[LINK] ICANN's non-Latin domain names
Fred Pilcher
fpilcher at netspeed.com.au
Sun Jan 3 19:07:43 AEDT 2010
Kim Davies wrote:
> On Jan 2, 2010, at 7:21 PM, Fred Pilcher wrote:
>
>> Richard Chirgwin wrote:
>>> In Firefox on Linux, the remapping is visible. Gee, what a great
>>> phishing opportunity ... habituate users to URL remapping. *Great* idea,
>>> Batman!
>> Not here. I see mañana.com.
>>
>> What's happening I wonder.
>
> Firefox showing the A-label form of the domain (i.e. prefixed with xn--) is their method of limiting the impact of homographic attacks. The idea is that for untrusted top-level domains, they will at least convert to the wire form and the end user might get that something is up when they see http://www.xn--pypal-4ve.com/ in their address bar after they type in paypal.com with a cyrillic 'a'. All top-level domains are untrusted (including .com), unless Firefox has whitelisted them. Its whitelist is quite small.
Thanks Kim - that was what I thought. So how come it's only displaying
mañana.com for Richard and me? Or have I misunderstood?
Fred
More information about the Link
mailing list