Dear RIPE: Please don't encourage phishing

Sun Feb 12 19:55:48 UTC 2012

On Sun, 12 Feb 2012 16:59:36 +0900, Masataka Ohta said:
> The problem is greekbank.gr is spoofable as greekbank.gr.

That would be the .gr registry's problem then.  They could take the same
solution as the .ua registry -force lowercase and allow all-latin or all-greek
names.

Oh, what do you know... they *do* do something similar.
https://grweb.ics.forth.gr/tomcat_docs/AP592_012_2011_.pdf
See page 5 and 6, in particular:

8. Any [.gr] Domain Names that are homographs of a [.gr] Domain Name
already assigned shall be automatically reserved for the Holder of the
above assigned [.gr] Domain Name and shall be activated following the
Holder's submission of an activation declaration to the Registry.

So how do you spoof greekbank.gr with greekbank.gr under those rules?

> No, the simple solution against such a simple problem is to
> use proper font, because all the people know that '0' and 'o'
> are different characters and treat them differently.

Well then, if all that's required is a "proper font",  what is the problem with
your Saitoh families? You said they were "represented by 4 similar but
different characters, which is distinguished by people named "Saitoh" but not
distinguished by most others,"  Why can't *they* use a "proper font" that makes
the difference between the 4 characters recognizable?  After all, *they*
know the 4 characters are different and can treat them differently, right?

(And no, it's *not* "different for kanji" - it's the exact same problem and you
know it.  In both cases, (I/l and your Sai issue), the problem is similar
glyphs.  Don't bother replying to suggest a fix for the lower-l/upper-I issue
unless the *same* fix applies to your Sai issue).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 865 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120212/cea7a669/attachment.sig>