Much noise was made when the Shmoo group pointed out an obvious flaw (obvious, as in the designers knew all along) in the Internationalized Domain Name system. The long and short of it is that there are characters in other alphabets that look just like letters in our latin alphabet, and you can use these to visually spoof domain names to users, and pretend for instance to be paypal.com. There were a number of suggestions to disable IDN support in Firefox, but almost all of them were temporary fixes (due to bugs in Mozilla). This site has instructions to permanently prevent this from happening using the wonderful Adblock extension for Firefox.
This link was posted to an internal discussion list about this same topic. Apparently the author in that link is one of the authors of IDN standards.
I read that article, but I think it is mostly fingerpointing….
Browser makers point to registrars, registrars claim they aren’t the alphabet police, standard makers point to browser makers….
I agree, but I was more pointing it out in case you haven’t read it which was apparently not the case.
I rather liked the plugin that highlighted parts of words in different colors for different character sets. That seemed to allow for legitimate internationalization.
Does that actually exist, or was that just the suggested solution of the article wes pointed to above?
Oh, my bad.
Thanks for the adblock workound link.
That works, but it’s still a temporary fix that doesn’t allow for legitimate international URLs.
Of course, but IDN is completely worthless until either Firefox dwarves IE or IE supports IDN.
Until that day, IDN is totally unimportant.
IE needs to support it out of the box, not with some Verisign plugin that will be as successful as the AlterNIC was.