<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"American Typewriter";}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle20
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body bgcolor=white lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>More on the issue… any comments? Someone from Google here?<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><a href="https://threatpost.com/google-fixes-unicode-phishing-vulnerability-in-chrome-58-firefox-standing-pat/125099/">https://threatpost.com/google-fixes-unicode-phishing-vulnerability-in-chrome-58-firefox-standing-pat/125099/</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Cheers,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Dusan<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> ua-discuss-bounces@icann.org [mailto:ua-discuss-bounces@icann.org] <b>On Behalf Of </b>Richard Merdinger<br><b>Sent:</b> Wednesday, April 19, 2017 11:15 PM<br><b>To:</b> Asmus Freytag <asmusf@ix.netcom.com>; ua-discuss@icann.org<br><b>Subject:</b> Re: [UA-discuss] Re : And now about phishing...<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Thank you for the thoughtful reply, Asmus.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>--Rich<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><div><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Richard Merdinger<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>VP, Domains - GoDaddy <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p></div><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal style='margin-left:36.0pt'><b><span style='font-family:"Calibri",sans-serif;color:black'>From: </span></b><span style='font-family:"Calibri",sans-serif;color:black'><<a href="mailto:ua-discuss-bounces@icann.org">ua-discuss-bounces@icann.org</a>> on behalf of Asmus Freytag <<a href="mailto:asmusf@ix.netcom.com">asmusf@ix.netcom.com</a>><br><b>Date: </b>Wednesday, April 19, 2017 at 3:44 PM<br><b>To: </b>"<a href="mailto:ua-discuss@icann.org">ua-discuss@icann.org</a>" <<a href="mailto:ua-discuss@icann.org">ua-discuss@icann.org</a>><br><b>Subject: </b>Re: [UA-discuss] Re : And now about phishing...<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:36.0pt'><o:p> </o:p></p></div><div><p class=MsoNormal style='margin-left:36.0pt'>On 4/19/2017 6:11 AM, Tan Tanaka, Dennis via UA-discuss wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The thing with homoglyphs is that it depends on the choice of font type and size. That’s why it is hard to define the set. For example, in certain font types lower case L ‘</span><span style='font-size:11.0pt;font-family:"American Typewriter"'>l</span><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>’ and number one ‘</span><span style='font-size:11.0pt;font-family:"American Typewriter"'>1</span><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>’ (both ASCII) look almost identical. </span><o:p></o:p></p></blockquote><p class=MsoNormal style='mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:12.0pt;margin-left:36.0pt'><br>For this reason, I like to distinguish between true homoglyphs (identical or near identical appearance by design or across the range of typical UI fonts) on the one hand, and 'merely' similar code points on the other. <br><br>In its most general incarnation, similarity can be accidental. For example "rn" and "m" are harder to distinguish that one might think. This general issue needs to be addressed, but it involves a lot of subjectivity. It also involves cases where of three similar items, one pair may appear distinct, while two other pairs are not. (For a true homograph, the homograph relation should be transitive).<br><br><o:p></o:p></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> </span><o:p></o:p></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>To deal with cases of cross-script homoglyphs, the ICANN IDN guidelines have a requirement to prohibited such registrations (i.e. mixing Cyrillic with Latin in a single label) except for in cases of established orthographies, such as Japanese (i.e. Japanese uses three different scripts: Han, Hiragana and Katakana).</span><o:p></o:p></p></blockquote><p class=MsoNormal style='mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:12.0pt;margin-left:36.0pt'><br>The prohibition on script mixing in a single label is useful for a number of cases, but doesn't cover anywhere near the full scope of the problem.<br><br>Many scripts have an "o". Disallowing script mixing makes sure that one cannot spoof a label containing an "o", by substituting an "o" from another script. So far, so good.<br><br>However, the labels "ooo", "oooo" and so on are not protected. Writing the whole label in the other script makes it 'legal', but it can still be used for spoofing.<br><br>When this only affects a handful of labels (how many strings consisting entirely of "o" will be registered?) the benefit of a general solution is likewise limited. The problem is those scripts that more than one code point like that. E.g. "p", "e", "s" etc. exist in equivalent shapes in both Latin and Cyrillic. Many more labels are thus subject to a whole-label homograph attack, and the prohibition against script mixing doesn't help.