Non-English Domain Names Likely Delayed
Iljitsch van Beijnum
iljitsch at muada.com
Tue Jul 19 14:13:16 UTC 2005
On 19-jul-2005, at 15:03, Brad Knowles wrote:
>> The public key crypto that powers the authentication in SSL.
> But that has nothing to do with the DNS.
:-) That's exactly the point: DNS tricks won't buy you anything
(except denial of service) in the presence of SSL.
>> "protecting" users agains the fact that similar
>> looking/sounding names actually map to completely different things
>> ultimately can't be done, so it's better to not do it at all so users
>> get burned by relatively harmless examples of this phenomenon
>> (www.gougle.com and the like) so they understand it and foster the
>> appropriate level of distrust.
> Actually, that's a statement that I can agree with.
Excellent.
> My point was that, if you're going to try to protect the users
> against homophone/homograph attacks, you need to do it in a
> standardized way.
And my point is, that in the absence of a standardized way a non-
standardized way will do temporarily.
> Morover, the standards for controlling that need to be held by
> separate entities from those who are creating the tools which will
> implement those standards -- witness Microsoft's recent downgrading
> of Claria/Gator as a malware vendor, simply because they're looking
> at buying the company.
Sure, why not. I'm not convinced it will help, though. (Giving in to
the conspiracy theorists doesn't work: they'll just think it's a
conspiracy.)
More information about the NANOG
mailing list