Return-Path: Received: from eikenes.alvestrand.no ([unix socket]) by eikenes.alvestrand.no (Cyrus v2.1.11-Mandrake-RPM-2.1.11-1mdk) with LMTP; Wed, 16 Feb 2005 12:06:30 +0100 X-Sieve: CMU Sieve 2.2 Return-Path: Received: from localhost (localhost.localdomain [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id 0602461BAD for ; Wed, 16 Feb 2005 12:06:30 +0100 (CET) Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 21875-02 for ; Wed, 16 Feb 2005 12:06:28 +0100 (CET) Received: from psg.com (psg.com [147.28.0.62]) by eikenes.alvestrand.no (Postfix) with ESMTP id 127FF61BAB for ; Wed, 16 Feb 2005 12:06:28 +0100 (CET) Received: from majordom by psg.com with local (Exim 4.44 (FreeBSD)) id 1D1MzC-000PTX-Ai for idn-data@psg.com; Wed, 16 Feb 2005 11:04:50 +0000 Received: from [63.247.74.122] (helo=montage.altserver.com) by psg.com with esmtp (Exim 4.44 (FreeBSD)) id 1D1Mz2-000PMd-AC for idn@ops.ietf.org; Wed, 16 Feb 2005 11:04:40 +0000 Received: from lns-p19-4-idf-82-65-252-32.adsl.proxad.net ([82.65.252.32] helo=jfc.afrac.org) by montage.altserver.com with esmtpa (Exim 4.44) id 1D1Mz1-00087N-CG for idn@ops.ietf.org; Wed, 16 Feb 2005 03:04:39 -0800 Message-Id: <6.1.2.0.2.20050216114841.032d7eb0@mail.jefsey.com> X-Sender: jefsey+jefsey.com@mail.jefsey.com X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Wed, 16 Feb 2005 12:02:30 +0100 To: idn@ops.ietf.org From: "JFC (Jefsey) Morfin" Subject: Re: [idn] homogram attacks: cyrillic and registration guideline In-Reply-To: <42132091.4010600@lsb.org> References: <42132091.4010600@lsb.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - montage.altserver.com X-AntiAbuse: Original Domain - ops.ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - jefsey.com X-Source: X-Source-Args: X-Source-Dir: Sender: owner-idn@ops.ietf.org Precedence: bulk X-Virus-Scanned: by amavisd-new at alvestrand.no Dear Soobook, it would have been so easy to say 'all the IDNs are to be punycoded 3LD+ with "xn--ISO 639 language code" as an SLD, language code+TLD being documented by the TLD table'. This would have permitted additional limited/full mixed tables in permitting ISO 639+1 or 2 chars tags. This would have been so coherent with DNS that this is probably the way plug-ins resolve the problem, until some fed-up Govs create their own conpressed "xn--ISO 639.ccTLD" version under the form of MLTLDs with their common addition to the root. Anyway all this is of low interest since what we discuss are SLDs, not 3LDs and lower where the registrant is free. jfc On 11:29 16/02/2005, Soobok Lee said: >IDN WG had discussed about this IDN-based homogram attacks 3 years ago. >The conclustion is that: the problem should be solved in registration stage, > not in encoding/protocol level. > >So we have now "IDN registration guideline for CJK (han ideographs) >languages", but that >does not cover cyrillic / greek ones yet. IETF seems to have no >plan to expand and >publish it. that is, "Do it yourself , registries !", > >http://www.unicode.org/charts/PDF/U0400.pdf > >I ask you all to open this PDF unicode chart and see how many >lowercase cyrllic >alhpabets look exactly the same as their latin-alphabet lowercase >counterparts . > >To list some of them, " a e i y c o s j". >(some of them are not russian,but for eastern europe) > >In the uppercase characters, "B H M P" including the above 8 chars. >cyrillicHP.com /ascii HP.com came from the latter category. > >please compare the lowercase "cyrillic iii.com" with ascii "iii.com" >. In the address bar, >they may look exactly the same, because cyrillic/ascii fonts are almost >the same ones >in many OS/GUI environments. > >Soobok > > >