[82713] in North American Network Operators' Group
Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing
daemon@ATHENA.MIT.EDU (=?iso-8859-1?Q?Bj=F8rn_Mork?=)
Thu Jul 28 10:45:23 2005
From: =?iso-8859-1?Q?Bj=F8rn_Mork?= <bjorn@mork.no>
To: Phillip Vandry <vandry@TZoNE.ORG>
Cc: nanog@merit.edu
Date: Thu, 28 Jul 2005 15:27:58 +0200
In-Reply-To: <20050728125836.GA14525@OZoNE.TZoNE.ORG> (Phillip Vandry's
message of "Thu, 28 Jul 2005 08:58:36 -0400")
Errors-To: owner-nanog@merit.edu
Phillip Vandry <vandry@TZoNE.ORG> writes:
> On Wed, Jul 27, 2005 at 01:47:14PM +0000, Fergie (Paul Ferguson) wrote:
>> Mozilla Foundation has announced changes to Firefox concerning
>> Internationalized Domain Names (IDN) to deal with homograph spoofing
>> attacks.=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=
=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=
=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20
>
> Does anyone else think that it's not the job of a web browser to do
> this? The web browser shouldn't even know about IDN details. The
> system's resolver library should convert non ASCII labels to the
> Punycode representation when sending querries, and convert back
> after receiving responses!
>
> Otherwise how can all my applications support IDN?
Please read RFC 3490.
Bj=F8rn
