Since this thread is touching a lot on IDNs - and related problems (real or perceived) - may I suggest the interested people to join the ALAC IDN-WG, where these issues can be thoroughly discussed. At the moment the WG is not very active, but Satish - the Chair - is bringing it back to life. So it would be a great moment for bringing some discussion over there, also in view of the greater attention that this topic is receiving. Cheers, Roberto
On 11.02.2020, at 21:12, bzs@theworld.com wrote:
Just to throw a little more into the mix there are also "homonym" attacks, for example sneaking a Cyrillic (e.g., Russian) 'o' into microsoft . com, they look the same as a Latin-1 'o' but are encoded differently.
Some browsers recognize that and will display "punycode", xn-blahblah, rather than the graphical version but there are all sorts of places this might be abused (e.g., a link in an email or sms, etc.)
My real point is it's a big and, I like to think, active topic.
A lot of it falls more into the realm of the IETF, engineering issues, and human factors engineering, rather than policy at this point other than perhaps supporting whatever the gearheads come up with to mitigate all this and to turn any engineering recommendations into workable policy. And education about the problem of course.
-- -Barry Shein
Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo* _______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.