[Pkg-kde-bugs-fwd] [Bug 98788] Possible solution to IDN domain spoofing/phising
Michael Möller
98788@bugs.kde.org
24 Mar 2005 16:37:08 -0000
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
http://bugs.kde.org/show_bug.cgi?id=98788
michael.moeller gmx de changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |michael.moeller gmx de
------- Additional Comments From michael.moeller gmx de 2005-03-24 17:37 -------
Thanks for the hint (I should have reloaded this page once in a while - I looked in the source code (kresolver) and found it myself)
So I wonder if there is a reason to compare TLD's, only? What about treating the idnDomains list as a list of allowed suffixes?
Later on this list could become configurable by some control center module (e.g., like cookie allow list, JavaScript configuration, ...) and perhaps if I type a IDN domain into konqueror's location bar, that does not match the list I would be asked if I want it on the list. This is because I'm not feeling very comfartable with allowing every ".vu"-domain to use Unicode characters.
I think this would be a convenient and clear way of handling this (and innovative, too). What do usability experts think about it?