Dave Crocker wrote:
After extensive analysis and discussion, the Mozilla community and
Opera have already produced a fix for this, based on only displaying
Unicode
> IDN labels where the registry publishes and enforces well-defined
> anti-homograph policies, and displaying the Punycode equivalent
...snip...
3. How does this apply to subordinate domains that might or might not
enforce "acceptable" policies, given that no all policy-making is at
the TLD level?
It assumes that organization-level delegation of names is enforced by
the TLD registry for all domains that it issues domains in.
The assumption is made that operators and users of websites and other
services have to place their trust in the chain of organizations
delegating the DNS for their domain, and in particular, the one that
registered the domain with the TLD registry. This reflects common
practice, in which most services involving any significant value or risk
are generally operated from their own domains in order to reduce the
number of third parties to be trusted as far as possible.
-- Neil