[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [idn] case preservation
Soobok Lee wrote:
>
> ----- Original Message -----
> From: "Martin Duerst" <duerst@w3.org>
> To: "D. J. Bernstein" <djb@cr.yp.to>; <idn@ops.ietf.org>
> >
> > >It would be better to omit nameprep entirely;
> > >then users will stick to mechanisms that work, such as clicking on URLs.
> > >(Bad characters should still be avoided in registrations, of course.)
> >
> > Bad character combinations should be avoided with registration.
> > The only registrations for things like <A-Greek><O-Cyrillic><L-Latin>
> > will come from spoofers, and the only way such spoofers have
> > a chance is through clicking on URIs or a similar interface.
>
> You forgot to mention this type :
> All-cyrillic(or All cherokee) uppercase "SEX,CISCO,ATT,HOME,IBM" have the
> same look with all-latin uppercase ones.
But, as Martin said, those links will only be 'used' by spoofers and
only work via clicking on URIs. (Things like this already happen anyway
... i.e. Someone registers AOL-billing.foo then spams AOL users asking
for updated credit card info ...) If the spoofed domain were printed on
paper the end user would (most likely) interpret the characters as Latin
and type them in accordingly and go to the 'real' site, not the spoofed
site.
>
> SOobok
>
> >
> >
> > Regards, Martin.
> >
--
Dan Ebert <dan@enic.cc> eNIC Corporation
-----------------------------------------------------
"What is wanted is not the will to believe, but the
will to find out, which is the exact opposite."
-- Bertrand Russell, "Skeptical_Essays", 1928
-----------------------------------------------------