Non-English Domain Names Likely Delayed

Iljitsch van Beijnum iljitsch at muada.com
Tue Jul 19 14:13:16 UTC 2005


On 19-jul-2005, at 15:03, Brad Knowles wrote:

>>  The public key crypto that powers the authentication in SSL.

>     But that has nothing to do with the DNS.

:-)  That's exactly the point: DNS tricks won't buy you anything  
(except denial of service) in the presence of SSL.

>> "protecting" users agains the fact that similar
>> looking/sounding names actually map to completely different things
>> ultimately can't be done, so it's better to not do it at all so users
>> get burned by relatively harmless examples of this phenomenon
>> (www.gougle.com and the like) so they understand it and foster the
>> appropriate level of distrust.

>     Actually, that's a statement that I can agree with.

Excellent.

>     My point was that, if you're going to try to protect the users  
> against homophone/homograph attacks, you need to do it in a  
> standardized way.

And my point is, that in the absence of a standardized way a non- 
standardized way will do temporarily.

>     Morover, the standards for controlling that need to be held by  
> separate entities from those who are creating the tools which will  
> implement those standards -- witness Microsoft's recent downgrading  
> of Claria/Gator as a malware vendor, simply because they're looking  
> at buying the company.

Sure, why not. I'm not convinced it will help, though. (Giving in to  
the conspiracy theorists doesn't work: they'll just think it's a  
conspiracy.)



More information about the NANOG mailing list