IDN WG had discussed about this IDN-based homogram attacks 3 years ago.
The conclustion is that: the problem should be solved in registration stage,
not in encoding/protocol level.
So we have now "IDN registration guideline for CJK (han ideographs) languages", but that
does not cover cyrillic / greek ones yet. IETF seems to have no plan to expand and
publish it. that is, "Do it yourself , registries !",
http://www.unicode.org/charts/PDF/U0400.pdf
I ask you all to open this PDF unicode chart and see how many lowercase cyrllic
alhpabets look exactly the same as their latin-alphabet lowercase counterparts .
To list some of them, " a e i y c o s j". (some of them are not russian,but for eastern europe)
In the uppercase characters, "B H M P" including the above 8 chars. cyrillicHP.com /ascii HP.com came from the latter category.
please compare the lowercase "cyrillic iii.com" with ascii "iii.com" . In the address bar,
they may look exactly the same, because cyrillic/ascii fonts are almost the same ones
in many OS/GUI environments.
Soobok
