W3C home > Mailing lists > Public > www-international@w3.org > January to March 2007

RE: For review: An Introduction to Multilingual Web Addresses

From: Richard Ishida <ishida@w3.org>
Date: Thu, 22 Mar 2007 15:43:45 -0000
To: <shen@cse.ust.hk>
Cc: "'WWW International'" <www-international@w3.org>
Message-ID: <006601c76c98$e6a9b960$6401a8c0@rishida>

Hi Vincent,

Thanks for your comments.  See below...

> -----Original Message-----
> From: shen@cse.ust.hk [mailto:shen@cse.ust.hk] 
> Sent: 09 March 2007 04:16
> To: Richard Ishida
> Cc: 'WWW International'
> Subject: Re: For review: An Introduction to Multilingual Web Addresses
> 
...
> Thanks, Richard, I learned a lot about IDNs by reading this article.
> 
> However, I don't think
> 
> "The typical way of alerting the user to a possible homograph 
> attack is to display the URI in the address bar in punycode 
> rather than in the original Unicode characters."
> 
> I tried your test website; Firefox displayed Unicode, while 
> IE7 displayed punycode. 

What do you have set for browser language preferences in the IE7 browser you
used to look up the test? If you don't have japanese or chinese it should
indeed produce punycode.


> There is no way for a lay user (or 
> even a pro) to tell whether punycode indicates danger. Few 
> people can recognize whether a possible homograph attack is 
> taking place. I think if the sentence starts with
> 
> "An attempt to alert the user..."
> 
> You might also add that "But most users would not be able to 
> recognize whether there is indeed a phishing attack."


I reworked the text at the beginning of the Domain names & phishing section
to hopefully address your points.


> 
> Thanks for the good work!
> 
> -Vincent
> >
> > Thanks.
> >
> > ============
> > Richard Ishida
> > Internationalization Lead
> > W3C (World Wide Web Consortium)
> >
> > http://www.w3.org/People/Ishida/
> > http://www.w3.org/International/
> > http://people.w3.org/rishida/blog/
> > http://www.flickr.com/photos/ishida/
> >
> >
> > --
> > No virus found in this outgoing message.
> > Checked by AVG Free Edition.
> > Version: 7.5.446 / Virus Database: 268.18.7/710 - Release Date: 
> > 04/03/2007
> > 13:58
> >
> >
> >
> >
> >
> >
> 
> 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.16/729 - Release Date: 21/03/2007
07:52
 
Received on Thursday, 22 March 2007 15:45:26 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 19:17:09 GMT