[At-Large] Google Developers : Humans can't read URLs. How can we fix it? - HTTP 203

bzs at theworld.com bzs at theworld.com
Tue Feb 11 20:12:00 UTC 2020

Just to throw a little more into the mix there are also "homonym"
attacks, for example sneaking a Cyrillic (e.g., Russian) 'o' into
microsoft . com, they look the same as a Latin-1 'o' but are encoded

Some browsers recognize that and will display "punycode", xn-blahblah,
rather than the graphical version but there are all sorts of places
this might be abused (e.g., a link in an email or sms, etc.)

My real point is it's a big and, I like to think, active topic.

A lot of it falls more into the realm of the IETF, engineering issues,
and human factors engineering, rather than policy at this point other
than perhaps supporting whatever the gearheads come up with to
mitigate all this and to turn any engineering recommendations into
workable policy. And education about the problem of course.

        -Barry Shein

Software Tool & Die    | bzs at TheWorld.com             | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD       | 800-THE-WRLD
The World: Since 1989  | A Public Information Utility | *oo*

More information about the At-Large mailing list