Dear RIPE: Please don't encourage phishing

Neil Harris neil at tonal.clara.co.uk
Sat Feb 11 10:04:02 CST 2012


On 11/02/12 01:16, Masataka Ohta wrote:
> Randy Bush wrote:
>
>>> My $0.02 on this issue is if the message is rich text I hover over the link
>>> and see where it actually sends me.
>> idn has made this unsafe
> I pointed it out at IETF Munich in 1997 that with an example of:
>
> 	MICROSOFT.COM
>
> where 'C' of MICROSOFT is actually a Cyrillic character.
>
> But, people insisted working on useless IDN.
>
> 						Masataka Ohta
>
>


Techniques to deal with this sort of spoofing already exist: see

http://www.mozilla.org/projects/security/tld-idn-policy-list.html

for one quite effective approach.

-- Neil





More information about the NANOG mailing list