Stephane Bortzmeyer wrote:
Forwarded Message from Neil Harris <[EMAIL PROTECTED]> ---
...
After extensive analysis and discussion, the Mozilla community and Opera
have already produced a fix for this,
Which is highly questionable and that is rejected by most european
Brandon Butterworth wrote:
Already, some 21 TLDs are whitelisted, including .cn, .tw, a number
of European ccTLDs, .museum, and .info. Any other registrars who
want to be supported can simply E-mail Gerv at the Mozilla
Foundation, or his Opera counterpart, and give them a pointer to
their anti-
Dave Crocker wrote:
After extensive analysis and discussion, the Mozilla community and
Opera have already produced a fix for this, based on only displaying
Unicode
> IDN labels where the registry publishes and enforces well-defined
> anti-homograph policies, and displaying the Punycode
Michael, your idea of mapping confusable characters to a single "master"
character was one of the options which was considered, but rejected.
To see why, consider the Turkish dotless-i in your second example. Now,
to most non-Turkish readers, dotless-i is a homograph of the more common
dotte
Iljitsch van Beijnum wrote:
On 18-jul-2005, at 22:49, Brad Knowles wrote:
...snip...
If you're not a programmer with direct commit access to Mozilla
and Opera, just how exactly do you expect to have any control over
this process?
Hopefully they make this stuff user configurable.
Brad Knowles wrote:
My point was that, if you're going to try to protect the users
against homophone/homograph attacks, you need to do it in a
standardized way.
Morover, the standards for controlling that need to be held by
separate entities from those who are creating the tools
Crist Clark wrote:
If the homograph problem isn't too hard, yeah, fix it. If it is hard,
it may not be worth it. From what I know, this isn't easy, but
technically, not impossible.
Yes. It's _really_ not difficult to fix, particularly for domains which
also enforce a single-script-per-lab
Florian Weimer wrote:
* Jason Sloderbeck:
Yes, it's recognized by Mozilla and others as the job of the Internet
Architecture Board (in particular, the IAB-IDN group) to make a final
decision on how to deal with homographs.
Homographs are a classical example of a PR attack. It's a c
John Levine wrote:
Homographs are a classical example of a PR attack. It's a complete
non-issue.
I am inclined to agree.
But since the TLD registry operators can, and do, control the delegation
of their TLDs, they have de-facto control over the sets of labels that
can be used fo
Sean Donelan wrote:
The problem with waiting until the PE or BRAS to do the classification is
most access providers use traffic aggregation in the access network (e.g.
ATM/DSL, Cable, WiFi, etc). This means the interfaces on the BRAS or PE
are oversubscribed and the access network interface w
10 matches
Mail list logo
