Re: IDN - 'Does it work?' draft.

Mark Davis wrote:
> You should explain in the text about mouseover/title.
> I would put the table above the explanation.

Will do.

> The information I got from MS is somewhat different than what you have, 
> since you alternate between script and language. 

My fault, thanks for clearing that up.

I've some other revisions I need to make also.
> =>
> 
>     * Uses punycode to display a domain name if any one of the following
>       conditions is met:
>           o The domain name contains characters which are not a part of
>             any script
>           o A single domain label mixes characters that are not
>             contained in any single script

The above one isn't quite accurate. Mixing of ASCII and some other scripts is permitted. 
I'll amend it.

>           o The domain name contains characters from scripts for
>             languages not included in the user's preferences
>           o The IDN looks like it might be a homograph attack

And I don't believe that's quite right either. I sort of based that on IE7's treatment of 
the pаypal.museum. I now believe that the real reason it uses punycode in this case is 
because it doesn't allow ASCII & Cyrillic to be mixed within a label.

IE7 section will be reworked.

Thanks for the feedback.

~mm


> 
> Mark
> 
> On 1/24/07, *Michael Monaghan* <Michael.Monaghan@sun.com 
> <mailto:Michael.Monaghan@sun.com>> wrote:
> 
>     Hi,
> 
>     Please take a look at the attachment and send on your feedback/comments.
> 
>     The example table towards the bottom has mouseover/title text to
>     explain how/why each
>     browser does what it does with particular IDNs.
> 
>     Any takers on checking Safari and/or other browsers?
> 
>     Thanks,
> 
>     ~mm
> 
> 
> 
> 
>     Domain Names.
> 
>     Numerous domain name authorities already offer internationalized
>     domain names. These include providers for such large domains as .cn,
>     .jp, .kr, and many more.
> 
>     One of the problems associated with IDN support in browsers is that
>     it can facilitate phishing. Consequently, most browsers that support
>     IDN also put in place some safeguards to protect users from such fraud.
>     Another problem is that Internet Explorer 6, with its huge market
>     share, does not natively supported IDN [though plugins
>     <http://support.microsoft.com/?kbid=842848> are available]. However,
>     IE7, which does support IDN, will, over time, replace most IE6 installs.
> 
>     Note that, as a temporary fallback solution until IDN is more widely
>     supported, content authors who want to point to a resource using an
>     IDN can write the link text in native characters, but put a punycode
>     representation in the href attribute. Though not an ideal solution,
>     it would guarantee that the user would be able to link to the
>     resource, whatever platform they used.
> 
>     You can run a basic check to see whether it works on your system
>     using this simple test
>     <http://www.w3.org/International/tests/sec-idn-1>.
> 
>     Here's a look at how some browsers support IDN:
> 
>        1. Internet Explorer 7
>               * Looks at the languages selected in the browser
>                 preferences, and from that deduces a set of scripts for
>                 which to fully enable IDN.
>               * Uses punycode to display a domain name if any one of the
>                 following conditions is met:
>                     o The domain name contains characters which are not
>                       a part of any language
>                     o A single domain label mixes characters that are
>                       not contained in any single language
>                     o The domain name contains characters from languages
>                       not included in the user's preferences
>                     o The IDN looks like it might be a homograph attack
>               * Allows IDN disabling
>               * Uses an icon at the end of the address bar to notify you
>                 when an URL contains a non-ASCII character
>               * Some IDNs are garbled when scrolling through browsing
