Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Friday 2007-10-05 at 13:13 +0100, Dave Howorth wrote:
On Thu, 2007-10-04 at 01:06 +0200, Carlos E. R. wrote:
Another curiosity is that the whois for .com do support IDN, but
others,
like .cl or .es, do not - and they should, as they are interested
parties
in this.
Also interesting and perhaps relevant is that cl is listed as a good guy
on: <http://www.mozilla.org/projects/security/tld-idn-policy-list.html>
I had no idea of this.
Sadly com is not. Neither is es
So if I read the implications correctly, you may be able to register
spoof domains on .com and the whois will spoof you as well. You can't
register spoof domains on .cl and the whois is completely unambiguous
but a pain unless/until they upgrade their whois. Not sure what the
position of .es is?
They started registering IDN domains only two days ago, but that's
about all I know. The charset they allow is published:
'á', 'à', 'é', 'è', 'í', 'ì', 'ó', 'ò', 'ú', 'ü', 'ñ', 'Ç' and 'l·l'
but I don't know if there is danger in them or not, nor what is the
policy.
- -- Cheers,
Carlos E. R.
This looks nuts! Many of us have no convenient (or any) access to
characters like this. I can do some of them
in a word-proceesor, but certainly not in e-mail or Google, etc. Whose
dumb idea was this, anyway?
--doug
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
