Re: [idn] Mac OS X Safari and IDN spoofing
Erik van der Poel <erik@vanderpoel.org> Fri, 25 March 2005 19:22 UTC
Received: from psg.com (mailnull@psg.com [147.28.0.62]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA02276 for <idn-archive@lists.ietf.org>; Fri, 25 Mar 2005 14:22:42 -0500 (EST)
Received: from majordom by psg.com with local (Exim 4.44 (FreeBSD)) id 1DEuId-00049H-V8 for idn-data@psg.com; Fri, 25 Mar 2005 19:16:51 +0000
Received: from [207.115.63.77] (helo=pimout1-ext.prodigy.net) by psg.com with esmtp (Exim 4.44 (FreeBSD)) id 1DEuIc-00048m-OQ for idn@ops.ietf.org; Fri, 25 Mar 2005 19:16:51 +0000
Received: from [10.1.1.2] (adsl-64-174-147-206.dsl.sntc01.pacbell.net [64.174.147.206]) by pimout1-ext.prodigy.net (8.12.10 milter /8.12.10) with ESMTP id j2PJGfmU060668; Fri, 25 Mar 2005 14:16:43 -0500
Message-ID: <42446397.7030100@vanderpoel.org>
Date: Fri, 25 Mar 2005 11:16:39 -0800
From: Erik van der Poel <erik@vanderpoel.org>
User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Gervase Markham <gerv@mozilla.org>
CC: idn@ops.ietf.org
Subject: Re: [idn] Mac OS X Safari and IDN spoofing
References: <p06210212be663c22ba1c@[10.20.30.249]> <4240917F.30801@mozilla.org> <9271f2a6d20072ae7e9f1cf9e74cce45@seng.cc> <42442A07.2030003@mozilla.org>
In-Reply-To: <42442A07.2030003@mozilla.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on psg.com
X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.0.1
Sender: owner-idn@ops.ietf.org
Precedence: bulk
Content-Transfer-Encoding: 8bit
Gervase Markham wrote: > James Seng wrote: >> choose the scripts you use most often that you like to display >> normally but otherwise, will display in punycode. > > What sort of effect do you think it will have on IDN acceptance and use > if companies using IDN domains know that their domain name will display > as gobbledygook in an unknown percentage of their customer's browsers? Companies, organizations and individuals are permitted to register more than one domain name. Companies that operate all over the world may wish to register domain names using their local names. It remains to be seen whether we will ever reach the point where a large percentage of users can view domain names containing characters from their "own" character set, but some registrants may wish to register their names now anyway, just in case. (Anyone willing to guess what that percentage is at the moment?) I just went to Coca-Cola's site and navigated to their Chinese site to try to find out how they "spell" their name in Chinese. I don't know if this email is going to work, but here it is: 可口可乐 Then I used IBM's IDN demo to convert it to Punycode: xn--fjqs9k9ab. Then I tried the CN and COM domains, and found that the CN one was a totally unrelated site, probably a squatter. The COM site was another squatter, with "money & sex" in large letters, and "domain names ... for sale". I also tried to find the Taiwanese version of Coca-Cola. Again, this may not work: 可口可樂 The Punycode for this is xn--6orxab817t. I tried this name in the TW domain and reached Taiwan's NIC, where the Coca-Cola company can now register their name for a reasonable price (hopefully). The COM domain had another squatter. So, while we are talking about technical details, squatters are taking action... Erik PS If I got the Chinese name for Coca-Cola wrong, or the Punycode is incorrect, please let me know. This was just an experiment...
- Re: [idn] Mac OS X Safari and IDN spoofing Gervase Markham
- Re: [idn] Mac OS X Safari and IDN spoofing Erik van der Poel
- Re: [idn] Mac OS X Safari and IDN spoofing Gervase Markham
- Re: [idn] Mac OS X Safari and IDN spoofing Erik van der Poel
- Re: [idn] Mac OS X Safari and IDN spoofing Erik van der Poel
- Re: [idn] Mac OS X Safari and IDN spoofing Erik van der Poel
- [idn] Mac OS X Safari and IDN spoofing Paul Hoffman
- Re: [idn] Mac OS X Safari and IDN spoofing JFC (Jefsey) Morfin
- Re: [idn] Mac OS X Safari and IDN spoofing James Seng