[149684] in North American Network Operators' Group
Re: Dear RIPE: Please don't encourage phishing
daemon@ATHENA.MIT.EDU (Masataka Ohta)
Sat Feb 11 20:27:16 2012
Date: Sun, 12 Feb 2012 10:25:53 +0900
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
To: nanog@nanog.org
In-Reply-To: <170508.1328984937@turing-police.cc.vt.edu>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Valdis.Kletnieks@vt.edu wrote:
> (The actual policy for the .UA registrar is more subtle. They *do* in fact
> allow "U+0441 Cyrillic Small Letter ES" which is visually a C to us Latin-glyph
> users. However, they require at least one character that's visually unique to
> Cyrillic in the domain name.
Unique within what?
Is a Cyrillic character, which looks like Latin E with diaeresis,
a unique Cyrillic character?
Is "CYRILLIC CAPITAL LETTER GHE", which looks like Greek Gamma,
a unique Cyrillic character?
Is Greek Gamma, which looks like "CYRILLIC CAPITAL LETTER GHE",
a unique Greek character?
> They also don't allow mixed Cyrillic/Latin
> scripts in one domain name).
Is a Russian word containing no unique (unique to ASCII)
Cyrillic characters encoded as Latin character using ASCII,
even though a Russian word containing unique (whatever unique
means) Cyrillic character encoded as Cyrillic characters?
It is obvious that such confused scheme encourage phishing
a lot.
> If the manufacturers of IE and Safari can't come up with a similar policy,
> then the people at Mozilla can use "We protect you from malicious names"
> as a marketing diffferentiation feature.
The only protection is to disable IDN.
Masataka Ohta
