[Pkg-kde-bugs-fwd] [Bug 98788] Possible solution to IDN domain spoofing/phising

[Peter Thomassen]

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
         
http://bugs.kde.org/show_bug.cgi?id=98788         




------- Additional Comments From info peter-thomassen de  2005-02-22 20:42 -------
I think the solution from #19 is the best one. We could just convert IDNs to their ASCII representation and show this. When browsing opening such a site, a warning could show up indicating that a IDN conversion has taken place -- this will make the average user look into the address bar, and if there's xn--pypal-4ve.com instead of paypal.com, he will run away :-)

Additionally, there should be a option to disable the conversion (for standards compliance) and/or the warning that should not be accessible directly from the warning window to prevent people from doing things without thinking (so put this into Options | Web behaviour. Is this right? In German "Web-Verhalten").

This doesn't necessitate changes in other programs because clicking on a prepared link in KMail etc. shows up Konqueror's warning.