>                 history in the address bar
>        2. Internet Explorer 6
>               * By default does not support IDN at all
>               * 3^rd party plugins
>                 <http://support.microsoft.com/?kbid=842848> are
>                 available which provide IDN support
>        3. Firefox 2.x
>               * Handles IDNs mainly based on the URLs top-level-domain
>                 [TLD - .com, .de, .jp etc.]
>               * Some TLDs are trusted, while others are not. IDNs within
>                 trusted TLDs are displayed properly, while those not
>                 within trusted TLDs are displayed as punycode
>               * IDN support can be switched off entirely by setting the
>                 |network.enableIDN| preference to false, in the
>                 about:config page
>               * IDNs that contain particular characters [e.g.
>                 fraction-slash], even within trusted TLDs, are treated
>                 suspiciously, and are displayed as punycode
>               * See Mozilla.org's policy on IDN-enabled TLDs
>                 <http://www.mozilla.org/projects/security/tld-idn-policy-list.html>
>        4. Mozilla 1.7x
>               * Supports IDN
>               * Displays all IDN URLs as punycode
>               * IDN support can be switched off entirely by setting the
>                 |network.enableIDN| preference to false, in the
>                 about:config page
>        5. Opera 9.1
>               * Supports IDN
>               * Uses a whitelist of TLDs for which to allow proper
>                 display of IDNs
>               * However, even for some trusted TLDs, it will still
>                 display IDNs as punycode, if any label mixes ceratain
>                 scripts
>               * Opera's list of illegal characters is slightly longer
>                 than the official IDNA list. Some IDNs, while displayed
>                 as punycode in other browsers, are entirely illegal in Opera
> 
>     Examples:
> 
>     URL  IE 7
>      Firefox 2.x
>      Opera 9.1
>     www.þorn.is <http://www.%C3%BEorn.is>  www.þorn.is
>     <http://www.%C3%BEorn.is>  www.þorn.is <http://www.%C3%BEorn.is/>
>     www.þorn.is <http://www.%C3%BEorn.is/>
>     bäcker.com <http://b%C3%A4cker.com>  bäcker.com/
>     <http://xn--bcker-gra.com/>  xn--bcker-gra.com/
>     <http://xn--bcker-gra.com/>   bäcker.com/ <http://xn--bcker-gra.com/>
>     путин.museum <http://%D0%BF%D1%83%D1%82%D0%B8%D0%BD.museum>
>     путин.museum <http://%D0%BF%D1%83%D1%82%D0%B8%D0%BD.museum>
>     путин.museum <http://%D0%BF%D1%83%D1%82%D0%B8%D0%BD.museum/>
>      путин.museum <http://%D0%BF%D1%83%D1%82%D0%B8%D0%BD.museum/>
>     I♥NY.museum <http://I%E2%99%A5NY.museum>  xn--iny-zx5a.museum/
>     <http://xn--iny-zx5a.museum/>  i♥ny.museum/
>     <http://i%E2%99%A5ny.museum/>   i♥ny.museum/
>     <http://i%E2%99%A5ny.museum/>
>     pаypal.museum <http://p%D0%B0ypal.museum>  xn--pypal-4ve.museum/
>     <http://xn--pypal-4ve.museum/>  pаypal.museum/
>     <http://p%D0%B0ypal.museum/>   pаypal.museum/
>     <http://p%D0%B0ypal.museum/>
>     ibm.com⁄foo.museum <http://ibm.com%E2%81%84foo.museum>
>     ibm.xn--comfoo-rq0c.museum <http://ibm.xn--comfoo-rq0c.museum>
>     ibm.xn--comfoo-rq0c.museum/ <http://ibm.xn--comfoo-rq0c.museum/>
>     Illegal - Opera does not
>     allow the fraction-slash
>     character in URLs at all.
>     ップã.jp <http://%E3%83%83%E3%83%97%C3%A3.jp/>  xn--3ca526vzba.jp/
>     <http://xn--3ca526vzba.jp/>
>      ップã.jp/ <http://%E3%83%83%E3%83%97%C3%A3.jp/>
>      ップã.jp/ <http://%E3%83%83%E3%83%97%C3%A3.jp/>
>     ップãп.jp/ <http://%E3%83%83%E3%83%97%C3%A3%D0%BF.jp/>
>      xn--3ca43o0y0dkca.jp/ <http://xn--3ca43o0y0dkca.jp/>
>      ップãп.jp/ <http://%E3%83%83%E3%83%97%C3%A3%D0%BF.jp/>
>      ップãп.jp/ <http://%E3%83%83%E3%83%97%C3%A3%D0%BF.jp/>
>     ップãп.co.uk <http://%E3%83%83%E3%83%97%C3%A3%D0%BF.co.uk>
>      xn--3ca43o0y0dkca.co.uk/ <http://xn--3ca43o0y0dkca.co.uk/>
>      xn--3ca43o0y0dkca.co.uk/ <http://xn--3ca43o0y0dkca.co.uk/>
>      xn--3ca43o0y0dkca.co.uk/ <http://xn--3ca43o0y0dkca.co.uk/>
> 
> 
> 
> 
> 
> 
> -- 
> Mark

Received on Thursday, 25 January 2007 02:43:13 UTC