[82703] in North American Network Operators' Group
Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing
daemon@ATHENA.MIT.EDU (Phillip Vandry)
Thu Jul 28 10:09:14 2005
From: Phillip Vandry <vandry@TZoNE.ORG>
Date: Thu, 28 Jul 2005 08:58:36 -0400
To: nanog@merit.edu
In-Reply-To: <20050727.064758.8034.146145@webmail32.lax.untd.com>
Errors-To: owner-nanog@merit.edu
On Wed, Jul 27, 2005 at 01:47:14PM +0000, Fergie (Paul Ferguson) wrote:
> Mozilla Foundation has announced changes to Firefox concerning
> Internationalized Domain Names (IDN) to deal with homograph spoofing
> attacks.
Does anyone else think that it's not the job of a web browser to do
this? The web browser shouldn't even know about IDN details. The
system's resolver library should convert non ASCII labels to the
Punycode representation when sending querries, and convert back
after receiving responses!
Otherwise how can all my applications support IDN?
-Phil
