heard that the problem is fundamentally insoluble, but ICANN has to do something about it anyway, which makes no sense to me. I see two reasons that it's a waste of time to worry about homographs. One is that there's so many approximate homographs even in "simple" languages like English (O and 0, I and l and 1, etc.) that you can't possibly strike them all. The other is that even if you rule out all variants of, say, citibank.com, you're still going to have names like citibank-account.com (which is not Citibank) and cyota.net (which isn't Citibank either, but runs Verified by Visa mail on behalf of lots of real banks.) There are plausible counterattacks to phishes, with branded signatures from a small set of well-known third parties at the top of my list, but eliminating homographs is fixing the leaks in a sieve one hole at a time. R's, John
|