----- Original Message -----
From: "James Seng/Personal" <[EMAIL PROTECTED]>
version 0.2
>. If the authors is still
> interested to pursue this within the idn wg, then I would suggest the
> draft to be modified to be an investigation of the security impacts.
>
Security impacts of premature IDN on the global internet may be
Deep and Disastrous.
1) facillitate DNS spoofing
Anyone can get <russian a>ol.com from the registry if lucky and make a
spoofing site easily.
they no more need to hire a hacker for rocket-science DNS hijacking .
2) easy impersonation attack on email addresses
From: V<cherokee i>ntCerf@ic<Cyrillic a>nn.org
To: [EMAIL PROTECTED]
Subject: I oppose MD!
From: m<greek o>[EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: i am your mom. I lost my creditcard, let me know your card#.
3) defeat anti-spoofing efforts like DNSSEC
anyone can get the valid certificate issued for his scam email address/site
name.
4) more on my next draft
Soobok Lee
> Thanks!
>
> -James Seng
>
