Ben Laurie blathering

Just How Bad are IDNs?

IDN, in case you didn’t know, stands for “Internationalised Domain Name”. Or something like that. In short it is the highly dubious idea that you should be able to define domain names in any script you like. I thought I’d written before about how this leads to homograph attacks, but I can’t find the post. Perhaps it was so long ago it was before I was blogging?

Anyway, this problem didn’t go away and I was recently pointed at this rather fine slide deck explaining all the problems with IDNs. Well worth a read if you want to see why IDN should be eradicated.

Unfortunately the uselessness that is ICANN thinks that IDNs are politically super-important, and are all tied up with control of the root. So the hell with security, making sure DNS stays in the hands of the US, err, I mean ICANN, is far more important.

1 Comment

  1. I’m willing to agree IDN’s are a bad idea for .com, .org, etc, but I think .jp and .cn and any country-code based domain should allow IDN’s in scripts that are appropriate for their country.

    But this whole discussion assumes people actually:

    1. care about the lock icon

    2. care about the actual domain appearing in URL bar

    I certainly know many many people who will never be able to understand the importance of those two concepts above.

    Say, do you work for a company? Did they provide your computer for you? Maybe they installed their own ROOT CA in your browser. What are you going to do about that?

    Comment by Julius Davies — 24 Oct 2009 @ 7:26

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress