On 11/1/25 1:18 PM, John C Klensin wrote:
[snip]
The Cyrillic paypal example was chosen, not because it was a
realistic name but because it is extremely familiar to many of those
who might be reading this discussion and/or the final document.
However, and probably sadly, you have just made my point (or three of
them):
Hi,
That's a real thing. I think the general term is "homograph attack".
But it is a known and old problem:
https://www.mozilla.org/en-US/security/advisories/mfsa2013-61/
(2013).
The general recipe is usually not to allow mixed character ranges. So,
is there something useful we can say here?
thanks,
Rob
--
rswg mailing list -- [email protected]
To unsubscribe send an email to [email protected]
