Re: IDN problem.... :(

From: Antoine Leca (
Date: Mon Feb 14 2005 - 03:23:24 CST

  • Next message: Gregg Reynolds: "Re: IDN problem.... :("

    On Saturday, February 12th, 2005 22:14Z Adam Twardoch va escriure:
    > Also, if the user is proposed to look at the URL "IRAQ.COM" and is
    > offered to choose between the Kurdish Q and the English Q, some may
    > choose the first one for obvious reasons.

    I do not understand your point.

    IRAQ.COM (all Latin letters) seems to me something logical. IRA[].COM (with
    a Cyrillic/Kurdish Q instead) seems to me an obvious case of phishing,
    perhaps not for evil motivations but rather for political ones, or even
    because of the new registration, however this does not change the problem:
    users might want to be warned about this, just like for the PАYPAL.COM
    original case.

    Now, if you are really speaking about ИРАQ.COM (last letter is Latin Q) with
    regard to ИРА[].COM (last letter is not-yet-registrated Cyrillic Q), you are
    really on the same basis as my original point: the first point looks like
    very much the phishing IRA[] example above, with the scripts switched.
    However, because right now the [] letter is not registrated, it is the only
    way to do it "right".

    Furthermore, if and when [] will be registrated, then the name of the domain
    should be changed (probably registrating twice); however, if a phisher is
    speedy enough (for example, reading here, while at the same time the
    registrar may lack the technical/marketing expertise to advertize the thing
    correctly toward his clients) it would became an inverse case of phishing:
    the first one, well-behaving in most browsers, will be flagged as
    mixed-script; while being the "correct" one. While the other, all-Cyrillic,
    will not be flagged but will show badly on many browsers, at least until
    the fonts had been updated.

    Confusing, isn't it?


    This archive was generated by hypermail 2.1.5 : Mon Feb 14 2005 - 03:24:28 CST