[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] quick & dirty (but not too dirty) homograph defense

To: John C Klensin <klensin@jck.com>
Subject: Re: [idn] quick & dirty (but not too dirty) homograph defense
From: Erik van der Poel <erik@vanderpoel.org>
Date: Mon, 21 Feb 2005 16:34:25 -0800
Cc: "Martin v. Löwis" <martin@v.loewis.de>, tedd <tedd@sperling.com>, idn@ops.ietf.org
In-reply-to: <421A792B.2050207@vanderpoel.org>
References: <200502201529.j1KFTKdU091474@bartok.nlnetlabs.nl> <4218BC15.8060208@vanderpoel.org> <p06210205be3e762b5c0a@[192.168.0.101]> <42191083.7040601@v.loewis.de> <EBFF51D5FFF2C7AF17DDF727@scan.jck.com> <421A792B.2050207@vanderpoel.org>
User-agent: Mozilla Thunderbird 1.0 (X11/20041206)

Erik van der Poel wrote:

I'm probably missing something, but if the apps are not currently warning the user when characters from blocks that ought to be banned appear, then people and/or tools may be generating references (e.g. HTML documents) to those characters, without realizing that those characters are being mapped to some other base characters, which then work OK in the DNS lookup.

Maybe it is unlikely that a lot of such references would come to exist, and it wouldn't be such a burden to the user of a new app to see the occasional error e.g. when they click on such a link.

But how do you determine how many HTML documents contain bad characters in their links, and how do you decide that that number is low enough to make such a change to the spec?

So I'm wondering if you would really be able to state that such a change "would largely impact what can be registered".

Sorry, this last part is a mistake. Banning characters that were previously mapped to others does *not* affect what can be registered. Duh.

But please consider the other parts of my email.

Erik

References:
- Re: [idn] quick & dirty (but not too dirty) homograph defense
  - From: Jaap Akkerhuis <jaap@NLnetLabs.nl>
- Re: [idn] quick & dirty (but not too dirty) homograph defense
  - From: Erik van der Poel <erik@vanderpoel.org>
- Re: [idn] quick & dirty (but not too dirty) homograph defense
  - From: tedd <tedd@sperling.com>
- Re: [idn] quick & dirty (but not too dirty) homograph defense
  - From: "Martin v. Löwis" <martin@v.loewis.de>
- Re: [idn] quick & dirty (but not too dirty) homograph defense
  - From: John C Klensin <klensin@jck.com>
- Re: [idn] quick & dirty (but not too dirty) homograph defense
  - From: Erik van der Poel <erik@vanderpoel.org>

Prev by Date: Re: [idn] quick & dirty (but not too dirty) homograph defense
Next by Date: Re: [idn] upstream and downstream
Previous by thread: Re: [idn] quick & dirty (but not too dirty) homograph defense
Next by thread: Re: [idn] quick & dirty (but not too dirty) homograph defense
Index(es):
- Date
- Thread