RE: Security Issues

From: Jony Rosenne (rosennej@qsm.co.il)
Date: Sun Apr 03 2005 - 12:04:12 CST

  • Next message: Peter Kirk: "Re: Security Issues"

    I don't buy it.

    When I was a kid, there were being sold pens bearing names such as RARKER and P.ARKER - please note that it was possible to fool people with plain ASCII, although ASCII was not even invented then. Actually, I have reason to believe that it was possible for evil people to mislead the innocent even before writing was invented.

    It is up to the registrars to prevent the registration of misleading names. All that they need is a list of confusables. The registrar should notice that "paypaɫ.com" is confusable with "paypal.com".

    Any competent trade name and trademark registrar does it today and has been doing it for years.

    Unicode is just a minor technological complication.

    Internet domain name registrars should be reminded of the duties inherent in their job as a registrar rather than blaming internationalization or Unicode.

    Jony

    > -----Original Message-----
    > From: unicode-bounce@unicode.org
    > [mailto:unicode-bounce@unicode.org] On Behalf Of Doug Ewell
    > Sent: Sunday, April 03, 2005 7:27 PM
    > To: Unicode Mailing List
    > Subject: Re: Security Issues
    >
    >
    > Peter Kirk <peterkirk at qaya dot org> wrote:
    >
    > > Rather the opposite end of the minorities scale from the Tamil!
    > > Nevertheless, even 20 people have their rights, although I doubt if
    > > this language is viable. But a language group of 6000 can easily be
    > > viable and stable enough that it should be supported by the
    > Internet.
    >
    > There's a lot more to "being supported by the Internet" than
    > the set of
    > characters permitted in domain names.
    >
    > There's also a significant controversy surrounding the ability of some
    > evil person to register "paypaɫ.com" or similar, using a letter like
    > U+026B that most people in the world aren't aware exists, and using it
    > to dupe innocent consumers. People are running around screaming that
    > internationalized domain names are evil for allowing these characters,
    > and that Unicode is evil for including them in the first place. This
    > "security" thread is an attempt to work out the best solution for all.
    >
    > -Doug Ewell
    > Fullerton, California
    > http://users.adelphia.net/~dewell/
    >
    >
    >
    >
    >



    This archive was generated by hypermail 2.1.5 : Sun Apr 03 2005 - 12:05:38 CST