[dns-operations] Emoji "Female" symbol fails to resolve at Google's &

James Stevens James.Stevens at jrcs.co.uk
Mon Jul 17 11:44:59 UTC 2017


"2.11.1 Recommendations for End-Users

A. Use browsers, mail clients, and other software that have put 
user-agent guidelines into place to detect spoofing."


Although "D. Where there are alternative domain names, choose those that 
are less spoofable" - seems tough to achieve given the number of Latin 
characters where one that is visually identical can be found in Cyrillic.

On 12/07/17 14:56, Andrew Sullivan wrote:
>> However, it would be easy for browsers to warn users if the URL is made from
>> a mixture of different character sets - we did this in a registry system to
>> trigger a warning for such applications - so I'm not sure why they haven't
>> done that.
> Because there hasn't been a consistent standard because it's very,
> very hard to do this algorithmically.  Some languages are written in
> more than one script (which is what I think you mean by "character
> set" -- it's all one coded character set), and in some local contexts
> mixed script identifiers might be sane too.
> Internationalization is really hard.  The IETF has a miserable time at
> it, partly because there are a lot of engineers who don't use anything
> other than Latin.

More information about the dns-operations mailing list