[149674] in North American Network Operators' Group
Re: Dear RIPE: Please don't encourage phishing
daemon@ATHENA.MIT.EDU (Neil Harris)
Sat Feb 11 11:05:21 2012
Date: Sat, 11 Feb 2012 16:04:02 +0000
From: Neil Harris <neil@tonal.clara.co.uk>
To: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
In-Reply-To: <4F35C174.1090605@necom830.hpcl.titech.ac.jp>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 11/02/12 01:16, Masataka Ohta wrote:
> Randy Bush wrote:
>
>>> My $0.02 on this issue is if the message is rich text I hover over the link
>>> and see where it actually sends me.
>> idn has made this unsafe
> I pointed it out at IETF Munich in 1997 that with an example of:
>
> MICROSOFT.COM
>
> where 'C' of MICROSOFT is actually a Cyrillic character.
>
> But, people insisted working on useless IDN.
>
> Masataka Ohta
>
>
Techniques to deal with this sort of spoofing already exist: see
http://www.mozilla.org/projects/security/tld-idn-policy-list.html
for one quite effective approach.
-- Neil
