On Wednesday, February 6, 2002, at 11:12 AM, Lars Kristan wrote: > Maybe digitally signed messages and bank accounts are not that good of an > example, since people would be more careful there. Another case where this > may get exploited will be domain names, once Unicode is allowed there. > While > www.example.com may be a company I trust, www.example.com with a Cyrillic > 'a' in it may be a hacker (and no, I did not imply he/she would be from a > county that uses Cyrillic) trying to get me to visit the site. >
Right, but right now is that people are typing things like www.whitehouse. com instead of www.whitehouse.gov (or, for that matter, www.unicode.com). How likely is it that someone will accidentally type www.sаmple.com instead of www.sample.com? The original focus was on digital signatures, and I still don't get the objection. Because I don't know *precisely* what bytes Microsoft Word or Adobe Acrobat use, do I refuse to sign documents they create? Is that the idea? I mean, good heavens, I don't even know *precisely* what bytes Mail. app is going to use for this email. Should I refuse to sign it? ========== John H. Jenkins [EMAIL PROTECTED] [EMAIL PROTECTED] http://homepage.mac.com/jenkins/