RE: Unicode and Security: Domain Names

The recent discussions of this list about Internet domain name spoofing through substitution of Unicode characters that have similar, or identical, glyphs is an issue that has recently appeared in print in a prominent journal: @String{j-CACM = "Communications of the ACM"} @Artic

RE: Unicode and Security: Domain Names

> Are the actual domain names as stored in the DB going to be canonical > normalized Unicode strings? It seems this would go a long way towards > preventing spoofing ... Names will be stored according to a normalization called Nameprep. Read the Stringprep (general framework) and Nameprep (IDN a

RE: Unicode and Security: Domain Names

Moreover, the IDN WG documents are in final call, so if you have comments to make on them, now is the time. Visit http://www.i-d-n.net/ and subscribe to their mailing list (and read their archives) before doing so. The documents in last call are: 1. Internationalizing Domain Names in Application

RE: Unicode and Security: Domain Names

I want to review these documents, but since time is short, maybe someone can answer my question... Are the actual domain names as stored in the DB going to be canonical normalized Unicode strings? It seems this would go a long way towards preventing spoofing ... no one would be allowed to regi

RE: Unicode and Security: Domain Names

Moreover, the IDN WG documents are in final call, so if you have comments to make on them, now is the time. Visit http://www.i-d-n.net/ and sub-scribe (with a hyphen here so that listar does not interpret my post as a command!) to their mailing list (and read their archives) before doing so. The

Re: Unicode and Security: Domain Names

In a message dated 2002-02-08 8:23:22 Pacific Standard Time, [EMAIL PROTECTED] writes: >> Does anyone know anything about RACE encoding and its properties? > > I wrote an article on IDNS in December of 2000 which discusses the > approaches which were being debated at that time, including RACE. R

RE: Unicode and Security: Domain Names

> -Original Message- > From: Tom Gewecke [mailto:[EMAIL PROTECTED]] > Sent: Thursday, February 07, 2002 6:20 PM > To: [EMAIL PROTECTED] > Subject: Re: Unicode and Security: Domain Names > > > I note that companies like Verisign already claim to offer > &q

RE: Unicode and Security: Domain Names

[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Gewecke Sent: Thursday, February 07, 2002 3:20 PM To: [EMAIL PROTECTED] Subject: Re: Unicode and Security: Domain Names I note that companies like Verisign already claim to offer "domain names" in dozens of languages and scrip

Re: Unicode and Security: Domain Names

I note that companies like Verisign already claim to offer "domain names" in dozens of languages and scripts. Apparently these are converted by something called RACE encoding to ASCII for actual use on the internet. Does anyone know anything about RACE encoding and its properties?