[UA-discuss] More from Ram Mohan on ICANN's further commitment to Universal Acceptance

Andrew Sullivan ajs at anvilwalrusden.com
Wed Dec 26 15:56:52 UTC 2018


On Tue, Dec 25, 2018 at 04:58:20PM -0500, John Levine wrote:
> 
> I think it's pretty safe to assume that foo.com and www.foo.com are in
> the same language

I don't think it's safe to assume that at all.  There is in general no
way to know any of that, and the potential for exceptions is precisely
where phishers will drop their lures.

> None of this is terribly hard, but it's not automatic either.

Quite.

> Same answer, except that if one name isn't a subdomain of the other,
> the login and option cookie problems are a lot harder.

In some cases, for "impossible" values of "harder".  This is
important, because the total lack of general cross-tree linkage
support in the DNS is something the IETF determined it had failed to
undertake some while ago, which means that we cannot expect the
situation will get better (despite Yet Another Effort by Dave
Crocker).

> The point, which I apparently wrongly thought was obvious, is that none
> of this multi-name stuff works automatically, and telling people "just
> add a bunch of IDN names and EAI addresses" is not going to end well.

Even if it isn't obvious, I'd have thought that the arguments to that
effect of the now-aged Variant Issues Report from ICANN (full
disclosure: I wrote most of it) were pretty complete.

Best regards,

A
-- 
Andrew Sullivan
ajs at anvilwalrusden.com


More information about the UA-discuss mailing list