Non-English Domain Names Likely Delayed

• Previous message (by thread): Non-English Domain Names Likely Delayed
• Next message (by thread): Non-English Domain Names Likely Delayed
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Isn't someone more eloquent than I going to point out that that spending
a lot of effort eliminating homographs from DNS to stop phishing is a
security measure on par with cutting cell service to underground trains
to prevent bombings? It focuses on one small vulnerability that phishers
exploit, and "fixing" this one vulnerability just may make things worse.
It wastes resources that could go to coming up with a *real* solution, and
it may provide a false sense of security. There are dozens of ways we know
of, and probably more that lie undiscovered, to exploit vulnerabilities in
DNS, browsers, and in human nature to conduct phishing.

Worrying about homographs is probably something about which we should let
the trademark lawyers get there undies in a bunch (knowing ICANN, that
may very well be what's driving this, not phishing worries) while the IT
security community concerns itself with a usable, and actually secure,
end-to-end security model for e-commerce.
-- 
Crist J. Clark                               crist.clark at globalstar.com
Globalstar Communications                                (408) 933-4387

• Previous message (by thread): Non-English Domain Names Likely Delayed
• Next message (by thread): Non-English Domain Names Likely Delayed
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]