RE: phishing in IRIs

> what I wanted to say is that when it comes to phishing/spoofing with
> IRIs, the main place that actually happens are the IDNs in the IRIs, not
> the other parts of an IRI (scheme/path/query). 

I would disagree with this as well :)

http://secure.com/paypal is another technique, and there the path is used to provide the misdirection.  Even when the domain name's being abused, current attacks seem to rarely use IDN, it's simply not needed because the users aren't careful (or don't know how to be careful) anyway.  

I think the impracticality of a secure IRI might make an interesting paper, or BCP, however IDN is just a (small) part of that.

- Shawn

Received on Tuesday, 24 November 2009 04:58:50 UTC