Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing
Florian Weimer
fw at deneb.enyo.de
Thu Jul 28 14:04:13 UTC 2005
* Jason Sloderbeck:
> Yes, it's recognized by Mozilla and others as the job of the Internet
> Architecture Board (in particular, the IAB-IDN group) to make a final
> decision on how to deal with homographs.
Homographs are a classical example of a PR attack. It's a complete
non-issue. In practice, people don't use domain names to assess the
credibility of web sites. 1/l/I and 0/O are homographs as well, and
the Internet hasn't collapsed as a result.
The really stunning thing about the whole mess is that nobody seems to
grasp that technically, TLDs are not in a position to restrict name
server operators to any character sets in the domain names they use.
After all, I can add any domain name I want to my zone files.
More information about the NANOG
mailing list