Are these all single-script creations?
No.
I fear your algorithm is rather more expansive than is reasonable.
We will see if it is. Let's see what combinations of scripts are actually being registered.
This is hardly the first time the issue has been studied. The combinatorial explosion problem is a well-known and well-discussed one. The ICANN Variant Issues Project explored an awful lot of this.
Whatever they did or didn't do, what is going on in reality is that people are doing this and no one is stopping them. Nalini -------------------------------------------- On Mon, 3/13/17, Andrew Sullivan <ajs@anvilwalrusden.com> wrote: Subject: Re: [UA-discuss] FW: I-D Action: draft-klensin-idna-rfc5891bis-00.txt To: ua-discuss@icann.org Date: Monday, March 13, 2017, 8:14 AM On Mon, Mar 13, 2017 at 02:46:42PM +0000, nalini.elkins@insidethestack.com wrote:
Of course, it is not just the "decoration" that is of interest. There are quite a few other characters from other scripts that are
confusable possibilities. In general, cross-script registration is a bad idea. We have known this since at least 2003. The LGR work points out that script-language definitions is generally a good idea for multi-language scripts.
It is an interesting problem. For example, we took one 6 character name of a business which is trademarked & ran it through my algorithm, we came up with over 1 million possible permutations. This is because you can use more than one character look-alike.
Are these all single-script creations? I fear your algorithm is rather more expansive than is reasonable. This is hardly the first time the issue has been studied. The combinatorial explosion problem is a well-known and well-discussed one. The ICANN Variant Issues Project explored an awful lot of this.
Lest you think that this doesn't happen, we have already found names registered which use more than one confusable.
Of course it happens. That's actually what all proposals for restrictions are about.
I call them "miscreants" because it is difficult for me to believe that someone who registers a variation of "mybank.com" or "apple.com" has something good on their mind.
It doesn't help us to think clearly about the issues to start trying to do psycological analysis and intention-attribution of the people doing these things. _Regardless_ of the intention, it's an attack vector, and I think that is part of what we need to take into consideration. Best regards, A -- Andrew Sullivan ajs@anvilwalrusden.com