Data on confusables

Vint Cerf vint at google.com
Thu Jul 30 13:06:44 CEST 2009


The WG went around on this topic several times and reached a  
conclusion that differs from Mark's. At this point, I don't understand  
the rationale for re-opening the debate.

v

On Jul 30, 2009, at 7:02 AM, Gervase Markham wrote:

> On 30/07/09 11:32, Vint Cerf wrote:
>> the present formulation deliberately built up its PVALID forms by
>> inclusion rather than exclusion precisely to try to limit which
>> characters are permitted to be used.
>>
>> In particular, IDNA2008 tried to achieve this by invoking Unicode
>> properties and inventing formulae to apply them.
>>
>> Excluded from PVALID are a range of character classes including
>> punctuation and mathematical symbols, but the WG consensus is that no
>> set of rules will absolutely eliminate all forms of confusion or
>> deliberate spoofing. Rather, a combination of character limitations  
>> and
>> registry (zone administrator) filtering seems to be needed and even  
>> then
>> one can anticipate weak filtering out of negligence or ignorance.
>
> Yes, I know and agree with all of that. But Mark is making a  
> stronger point; he is saying that it will hardly help at all. Of  
> course, this is a subjective judgment, so we could argue back and  
> forth all day. But it does seem to me that eliminating protocol- 
> alikes in a way which can now be consistent across implementations  
> is a significant step forward.
>
> Gerv



More information about the Idna-update mailing list