Re: [idn] IDN spoofing

["Martin v. Löwis" <martin@v.loewis.de>]

Erik van der Poel wrote:
> So we might have to come up with a different term for these sets of 
> rules. How about "label rules"?

I'm convinced that terminology is of least concern. No matter what
your terminology is (language tags, script tags, or DNS label tags),
it *is* a lot of work to come up with reasonable rules to simultaneously
allow registration of "valid" labels, yet rejecting spoofing
registrations. And the hard work is *not* in finding algorithms - the
hard work is in coming up with the data that drive the tables.

In that sense, Verisign's approach for .com is just right: we will not
create our own tables, we will use whatever tables national bodies,
(or perhaps the Unicode consortium), provide us. Each registrant needs
to identify which table a certain registration is meant to comply with;
it just happens that ISO 639 codes are used to identify the tables
(but Roman numerals would work just as well if the tables are
published).

As I said before, it is reasonable to err on the side of caution in
creating these tables (something that Verisign unfortunately does not
agree with); it will always be possible to extend the tables later.

So, to help the process, creation of tables for the various user
groups is necessary.

Regards,
Martin