Re: [idn] punctuation

[tedd <tedd@sperling.com>]

John:

>I think the idea gets into trouble only when the application starts
>making guesses as to what should (or should not) be on that
>list.

Yes, that's one problem -- a big one.

>No, this wouldn't "solve" the problem.  I agree with Erik that,
>if people had people had high expectations for it, they would be
>badly disappointed.

Agreed.

>But I'm convinced that we aren't going to find a magic bullet
>here.  Instead, we can do some large fraction of the "useful,
>but not a solution" tools that have been suggested.

Provided that those tools do not instill a false sense of security or 
overly-warn the end user. I certainly would not want to be on the 
receiving end of a law suit claiming that my tool-tip didn't warn an 
end-user of a spoof OR from an honest company suing me for defamation 
of character because my tool-tip suggested otherwise.

I know the law well enough to realize that sometimes doing anything 
is an admission of responsibility. As such, regardless of the 
intellectual intent and pursuit, doing something is not always better 
than doing nothing. If you're going to do something, make sure you 
have a defendable foundation for your actions.

>We can try
>to restrict characters that are clearly dangerous, adopting, if
>necessary, a view that the fact someone wants to register or use
>a particular string doesn't mean that they are entitled to do
>so.

If you are talking about characters that are "clearly" dangerous, 
then of course you have sufficient proof for your actions and I agree 
with you. However, the fact that someone "wants" to register a 
particular string doesn't mean that they are NOT entitled to do so. 
In fact, considering civil liberties and freedom of speech, they may 
even have the right to do so. However, I am not offering a legal 
opinion. I'm just saying that the entire process is not evolving a 
vacuum, but rather driven by multifaceted interest and concerns -- 
that are larger than this list.

>We can adopt a variety of warning technologies --whether
>they involve colors, displaying punycode, pop-up warnings, or
>something else-- and let applications compete on which ones can
>do a better job of that.   We can try some user education.   We
>can use the UDRP and/or the legal system in various countries to
>push back on those who register deceptive names and on the
>registrars and registries that encourage the registration of
>such names.  And other ideas may come along that should be
>implemented.

Again, I believe that you are assuming liability by doing so. How 
much liability depends upon how deep your pockets are, or those of 
your employer. That's not good, nor bad -- it's just life.

>Then we can hope that those things, in combination, reduce the
>problem to some tolerable level, understanding that it will
>never completely go away.

I wish you the best. But before you do, you might want to look into 
the problems that the anti-spam industry has with the back-lash of 
law suits from spammers. Not a pretty picture and it seems that 
everyone has rights, or at the very least, money to spend to prove 
their point.

tedd
-- 
--------------------------------------------------------------------------------
http://sperling.com/