[technology taskforce] [At-Large] Google Developers : Humans can't read URLs. How can we fix it? - HTTP 203
bzs at theworld.com
bzs at theworld.com
Tue Feb 11 20:12:00 UTC 2020
Just to throw a little more into the mix there are also "homonym"
attacks, for example sneaking a Cyrillic (e.g., Russian) 'o' into
microsoft . com, they look the same as a Latin-1 'o' but are encoded
differently.
Some browsers recognize that and will display "punycode", xn-blahblah,
rather than the graphical version but there are all sorts of places
this might be abused (e.g., a link in an email or sms, etc.)
My real point is it's a big and, I like to think, active topic.
A lot of it falls more into the realm of the IETF, engineering issues,
and human factors engineering, rather than policy at this point other
than perhaps supporting whatever the gearheads come up with to
mitigate all this and to turn any engineering recommendations into
workable policy. And education about the problem of course.
--
-Barry Shein
Software Tool & Die | bzs at TheWorld.com | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD
The World: Since 1989 | A Public Information Utility | *oo*
More information about the ttf
mailing list