<br><br>A more robust approach is to make cross-script homoglyphs blocked variants of each other. This ensures that look-alike strings become mutually exclusive: only one can be delegated. (Note, by the way, that the reduction of available labels is not as big as it might appear: most labels would contain at least one script-unique letter, making it secure from a homograph attack like that).<br><br>For a discussion of variants, read: <a href="https://datatracker.ietf.org/doc/draft-freytag-lager-variant-rules/">https://datatracker.ietf.org/doc/draft-freytag-lager-variant-rules/</a><br><br>A./<br><br><o:p></o:p></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> </span><o:p></o:p></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>-Dennis</span><o:p></o:p></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> </span><o:p></o:p></p><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal style='margin-left:36.0pt'><b><span style='font-family:"Calibri",sans-serif;color:black'>From: </span></b><span style='font-family:"Calibri",sans-serif;color:black'><a href="mailto:ua-discuss-bounces@icann.org"><ua-discuss-bounces@icann.org></a> on behalf of deepak <a href="mailto:deepak.singhal@dil.in"><deepak.singhal@dil.in></a><br><b>Date: </b>Wednesday, April 19, 2017 at 1:33 AM<br><b>To: </b>Dusan Stojicevic <a href="mailto:dusan@dukes.in.rs"><dusan@dukes.in.rs></a>, <a href="mailto:UA-discuss@icann.org">"UA-discuss@icann.org"</a> <a href="mailto:ua-discuss@icann.org"><ua-discuss@icann.org></a><br><b>Subject: </b>[EXTERNAL] [UA-discuss] Re : And now about phishing...</span><o:p></o:p></p></div><div><p class=MsoNormal style='margin-left:36.0pt'> <o:p></o:p></p></div><div><p class=MsoNormal style='margin-left:36.0pt'>Hi,<br><br> <br> These are homoglyph character <a href="http://homoglyphs.net/">http://homoglyphs.net/</a> which can be use in phishing ..<o:p></o:p></p></div><div><p class=MsoNormal style='margin-left:36.0pt'> <o:p></o:p></p></div><div><p class=MsoNormal style='margin-left:36.0pt'>Regards<br>Deepak Singhal<o:p></o:p></p></div><div><p class=MsoNormal style='margin-left:36.0pt'> <o:p></o:p></p></div><div id=mySignature><p class=MsoNormal style='margin-left:36.0pt'> <o:p></o:p></p></div><div style='margin-left:36.0pt'><div class=MsoNormal align=center style='text-align:center'><hr size=2 width="100%" align=center></div></div><p class=MsoNormal style='mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:12.0pt;margin-left:36.0pt'><strong>From:</strong> "Dusan Stojicevic" <a href="mailto:dusan@dukes.in.rs"><dusan@dukes.in.rs></a> <span style='font-size:7.5pt;font-family:"Verdana",sans-serif'>MailId : [68261406]</span><br><strong>To:</strong> "ua-discuss" <a href="mailto:UA-discuss@icann.org"><UA-discuss@icann.org></a><br><strong>Subject: </strong>[UA-discuss] And now about phishing...<br><strong>Date:</strong> 19 Apr 2017 12:24:34 AM <o:p></o:p></p><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:36.0pt'>Interesting and possible><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:36.0pt'><a href="https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/">https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/</a><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:36.0pt'> <o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:36.0pt'>Cheers,<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:36.0pt'>Dusan<o:p></o:p></p></div><p class=MsoNormal style='margin-left:36.0pt'> <o:p></o:p></p><table class=MsoNormalTable border=0 cellpadding=0 style='margin-left:36.0pt'><tr><td width=52 style='width:39.0pt;padding:9.75pt .75pt .75pt .75pt'><p class=MsoNormal><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=icon" target="_blank"><span style='border:solid windowtext 1.0pt;padding:0cm;text-decoration:none'><img border=0 width=46 height=29 id="_x0000_i1026" src="cid:Word%20Work%20File%20D.jpg" alt="age removed by sender."></span></a><o:p></o:p></p></td><td width=467 style='width:350.25pt;padding:9.0pt .75pt .75pt .75pt'><p class=MsoNormal style='line-height:13.5pt'><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:#41424E'>Virus-free. <a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=link" target="_blank"><span style='color:#4453EA'>www.avast.com</span></a></span><o:p></o:p></p></td></tr></table><p class=MsoNormal style='margin-left:36.0pt'><br><span style='font-size:7.5pt;font-family:"Arial",sans-serif;color:white'>Do not Remove:<br>[HID]20170419002433157[-HID]</span> <o:p></o:p></p><div><p class=MsoNormal style='margin-left:36.0pt'><br><span style='font-size:7.5pt;font-family:"Verdana",sans-serif;color:white'>[XGENFOOTER]</span><br><br><span style='font-size:7.5pt;font-family:"Verdana",sans-serif;color:white'>[-XGENFOOTER]</span><o:p></o:p></p></div></blockquote><p style='margin-left:36.0pt'><o:p> </o:p></p></div><div id="DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br />
<table style="border-top: 1px solid #D3D4DE;">
<tr>
<td style="width: 55px; padding-top: 13px;"><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=icon" target="_blank"><img src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif" width="46" height="29" style="width: 46px; height: 29px;" /></a></td>
<td style="width: 470px; padding-top: 12px; color: #41424e; font-size: 13px; font-family: Arial, Helvetica, sans-serif; line-height: 18px;">Virus-free. <a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=link" target="_blank" style="color: #4453ea;">www.avast.com</a>
</td>
</tr>
</table><a href="#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"> </a></div></body></html>