Dear RIPE: Please don't encourage phishing
Neil Harris
neil at tonal.clara.co.uk
Sat Feb 11 16:04:02 UTC 2012
On 11/02/12 01:16, Masataka Ohta wrote:
> Randy Bush wrote:
>
>>> My $0.02 on this issue is if the message is rich text I hover over the link
>>> and see where it actually sends me.
>> idn has made this unsafe
> I pointed it out at IETF Munich in 1997 that with an example of:
>
> MICROSOFT.COM
>
> where 'C' of MICROSOFT is actually a Cyrillic character.
>
> But, people insisted working on useless IDN.
>
> Masataka Ohta
>
>
Techniques to deal with this sort of spoofing already exist: see
http://www.mozilla.org/projects/security/tld-idn-policy-list.html
for one quite effective approach.
-- Neil
More information about the NANOG
mailing list