Browser IDN display policy: opinions sought
Simon Josefsson
simon at josefsson.org
Wed Dec 14 11:05:14 CET 2011
Mark Davis ☕ <mark at macchiato.com> writes:
> That says to me that much it would be better to always show the Unicode
> characters (thus giving a uniform UI across browsers),
+1 to that, and thanks for saying it.
I don't think it is constructive to frame a discussion like 'chose
between A, B and C but do not think about the general problem and
propose any other solution that might be better because we don't want to
hear about it'.
> but then provide a more obvious UI signal to users that the page is
> suspect (and for what reason). So from your example, the user should
> see http://www.viagénie.com<http://www.xn--viagnie-eya.com/> and
> http://биатлон.рф <http://xn--80abvnkf0a.xn--p1ai/> in all of the
> browsers.
Exactly.
There is a market for software that protects against "dangerous"
website. Phishing is a technological problem that goes far beyond IDNs.
I suggest we let experts in that area handle that problem, and let us
focus on displaying IDNs to users.
As an analogy, consider if we took a similar approach to MIME
attachments. The way some browsers implement IDNs today is similar to
letting e-mail clients display the raw MIME encoding of the entire
e-mail to the user when the client didn't have the attachment in a
whitelist.
/Simon
More information about the Idna-update
mailing list