Non-English Domain Names Likely Delayed

• Previous message (by thread): Non-English Domain Names Likely Delayed
• Next message (by thread): Non-English Domain Names Likely Delayed
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 18-jul-2005, at 23:43, Crist Clark wrote:

> Isn't someone more eloquent than I going to point out that that  
> spending
> a lot of effort eliminating homographs from DNS to stop phishing is a
> security measure on par with cutting cell service to underground  
> trains
> to prevent bombings? It focuses on one small vulnerability that  
> phishers
> exploit, and "fixing" this one vulnerability just may make things  
> worse.

If you make a bunch of assumptions (SSL certificate chain is ok,  
binary is trustworthy, etc) you can be sure that when it says https:// 
www.blah.com/ in your browser, you're actually communicating with the  
entity holding the name www.blah.com in a secure way. So when  
something that looks exactly like www.blah.com is in fact different  
from www.blah.com, that's a pretty big deal because it breaks the  
whole system. So how would fixing this make things worse? And what  
else should we be doing instead?

• Previous message (by thread): Non-English Domain Names Likely Delayed
• Next message (by thread): Non-English Domain Names Likely Delayed
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]