Re: ICANN Approves Non-Latin Domain Name Characters

["Larry Seltzer" <larry () larryseltzer com>]

Oh I know all this, just looking for quotes. 

Larry Seltzer
Contributing Editor, PC Magazine
larry_seltzer () ziffdavis com 
http://blogs.pcmag.com/securitywatch/


-----Original Message-----
From: Paul Ferguson [mailto:fergdawgster () gmail com] 
Sent: Saturday, October 31, 2009 9:35 AM
To: Larry Seltzer
Cc: funsec () linuxbox org
Subject: Re: [funsec] ICANN Approves Non-Latin Domain Name Characters

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, Oct 31, 2009 at 6:14 AM, Larry Seltzer <larry () larryseltzer com>
wrote:

>
http://www.pcmag.com/article2/0,2817,2355068,00.asp?kc=PCRSS05079TX1K000
0
> 992
>
>
>
> So have the security implications of these new domain names really
been
> thought through?

No.

If nothing else, expanding the TLD space expands the abuse footprint.

Further, expanding the TLD footprint in areas which are not clearly
'recognizable' by some applications, etc., will certainly have a
tendency
to be targets for abuse by criminals.

Of course, this may sound obvious -- and it is.

But expanding the TLD space into the IDN direction is not all sunshine
and
rainbows -- it also opens up a whole new gateway for enormous abuse and
exploitation.

It should be obvious to anyone with a clue. :-)

- - ferg

p.s. I'm in Taipei at the moment, which should underscore the issues
that I
am talking about, et al.

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFK7Dzhq1pz9mNUZTMRAgxlAJ9FzZzBmRmoPfN4EHhSRo2g19/WvQCgzCJO
5V6IySqInkTmQlkoxSqb1tk=
=COHl
-----END PGP SIGNATURE-----


-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.