Q3: What characters should be allowed in a revised IDNA2008 specification?

Erik van der Poel erikv at google.com
Wed Apr 1 19:21:16 CEST 2009

I believe some client implementations and registries will eventually
support some symbols fully, no matter what this WG says.

Computing has changed quite a bit. The keyboard is just one way to
enter a domain name. These days, many people use the mouse. They type
queries into search engines, and click on search results that look
interesting. They write blogs and make them available at domain names
of their own choice, allowing readers to navigate to them with their
mouse or handheld device. Or they redirect the user's typed URL to
some other URL with their preferred characters. The domain name system
does not have to be restricted to the keyboard any more.

Users must be taught to be careful with their private info, passwords,
money, etc. UIs must display domain names carefully when secure
transactions occur. For example, HTTPS connections require extra care.
Users should be encouraged to type their bank's domain name, instead
of clicking on an untrusted URL.

When a person approaches a Wells Fargo bank, to use the ATM, they look
at the name of the bank, the coloring, etc, to make sure it's
familiar. They make sure nobody is looking while they type in their

On the other hand, when a person approaches a toy store, the name and
coloring of the store do not matter. The person is drawn to the store
by the window displays, etc.

So my conclusion is that although a lot of work remains to be done to
make UIs secure when they are required to be secure, ultimately this
WG will not be able to keep symbols out of the lower-level domain
names, and perhaps even the high-level ones, considering ICANN's
recent behavior.

I realize that this is likely to be controversial, but I am just
offering my opinion with a long-term view.


PS This works in Firefox: http://近親相姦☆.sblo.jp/

On Tue, Mar 31, 2009 at 9:14 AM, Vint Cerf <vint at google.com> wrote:
> IDNA2008 currently allows a more restricted set of characters to be
> used in domain name labels than IDNA2003 does.
> Does the working group agree that the more restricted set of the
> current IDNA2008 Tables document should apply once IDNA2008 is
> adopted? What should be done about registrations that use characters
> that would not be allowed under IDNA2008? Should there be a
> transitional period of finite duration after which these registrations
> will become invalid? Should they be grandfathered somehow? If we
> believe all future registrations should be restricted, how would such
> grandfathered registrations be found if the IDNA2008 rules would
> reject lookups of the disallowed characters?
> A two-lookup scheme might solve this problem:
> 1. lookup according to IDNA2008 rules (if disallowed characters are
> present, go to step 2); if domain name record is found, return the
> information. If not, go to step 2
> 2. lookup according to IDNA2003 rules (permitting a broader range of
> characters in the lookup process). If domain record is found, return
> it, if not return "no such domain name"
> Vint Cerf
> Google
> 1818 Library Street, Suite 400
> Reston, VA 20190
> 202-370-5637
> vint at google.com
> _______________________________________________
> Idna-update mailing list
> Idna-update at alvestrand.no
> http://www.alvestrand.no/mailman/listinfo/idna-update

More information about the Idna-update mailing list