Re: IDN Security

From: Neil Harris (
Date: Tue Feb 15 2005 - 05:41:37 CST

  • Next message: Peter Kirk: "Re: 03F3 j Greek Letter yot (was Re: IDN problem.... :( )"

    Peter Kirk wrote:

    > On 15/02/2005 00:55, Mark E. Shoulson wrote:
    >> ...
    >> The dingbats, obviously, are going to be an interesting battleground
    >> of domain buyers...
    > Those trying to use dingbats as a kind of corporate logo IDN should be
    > warned that glyphs are not standardised. I once (for fun) made a font
    > for a Mac with a rotten apple core glyph (complete with worm) for the
    > apple character! ;-)
    Having dingbats, character graphics, math characters and so on would be
    a disastrous thing to do.

    In, IANA recommend
    blacklisting the following Unicode character ranges as unusable within IDNs:

    * Box Drawing
    * Block Elements
    * Geometric Shapes
    * Miscellaneous Symbols
    * Dingbats
    * Byzantine Musical Symbols
    * Musical Symbols
    * Mathematical Alphanumeric Symbols
    * Letterlike Symbols
    * Number Forms
    * Arrows
    * Mathematical Operators
    * Miscellaneous Technical

    I would go further, and add:

    * Spacing Modifier Letters
    * Combining Marks for Symbols
    * Control Pictures
    * Optical Character Recognition
    * Enclosed Alphanumerics
    * Miscellaneous Mathematical Symbols-A
    * Supplemental Arrows-A
    * Supplemental Arrows-B
    * Miscellaneous Mathematical Symbols-B
    * Supplemental Mathematical Operators
    * Miscellaneous Symbols and Arrows
    * High Surrogates
    * Low Surrogates
    * Private Use Area
    * Alphabetic Presentation Forms
    * Small Form Variants
    * Halfwidth and Fullwidth Forms
    * Variation Selectors
    * Tags
    * Specials
    * Variation Selectors Supplement
    * Supplementary Private Use Area-A
    * Supplementary Private Use Area-B

    Also the following scripts, on the basis that they are not in current use:

    * Linear B Syllabary
    * Linear B Ideograms
    * Shavian
    * Deseret
    * Ugaritic
    * Old Italic
    * Ogham
    * Runic

    The following range, on the basis that domain names labels are not meant to
    contain any punctuation other than '-', and that in any case most of these are
    exotic punctuation variants:

    * General Punctuation

    These ranges, on the basis that they are only used for specialist purposes:

    * IPA Extensions

    Blacklisting all of these can be an effective part of an overall more thorough
    anti-spoofing solution by greatly cutting down on spoofing opportunities
    prior to other forms of filtering.
    -- Neil

    This archive was generated by hypermail 2.1.5 : Tue Feb 15 2005 - 05:42:52 CST