Dear RIPE: Please don't encourage phishing

Masataka Ohta mohta at necom830.hpcl.titech.ac.jp
Sat Feb 11 19:25:53 CST 2012


Valdis.Kletnieks at vt.edu wrote:

> (The actual policy for the .UA registrar is more subtle. They *do* in fact
> allow "U+0441 Cyrillic Small Letter ES" which is visually a C to us Latin-glyph
> users.  However, they require at least one character that's visually unique to
> Cyrillic in the domain name.

Unique within what?

Is a Cyrillic character, which looks like Latin E with diaeresis,
a unique Cyrillic character?

Is "CYRILLIC CAPITAL LETTER GHE", which looks like Greek Gamma,
a unique Cyrillic character?

Is Greek Gamma, which looks like "CYRILLIC CAPITAL LETTER GHE",
a unique Greek character?

> They also don't allow mixed Cyrillic/Latin
> scripts in one domain name).

Is a Russian word containing no unique (unique to ASCII)
Cyrillic characters encoded as Latin character using ASCII,
even though a Russian word containing unique (whatever unique
means) Cyrillic character encoded as Cyrillic characters?

It is obvious that such confused scheme encourage phishing
a lot.

> If the manufacturers of IE and Safari can't come up with a similar policy,
> then the people at Mozilla can use "We protect you from malicious names"
> as a marketing diffferentiation feature.

The only protection is to disable IDN.

					Masataka Ohta



More information about the NANOG mailing list