nanog mailing list archives
Re: Dear RIPE: Please don't encourage phishing
From: Joel jaeggli <joelja () bogus com>
Date: Sat, 11 Feb 2012 22:57:36 -0800
On 2/11/12 19:34 , Sven Olaf Kamphuis wrote:
yes, domain names that cannot be typed in with any keyboard/charset on any computer out there, excellent idea, devide and conquerer, i wonder who came up with that idiotic plan again, probably the ITU or one of their infiltrants in icann.
If it's worth shoveling blame indiscriminately it's worth informing yourself a little about the timeline and the actors involved. http://en.wikipedia.org/wiki/Internationalized_domain_name
how about, we simply don't code any software or adjust any platforms to support it, if nobody uses it, no problem :P (or just deliberately break it as its nothing more than a "devide and conquerer" attempt of the UN anyway ;) On Sun, 12 Feb 2012, Neil Harris wrote:On 12/02/12 00:09, Masataka Ohta wrote:Neil Harris wrote:Techniques to deal with this sort of spoofing already exist: see http://www.mozilla.org/projects/security/tld-idn-policy-list.htmlIt does not make sense that .COM allows Cyrillic characters: http://www.iana.org/domains/idn-tables/tables/com_cyrl_1.0.html i script of a domain name is Cyrillic. Domain names do not have such property as script. Is the following domain name: CCC.COM Latin or Cyrillic?for one quite effective approach.The only reasonable thing to do is to disable so called IDN. Masataka Ohta PS Isn't it obvious from the page you referred that IDN is not internationalization but an uncoordinated collection of poor localizations?I'm not a flag-waver for IDN, so much as a proponent of ways to make IDN safer, given that it already exists. Lots of people have thought about this quite carefully. See RFC 4290 for a technical discussion of the thinking behind this policy, and RFC 5992 for a policy mechanism designed to resolve the problem you raised in your example above. You will notice that the .com domain does not appear on the Mozilla IDN whitelist. -- N.
Current thread:
- Re: Dear RIPE: Please don't encourage phishing, (continued)
- Re: Dear RIPE: Please don't encourage phishing bmanning (Feb 12)
- Re: Dear RIPE: Please don't encourage phishing Masataka Ohta (Feb 12)
- Re: Dear RIPE: Please don't encourage phishing Steven Bellovin (Feb 12)
- Re: Dear RIPE: Please don't encourage phishing John Levine (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Christian de Larrinaga (Feb 12)
- Re: Dear RIPE: Please don't encourage phishing John R. Levine (Feb 12)
- Re: Dear RIPE: Please don't encourage phishing Jeff Kell (Feb 12)
- Re: Dear RIPE: Please don't encourage phishing Masataka Ohta (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Neil Harris (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Sven Olaf Kamphuis (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Joel jaeggli (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing David Conrad (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Sven Olaf Kamphuis (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Valdis . Kletnieks (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Masataka Ohta (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Masataka Ohta (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Adrian (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Valdis . Kletnieks (Feb 10)
- RE: Dear RIPE: Please don't encourage phishing Vinny_Abello (Feb 10)
- RE: Dear RIPE: Please don't encourage phishing Keith Medcalf (Feb 11)
- Re: Dear RIPE: Please don't encourage phishing Vinny Abello (Feb 12)