[Cryptography] On those spoofed domain names...
John Levine
johnl at iecc.com
Sat Mar 10 18:08:57 EST 2018
In article <e7d858f4-a982-6b23-e06e-9de33487df31 at echeque.com> you write:
>The solution is obvious:
>
>Map every domain to a canonical look alike
To put it mildly, this is not exactly a new idea. You might want to
read up on terms like normalization and variants and IDNA to see how
not-new it is.
What people who have actually tried it have found it is that it only
gets you so far, because there is a strong cultural aspect to whether
things look alike. For example, to someone who speaks English, the
letters O and Ø look similar, but if you speak Danish or Norwegian
they're completely different. On the other hand, to an English
speaker, 246 and 二四六 look very different, but if you speak Chinese,
they're pretty much interchangable. This doesn't even scratch the
surface of the messes that arise when you have left-to-right and
right-to-left scripts and try to combine them.
R's,
John
More information about the cryptography
mailing list