North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Non-English Domain Names Likely Delayed

  • From: Neil Harris
  • Date: Tue Jul 19 12:00:50 2005 
Brad Knowles wrote:


My point was that, if you're going to try to protect the users against homophone/homograph attacks, you need to do it in a standardized way.

Morover, the standards for controlling that need to be held by separate entities from those who are creating the tools which will implement those standards -- witness Microsoft's recent downgrading of Claria/Gator as a malware vendor, simply because they're looking at buying the company.

See Unicode Technical Report 36, rev 3. http://www.unicode.org/reports/tr36/ for a thorough treatment of the issues involved, under the auspices of the vendor-neutral Unicode Consortium.

See in particular Appendix B, Confusables Detection, and Appendix F, Country-Specific IDN Restrictions.

Finally, I just thought that I should point out that this problem potentially exists in internationalizing _any_ protocol that uses human-readable identifiers, not just DNS.

-- Neil





**
**