A stop gap solution for MS IDN Problem

Microsoft Link
Quote
IDNA introduces some security issues. For example, glyphs that represent certain characters from different scripts may appear similar or identical. For example, in many fonts Cyrillic lowercase A (“а”) is indistinguishable from Latin lowercase A (“a”). There is no way to tell visually that “example.com” and “exаmple.com” are two different domain names, one with a Latin lowercase A in the name, the other with a Cyrillic lowercase A. This visual ambiguity could be used by an unscrupulous host site to spoof the name of another site.
The extended character set that IDNA allows for domain names also has spoofing potential within a particular script. For example, there is a strong resemblance among the hyphen-minus (“-“, U+002D), the hyphen (“?” U+2010), the non-breaking hyphen (“‑” U+2011), the figure dash (“‒” U+2012), the en dash (“–” U+2013), and the minus sign (“−” U+2212).

Alas though having trawelled thoughout Microsft, MSDN & Technet there is very little information on this except the fact they know of the problem. They site some software to use to get to international domains

MS KB Artcle 842848 lists the following software:-
The Verisign i-Nav plug-in
http://www.idnnow.com/index.jsp
The Domain Avenue.com iClient plug-in
http://www.domainavenue.com/ml_iclient.htm
The Netpia NLIA plug-in
http://e.netpia.com

Now is does not state that these software applications are a fix for the problem they will in fact act as a stop gap until they come up with a built-in patch for IDN’s

So one of the above programs could be used as a temporary patch

Author: netweb

#bbPress core committer, contributor & moderator, #WordPress, and #BuddyPress Build Tools component maintainer. You can find me on WordPress Slack as @netweb, Twitter as @netweb, GitHub as @ntwb.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s