From: Peter Kirk (peterkirk@qaya.org)
Date: Mon Feb 14 2005 - 04:17:44 CST
On 13/02/2005 01:54, Mark E. Shoulson wrote:
> ...
> Um, this is actually a very *good* idea, I think. If I'm about to
> click on "paypal.com" and my browser shows me (on the status line,
> where I always look, or else in a tooltip) that I'm about to go to
> xn--paypl-7ve.com, that probably is a pretty good warning. It won't be
> perfect, and won't catch, say, using non-Latin characters from one
> script to spoof those in another non-Latin, but even if people know
> little about Punycode, they ought to be able to see that the URL
> doesn't look right.
>
This warning might stop Latin script users from going to e.g.
Cyrillic-based spoof sites. But it might offer to a Russian a choice
between a genuine Russian language IDN made unrecognisable by Punycode
and an ASCII-based spoof which still looks OK. Guess which they will choose.
-- Peter Kirk peter@qaya.org (personal) peterkirk@qaya.org (work) http://www.qaya.org/ -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.7 - Release Date: 10/02/2005
This archive was generated by hypermail 2.1.5 : Mon Feb 14 2005 - 04:18:26 CST