Re: ICANN Approves Non-Latin Domain Name Characters

[Dan Kaminsky <dan () doxpara com>]

*shrugs*

This has already been the status quo for several years w/ third level
domains, ICANN has just approved second level domains and even TLDs.
We're going to have some interesting appcompat issues (understatement)
as punycode is not at all an OS component yet.  So on the one hand,
you have this issue having already been dealt with for the last few
years, courtesy of the Shmoo guys.  On the other hand, you have ICANN
creating an expectation for OS developers. Outside of the browser --
and that includes email clients -- people shouldn't really expect
these new domains to work entirely properly anytime soon.  And, yes,
as they do start working properly, we'll see some Punycode vulns pop
up.

On Sat, Oct 31, 2009 at 6:14 AM, Larry Seltzer <larry () larryseltzer com> wrote:
> http://www.pcmag.com/article2/0,2817,2355068,00.asp?kc=PCRSS05079TX1K0000992
>
>
>
> So have the security implications of these new domain names really been
> thought through?
>
>
>
> Larry Seltzer
> Contributing Editor, PC Magazine
>
> larry_seltzer () ziffdavis com
>
> http://blogs.pcmag.com/securitywatch/
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.