nanog mailing list archives
Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing
From: Phillip Vandry <vandry () TZoNE ORG>
Date: Thu, 28 Jul 2005 08:58:36 -0400
On Wed, Jul 27, 2005 at 01:47:14PM +0000, Fergie (Paul Ferguson) wrote:
Mozilla Foundation has announced changes to Firefox concerning Internationalized Domain Names (IDN) to deal with homograph spoofing attacks.
Does anyone else think that it's not the job of a web browser to do this? The web browser shouldn't even know about IDN details. The system's resolver library should convert non ASCII labels to the Punycode representation when sending querries, and convert back after receiving responses! Otherwise how can all my applications support IDN? -Phil
Current thread:
- Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing Fergie (Paul Ferguson) (Jul 27)
- Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing Phillip Vandry (Jul 28)
- Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing Bjørn Mork (Jul 28)
- Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing Phillip Vandry (Jul 28)
- Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing Florian Weimer (Jul 28)
- Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing Bjørn Mork (Jul 28)
- Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing Phillip Vandry (Jul 28)