- From: Frank Ellermann <nobody@xyzzy.claranet.de>
- Date: Fri, 1 Aug 2008 02:21:21 +0200
- To: www-international@w3.org
Leif Halvard Silli wrote: > Has this been considered? Are anyone proposing that? Should not > use of fonts which clearly distinguish the different letters and > scripts be adviced in these regards? IDNA and IDNAbis tackle a part of this problem, they reduce Unicode to case-insensitive NFKC letters, digits, and some other code points. Another part of the problem is supposed to be solved by the DNS zone admins (root, TLD registries, etc.) in the form of policies. A third line of defense can be applications, at the moment Firefox has a list of TLDs with no nonsense IDN policies. After that you are on your own, or whatever you might use to detect "malicious sites" (sites linking to SANS made it on a list of "malicious sites" yesterday, because SANS had links to some real malware for forensic studies). Needless to say that such anti-phishing gimmicks also get a good idea of your surfing, so I disabled that on my box. The price for total security is IMO too high, YMMV. Frank
Received on Friday, 1 August 2008 00:20:59 UTC