Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing

From: Bjørn Mork
Date: Thu Jul 28 10:07:32 2005

Phillip Vandry <vandry@TZoNE.ORG> writes:
> On Wed, Jul 27, 2005 at 01:47:14PM +0000, Fergie (Paul Ferguson) wrote:
>> Mozilla Foundation has announced changes to Firefox concerning
>> Internationalized Domain Names (IDN) to deal with homograph spoofing
>> attacks.                                                                
>
> Does anyone else think that it's not the job of a web browser to do
> this? The web browser shouldn't even know about IDN details. The
> system's resolver library should convert non ASCII labels to the
> Punycode representation when sending querries, and convert back
> after receiving responses!
>
> Otherwise how can all my applications support IDN?

Please read RFC 3490.


Bjørn

Follow-Ups:
- Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing Phillip Vandry

References:
- Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homographs Spoofing Fergie (Paul Ferguson)
- Re: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing Phillip Vandry

Prev by Date: RE: Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homogr aphs Spoofing
Next by Date: Re: Cisco IOS Exploit Cover Up
Date Index
Thread Index
Author Index
Historical