[At-Large] IDN Variants in the market place

Andrei Kolesnikov andrei at rol.ru
Mon Jul 23 16:05:55 UTC 2018


Mixing scripts on the left and right is a sin initially. Cool registries
ban it at EPP level.

--andrei

2018-07-20 22:34 GMT+03:00 Alejandro Pisanty <apisanty at gmail.com>:

> Hi,
>
> "at least in ASCII space" still can't work. Innumerable strings contain
> characters that, in turn, have look-alikes in other character sets, many in
> more than one. To get a sense of scale, try "aardvark" first; EVERY
> character has a potential substitute. Also please remember the row around
> ".bg" in Cyrillic. (Again, barring correction from someone more
> knowledgeable.)
>
> Alejandro Pisanty
>
> On Fri, Jul 20, 2018 at 1:55 PM, Sivasubramanian M <6.Internet at gmail.com>
> wrote:
>
>>
>>
>> On Sat, Jul 21, 2018, 12:19 AM Alejandro Pisanty <apisanty at gmail.com>
>> wrote:
>>
>>> Barry,
>>>
>>> spot on, plus the idea of a list of forbidden strings appears to be pure
>>> lunacy in this context.
>>>
>>
>> All strings are potentially an attack for any substitution of any
>>> character by any IDN look-alike character. The list would contain a couple
>>> zillion names and as you say, many could be legtimate. To complicate things
>>> further, an ASCII "A" could be used in an homograph attack by substituting
>>> for a Greek or Cyrillic "A" as well.
>>>
>>> I may be missing something and would study a correction though.
>>>
>>
>> for the Registries, at least in the ASCII space, to volunteer to feed
>> their respective list of harmful names
>>
>> You missed 'at least in ASCII space'.
>>
>>
>>> Alejandro Pisanty
>>>
>>> On Fri, Jul 20, 2018 at 1:37 PM, <bzs at theworld.com> wrote:
>>>
>>>>
>>>> On July 19, 2018 at 15:48 6.Internet at gmail.com (Sivasubramanian M)
>>>> wrote:
>>>>  > Please take a look at the attached screenshot of a domainer's offer
>>>> to sell
>>>>  > single character IDNs, for instance an IDN variant (lookalike) of
>>>> the ASCII
>>>>  > character X, which sets a harmful trend. This is an issue if
>>>> confusability.
>>>>
>>>> The general term for this is "homograph attack" or specifically "IDN
>>>> homograph attack", where "attack" may be in the eye of the beholder:
>>>>
>>>>   https://en.wikipedia.org/wiki/IDN_homograph_attack
>>>>
>>>> and has been the subject of much discussion over recent years and
>>>> little resolution.
>>>>
>>>> I believe one popular proposal is browser support which either
>>>> visually flags such IDNs or displays the punycode alongside which is
>>>> an ASCII represenation and should make obvious that this not what one
>>>> might suspect.
>>>>
>>>> For example (from this wikipedia page): xn--bcher-kva.tld indicating
>>>> an umlauted 'u' is in there but importantly that it's not just
>>>> bucher.tld.
>>>>
>>>>   https://en.wikipedia.org/wiki/Punycode
>>>>
>>>> There's still the problem with intent. Could I legitimately offer for
>>>> sale the strings with and without the umlaut? I think that's generally
>>>> considered acceptable.
>>>>
>>>> Caveat emptor?
>>>>
>>>>  >
>>>>  > I understand that the Registries (are required to?) maintain a list
>>>> of harmful
>>>>  > names for their TLDs, but there is no common minimal list of harmful
>>>> names. One
>>>>  > possible way to achieve this is for the Registries, at least in the
>>>> ASCII
>>>>  > space, to volunteer to feed their respective list of harmful names
>>>> into a
>>>>  > common Registry Stakeholder database, and then draw up a common
>>>> minimum list of
>>>>  > harmful domain names that any Registry could avoid registering.
>>>>  >
>>>>  > If At-Large could shape this as a workable suggestion, it could
>>>> formally go to
>>>>  > the Registry Stakeholders.
>>>>  >
>>>>  > Sivasubramanian M
>>>>  > x[DELETED ATTACHMENT Screenshot_20180719-152932~2.png, PNG image]
>>>>  > _______________________________________________
>>>>  > At-Large mailing list
>>>>  > At-Large at atlarge-lists.icann.org
>>>>  > https://atlarge-lists.icann.org/mailman/listinfo/at-large
>>>>  >
>>>>  > At-Large Official Site: http://atlarge.icann.org
>>>>
>>>> --
>>>>         -Barry Shein
>>>>
>>>> Software Tool & Die    | bzs at TheWorld.com             |
>>>> http://www.TheWorld.com
>>>> Purveyors to the Trade | Voice: +1 617-STD-WRLD       | 800-THE-WRLD
>>>> The World: Since 1989  | A Public Information Utility | *oo*
>>>> _______________________________________________
>>>> At-Large mailing list
>>>> At-Large at atlarge-lists.icann.org
>>>> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>>>>
>>>> At-Large Official Site: http://atlarge.icann.org
>>>>
>>>
>>>
>>>
>>> --
>>> - - - - - - - - - - - - - - - - - - - - - - - - - - -
>>>      Dr. Alejandro Pisanty
>>> Facultad de Química UNAM
>>> <https://maps.google.com/?q=UNAM+Av.+Universidad+3000&entry=gmail&source=g>
>>> Av. Universidad 3000
>>> <https://maps.google.com/?q=UNAM+Av.+Universidad+3000&entry=gmail&source=g>,
>>> 04510 Mexico DF Mexico
>>> +52-1-5541444475 FROM ABROAD
>>> +525541444475 DESDE MÉXICO SMS +525541444475
>>> Blog: http://pisanty.blogspot.com
>>> LinkedIn: http://www.linkedin.com/in/pisanty
>>> Unete al grupo UNAM en LinkedIn, http://www.linkedin.com/e/gis/
>>> 22285/4A106C0C8614
>>> Twitter: http://twitter.com/apisanty
>>> ---->> Unete a ISOC Mexico, http://www.isoc.org
>>> .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
>>> _______________________________________________
>>> At-Large mailing list
>>> At-Large at atlarge-lists.icann.org
>>> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>>>
>>> At-Large Official Site: http://atlarge.icann.org
>>
>>
>
>
> --
> - - - - - - - - - - - - - - - - - - - - - - - - - - -
>      Dr. Alejandro Pisanty
> Facultad de Química UNAM
> Av. Universidad 3000, 04510 Mexico DF Mexico
> +52-1-5541444475 FROM ABROAD
> +525541444475 DESDE MÉXICO SMS +525541444475
> Blog: http://pisanty.blogspot.com
> LinkedIn: http://www.linkedin.com/in/pisanty
> Unete al grupo UNAM en LinkedIn, http://www.linkedin.com/e/gis/
> 22285/4A106C0C8614
> Twitter: http://twitter.com/apisanty
> ---->> Unete a ISOC Mexico, http://www.isoc.org
> .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
>
> _______________________________________________
> At-Large mailing list
> At-Large at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>
> At-Large Official Site: http://atlarge.icann.org
>



-- 
Andrey Kolesnikov
RIPN.NET
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/at-large/attachments/20180723/5993cf79/attachment-0001.html>


More information about the At-Large mailing list