Bugtraq mailing list archives
Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.
From: Riccardo Murri <murri () dmmm uniroma1 it>
Date: Fri, 18 Feb 2005 10:56:48 +0100
[Tosoni, Thu, Feb 17, 2005 at 10:20:22AM +0000]
Back to the original problem, shouldn't the browser check that the domain name sought by the user, is only composed from existing keys on the user's keyboard, and alert the user otherwise ?
That would restrict US keyboard users from surfing websites with names from almost any non-English language... It would probably be a good way to boycott IDN :) Riccardo
Current thread:
- Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs., (continued)
- Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. Rainer Duffner (Feb 19)
- Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. bkfsec (Feb 17)
- RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. David Schwartz (Feb 17)
- Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. bkfsec (Feb 17)
- Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. Thor (Hammer of God) (Feb 17)
- Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. Riccardo Murri (Feb 19)