[149678] in North American Network Operators' Group
Re: Dear RIPE: Please don't encourage phishing
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Sat Feb 11 13:30:30 2012
To: Randy Bush <randy@psg.com>
In-Reply-To: Your message of "Sat, 11 Feb 2012 09:09:25 PST."
<m2sjihpa9m.wl%randy@psg.com>
From: Valdis.Kletnieks@vt.edu
Date: Sat, 11 Feb 2012 13:28:57 -0500
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1328984937_2778P
Content-Type: text/plain; charset=us-ascii
On Sat, 11 Feb 2012 09:09:25 PST, Randy Bush said:
> >>>> My $0.02 on this issue is if the message is rich text I hover over the link
> >>>> and see where it actually sends me.
> >>> idn has made this unsafe
> > Techniques to deal with this sort of spoofing already exist: see
> > http://www.mozilla.org/projects/security/tld-idn-policy-list.html
> > for one quite effective approach.
Nice. Basically, unless the TLD registrar has a public policy that basically says
"We don't allow names with cyrillic C to collide with MICROSOFT", their hostnames
all get displayed as xn--gobbledygook.
(The actual policy for the .UA registrar is more subtle. They *do* in fact
allow "U+0441 Cyrillic Small Letter ES" which is visually a C to us Latin-glyph
users. However, they require at least one character that's visually unique to
Cyrillic in the domain name. They also don't allow mixed Cyrillic/Latin
scripts in one domain name). Or so http://www.hostmaster.ua/idn/
tells me after Google Translate gets done with it. ;)
> and grandma is gonna use this? with internet exploder or safari?
If the manufacturers of IE and Safari can't come up with a similar policy,
then the people at Mozilla can use "We protect you from malicious names"
as a marketing diffferentiation feature.
--==_Exmh_1328984937_2778P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBTzazaQdmEQWDXROgAQJwLQ/+KRLTDZRLWGXUAtNPSyP3Rdilov9DQn9p
azstYy+wnVxLAHpdBkiF/E4fl7kZ1quKA3AsBXKwl2G/COHVN9KebvR+PHTIBsmh
uIVNGd/UBY6s5mFp+w6UaScwV0m92tZljgutqBYqWf6LP2cFwD037K/XLrZGZhgq
SSQ49cgsGhyQadjRAcO62nQdB+9IVsh4CYS3LQaawsZrNhjuqTha9rP3uAkwSBog
Nzrdf+LNmCP+/YStBCq8jORj73wpGv0pahd1YFBjx8qkGgj4V62ROrwSatuO60Pg
9P1z8Qieb/Fh+ec9JmmPzQ0hpceSwGkAa+9DmKwIbnozHXgDj3u6v2VqVhqrEOuQ
pIOKsCuuDZvxpGqOu7lZ+5Acl/3tvxhJNb0VhRjwo7+XeIsjTJPx5lma8JBDVDGb
PADxCnsRPgXea5WECQIyChEzHFp7sDtEF9BI4SCRG4UWNzrvIRDHVXtTQZJE8tBi
+nEb+9qZhSqtJplArRJSXzGGwi/dS+60mRjPYmToofI1/OzT0EFP0V868rDg/Bd6
+a8tegf0iPLPgpyr1ytjLN01DU1zGwysrC0ggrjpyH4+C47Sq561Y580SwCF4PeZ
Kzws7c430UashX9jGpYd7sO9j6I6ieNHaTyuthxPBGbblGA7ljHV+LtG8biR9tBK
mTYmSiIqAvc=
=lN+C
-----END PGP SIGNATURE-----
--==_Exmh_1328984937_2778P--
