Re: [idn] IDN spoofing

From: Werner LEMBERG (
Date: Mon Feb 21 2005 - 04:00:57 CST

  • Next message: Otto Stolz: "Re: orthographies"

    Maybe a naive idea: Let's assume that the list of Unicode characters
    with similar shapes is already available. Let's further assume that a
    user wants to access a site which contains such characters. Isn't it
    possible that the browser tests in the background all combinations,
    sending a warning to the user that there are similar URLs which
    resemble the original URL optically if viewed with certain fonts? So
    if someone selects f<omicron><omicron>.org, the browser also tries to
    access, probably using some additional constraints (like
    scripts grouped by `-' or `.') to limit the number of possible hits.


    This archive was generated by hypermail 2.1.5 : Mon Feb 21 2005 - 04:08:19 CST