[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xri] Homographic attacks
This is already covered to some degree in section 3.5 of Syntax. Can you take a look at that section and see what's missing? -----Original Message----- From: Drummond Reed [mailto:drummond.reed@cordance.net] Sent: Monday, February 21, 2005 5:05 PM To: xri@lists.oasis-open.org Cc: 'Adam C. Engst'; glenn@glennf.com Subject: [xri] Homographic attacks Peter et al: As phishing continues on the rise, there is an excellent series of articles in TidBITs by Glenn Fleishman about "homograph" attacks where the attacker registers an international domain name that is - even to the trained eye - undistinguishable from the real thing due to the fact that it uses Unicode characters that are appear extremely similar to ASCII characters. It's become serious enough that they are warning Firefox users to disable IDN until Firefox comes up with a fix. I'm copying Adam and Glenn so they know that this is something the XRI TC is interested in helping prevent with XRIs. (Adam, Glenn, if you want to reply with more info, you can reply back to me and I'll forward to the list.) Peter, I think we should mention this in the Security Considerations section of XRI Syntax. =Drummond To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/xri/members/leave_workgroup .php. -- Checked by AVG Anti-Virus. Version: 7.0.305 / Virus Database: 266.1.0 - Release Date: 2/18/2005
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]