I'm guessing that the IDN spoofing issue will be addressed (not solved) at several different levels, upstream and downstream.
The Unicode Consortium has already stated that they are seriously considering the homograph issue, and we may eventually see tables and other info that others can use in heuristic filters, etc.
It will be interesting to see what happens with the IDN-related RFCs when they advance to the next maturity level. I'm not even going to try to guess what might happen there.
Many ccTLDs have already put filtering policies and deployments in place, and the other TLDs will probably start to filter, sooner or later.
Security-conscious apps and plug-ins will also have a layer of protection, with UIs ranging from the seamless to the intrusive.
I will remain on this list for the time being.
Thanks everybody,
Erik
