Stories
Slash Boxes
Comments

SoylentNews is people

Web Browsers and International Domain Names

posted by martyb on Sunday March 11 2018, @10:39AM   Printer-friendly
from the söylêntnéws.org dept.

An Anonymous Coward writes:

Brian Krebs writes on how browsers choose to display IDN. The issue here is of course spoofing valid URLs with visually similar letters. You probably would notice the lame attempt in the department line but some of the international characters are very similar or indeed identical. Depending on your personal preferences it might be a good idea to use punycode instead. Could save you a headache later.

https://krebsonsecurity.com/2018/03/look-alike-domains-and-visual-confusion/

Here are some of the applicable RFCs:

  • RFC 3490 - Internationalizing Domain Names in Applications (IDNA)
  • RFC 3491 - Nameprep: A Stringprep Profile for Internationalized Domain Names (IDN)
  • RFC 3492 - Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA)
  • RFC 3986 - Uniform Resource Identifier (URI): Generic Syntax
  • RFC 4690 - Review and Recommendations for Internationalized Domain Names (IDNs)
  • RFC 5890 - Internationalized Domain Names for Applications (IDNA): Definitions and Document Framework
  • RFC 5891 - Internationalized Domain Names in Applications (IDNA): Protocol
  • RFC 5892 - The Unicode Code Points and Internationalized Domain Names for Applications (IDNA)
  • RFC 5893 - Right-to-Left Scripts for Internationalized Domain Names for Applications (IDNA)
  • RFC 5894 - Internationalized Domain Names for Applications (IDNA): Background, Explanation, and Rationale

Original Submission

 
This discussion has been archived. No new comments can be posted.
Web Browsers and International Domain Names | Log In/Create an Account | Top | 74 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Monday March 12 2018, @03:59AM (1 child)

    by Anonymous Coward on Monday March 12 2018, @03:59AM (#651192)

    Psst! YOU FORGOT TO TICK THE POST ANON BOX
    Now everyone knows you are one of the ducks who posts about black people using unPC terminology

  • (Score: 2) by requerdanos on Monday March 12 2018, @02:49PM

    by requerdanos (5997) Subscriber Badge on Monday March 12 2018, @02:49PM (#651347) Journal

    posts about black people

    That's not a post about people of any particular color--that's the self-given name of a troll who made several racially charged, obscenity-laden almost-spam* troll posts here. Once the messages started to get filtered administratively, the troll used various alternate spellings and alternate characters to post the same message for a while in evasion of the filters. The admins won, the troll lost, and the episode was a learning experience similar to how to international domain name problem is also a learning experience.

    You don't need to be anonymous to know that any of this happened; it doesn't help in any way. Remembering a troll's tactics does not make you that troll.

    -----
    * I say almost-spam because the troll would often devote a few words of an otherwise invariant troll post to the topic of the article being trolled. It was odd. The posts were frankly more bizarre than offensive, despite their inflammatory language.