Another Transition Plan Proposal
Gervase Markham
gerv at mozilla.org
Fri Dec 11 01:33:12 CET 2009
On 10/12/09 15:54, John C Klensin wrote:
> In the context of how I understand the DNS works, there is no
> "sit there". Let's talk haßle.com as an example first. First
> of all, I'm not sure what "alias" means.
<snip>
Thanks for the clue. Various things have now dropped into place. I must
say I am somewhat surprised that the DNS has not evolved a way to say
simply "this domain is actually that domain" - DNAME seems close, but
not quite, that, as Vagellis mentioned in in what I now realise was his
request for just this ability.
But my surprise has no bearing on the nature of reality :-)
> we can try to make an alias with DNAME. But there we run into
> problems if the owner of hassle.com actually expects
> http://hassle.com/ (as distinct from http://www.hassle.com/ to
> work, because http://haßle.com/ won't work, at least without
> some other measures.
Can those measures be taken by the .com owner, or do they have to be
taken by the haßle.com registrant?
> Also note that, if "Mississippi" were a label in a domain
> concerned with German, any simple mechanical operation would be
> required to bundle with it, not only Mißißippi, but also
> Mißissippi and Missißippi because any one of the three of them
> might turn out to be the correct spelling. As we have
> discovered with other situations in which variant bundling has
> been deployed, the combinations explode rather quickly -- the
> registry is not limited to dealing with one extra label per
> label that contains "ss".
I agree, although I do think the combinatorial explosion will be limited
in practice. There are not many www.hissssss.com domains registered. And
the Greeks and Cypriots may well decide that only bunding variants where
the s precedes a hyphen or is at the end of the label may well cover a
high enough % of cases.
> But, without that, "alias" turns out to be a complicated concept
> for which mere string substitution doesn't do the job... unless
> one is willing to have all of the strings thus generated produce
> lame delegations or pointers back to the registry, which are
> among the conditions your note assumes are to be avoided.
OK. So I guess what confuses me about this is that, in the context of
IDN spoofing, there was a lot of talk of "bundling or blocking" variant
forms. What did people mean when they said "bundling"? DNAME? Are we now
back to the point that no-one really knows what "bundling" means?
> The difficulty, unfortunately, is that talking seriously about
> "aliases" as a means of bundling requires understanding those
> technical details.
Duly noted.
> See Cary's note for the other aspects of this. While some
> domains have used variant-style bundling (more or less what you
Like e.g. here - what exactly do _you_ mean on a technical level by
"variant-style bundling"? And how can't the same mechanism be used to do
what I'm suggesting?
> Except one then starts permitting, e.g., ß in strings that have
> nothing to do with German and putting it in front of people who,
> absent other clues and seeing what they expect to see, might
> consider it visually confusable with Greek beta or even Latin
> "b". Solving the transition problem by making a gift to the
> phishers does not seem to me to be optimal.
That is a very reasonable point, and well-made. :-/
Gerv
More information about the Idna-update
mailing list