Re: [idn] IDN spoofing

From: Hans Aberg (haberg@math.su.se)
Date: Mon Feb 21 2005 - 12:57:00 CST

  • Next message: Doug Ewell: "Re: orthographies"

    At 12:42 +1100 2005/02/20, George W Gerrity wrote:
    >Thus, our rą•le reduces to providing some automatic methods to help the
    >authorities deal with the homograph problem, and we can quit discussing
    >the question of how to enforce authorities to adopt sensible naming
    >conventions: that ultimately belongs to the realm of law and
    >regulation.

    The suggestion I made, was to use a function to detect confusables by
    declaring them equivalent, but retaining the full Unicode character set for
    representing the IDN's. If this is used at the registration level only, the
    only thing that happens when somebody enters a confusable, is that it is
    rejected. There is a problem only when an authority admits parallel,
    confusable names to be registered.

    One can in fact use more than one function on the Unicode character set, in
    order to detect different types of confusions. If a name can be confused by
    an already registered name, then one might declare that this requires a
    special registration process, i.e., some humans standing by determining by
    hand whether these names are separated enough for registration.

      Hans Aberg



    This archive was generated by hypermail 2.1.5 : Mon Feb 21 2005 - 14:42:17 CST