Actually xn--example.com doesn't decode to example.com because in the
absence of a "-" separator "example" would be treated as encoded
non-ascii characters.
This means that it's impossible to encode an ASCII domain as an IDN
because each decoded label has to encode back to the original.
On 30.04.17 08:35, Pedro David Marco wrote:
Even if you decode it properly, how do you it is a fake domain? (given it is
not blacklisted anywhere, etc..)
aren't three CVE's enough?
http://mail-archives.apache.org/mod_mbox/spamassassin-users/201704.mbox/<20170428162941.GA12714%40fantomas.sk>
is the domain apple.com different if i use the Latin letter "a" or the Cyrillic
"a"? are they the same or not?
Maybe the simplest solution as of now is to score just a little bit any URL starting by
"xn--" as sign of hunch growing...
did any sane domain owner, who registered domain with similar name to avoid
typosquatting, send mail containing the similar name?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
My mind is like a steel trap - rusty and illegal in 37 states.
