[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] quick & dirty (but not too dirty) homograph defense

To: IETF idn working group <idn@ops.ietf.org>
Subject: Re: [idn] quick & dirty (but not too dirty) homograph defense
From: William Tan <wil@dready.org>
Date: Sun, 20 Feb 2005 22:31:59 +1100
In-reply-to: <20050220100328.GA14603~@nicemice.net>
References: <20050219221719.GB5457~@nicemice.net> <4217D839.7040502@dready.org> <20050220100328.GA14603~@nicemice.net>
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

Yes, and I supposed they should be added to the blacklist as they are discovered, but I think getting the Verisign TLDs (.com and .net) into the blacklist will accomplish most of the benefit to be had from this approach. It's not like the phishers can move all their attacks to .tm after they get shut out of .com and .net, because there aren't nearly as many targets in .tm. How many users have sensitive trust relationships with sites in .tm (and .nu, etc)?

True.

If Verisign drops support for languages for which they have no tables, and deal with the potential phishing attempts already in the registry, their TLD can then be removed from the blacklist. Likewise for whoever gets .net next.

wil.

References:
- [idn] quick & dirty (but not too dirty) homograph defense
  - From: "Adam M. Costello" <idn.amc+0@nicemice.net.RemoveThisWord>
- Re: [idn] quick & dirty (but not too dirty) homograph defense
  - From: William Tan <wil@dready.org>
- Re: [idn] quick & dirty (but not too dirty) homograph defense
  - From: "Adam M. Costello" <idn.amc+0@nicemice.net.RemoveThisWord>

Prev by Date: [idn] Fwd: Slash-like mark problem
Next by Date: Re: [idn] Fwd: Slash-like mark problem
Previous by thread: Re: [idn] quick & dirty (but not too dirty) homograph defense
Next by thread: Re: [idn] quick & dirty (but not too dirty) homograph defense
Index(es):
- Date
- Thread