Re: IDN problem.... :(

From: Marcin 'Qrczak' Kowalczyk (
Date: Fri Feb 11 2005 - 09:00:09 CST

  • Next message: Adam Twardoch: "Re: IDN problem.... :("

    Peter Kirk <> writes:

    > Perhaps a better approach would be for browsers, as a default option
    > which can be switched off, to warn users about mixed script domain
    > names (or even any non-ASCII domain names) with a dialogue box,
    > something like: "Domain name contains non-Latin
    > character(s). This may be a security risk. Are you sure you want to
    > go to this domain? OK Cancel".

    I think it's better to develop rules about what to accept without
    a warning, rather than what to reject (by "reject" I mean "possibly
    accept after confirmation").

    This means picking subsets of characters corresponding to scripts or
    languages used in domain names, with added digits and safe punctuation,
    and checking whether each part of the name has only characters which
    are completely within one of the sets.

    Don't look for wrong patterns. Ensure that there is a good pattern
    instead. In particular characters not belonging to any regular writing
    system, like arrows or half-wide Latin letters, are rejected.

       __("<         Marcin Kowalczyk

    This archive was generated by hypermail 2.1.5 : Fri Feb 11 2005 - 09:01:49 CST