- From: <shen@cse.ust.hk>
- Date: Fri, 9 Mar 2007 12:15:44 +0800 (HKT)
- To: "Richard Ishida" <ishida@w3.org>
- Cc: "'WWW International'" <www-international@w3.org>
> > > http://www.w3.org/International/articles/idn-and-iri/#work > > Comments are being sought on the revised section of this article entitled > "Does it work?" prior to final completion. Please send any comments to > www-international@w3.org (subscribe). We expect to publish a final version > in one to two weeks. Thanks, Richard, I learned a lot about IDNs by reading this article. However, I don't think "The typical way of alerting the user to a possible homograph attack is to display the URI in the address bar in punycode rather than in the original Unicode characters." I tried your test website; Firefox displayed Unicode, while IE7 displayed punycode. There is no way for a lay user (or even a pro) to tell whether punycode indicates danger. Few people can recognize whether a possible homograph attack is taking place. I think if the sentence starts with "An attempt to alert the user..." You might also add that "But most users would not be able to recognize whether there is indeed a phishing attack." Thanks for the good work! -Vincent > > Thanks. > > ============ > Richard Ishida > Internationalization Lead > W3C (World Wide Web Consortium) > > http://www.w3.org/People/Ishida/ > http://www.w3.org/International/ > http://people.w3.org/rishida/blog/ > http://www.flickr.com/photos/ishida/ > > > -- > No virus found in this outgoing message. > Checked by AVG Free Edition. > Version: 7.5.446 / Virus Database: 268.18.7/710 - Release Date: 04/03/2007 > 13:58 > > > > > >
Received on Friday, 9 March 2007 04:15:57 UTC