Home page logo
/

nanog logo nanog mailing list archives

Re: Dear RIPE: Please don't encourage phishing
From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Sun, 12 Feb 2012 14:07:26 +0900

Neil Harris wrote:

I'm not a flag-waver for IDN, so much as a proponent of ways to make IDN
safer, given that it already exists.

It's like trying to make DES safer.

Lots of people have thought about this quite carefully.

Not at all. They (including some Japanese) just wished IDN
work ignoring technical reality.

See RFC 4290 for
a technical discussion of the thinking behind this policy,

Technically speaking, there are several sets of frequently
used different but similar Japanese characters most people
do not distinguish so vigorously.

For example, "Sai" of "Saitoh", the tenth most frequent
Japanese family name, is represented by 4 similar but
different characters, which is distinguished by people
named "Saitoh" but not distinguished by most others,
which means phishing is unavoidable.

That is, RFC4290 covering such Japanese characters is
not technical from the beginning.

and RFC 5992
for a policy mechanism designed to resolve the problem you raised in
your example above.

It is nothing more than a political statement, because
there is no reasonable way to use tables in Appendix A.

You will notice that the .com domain does not appear on the Mozilla IDN
whitelist.

Which means IDN can not be "Internationalized" at all and
selling IDN is nothing more than a fraud.

                                        Masataka Ohta


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]