Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

International URLs Pass First Test

Zonk posted more than 7 years ago | from the nice-to-see-some-new-faces-online dept.

The Internet 159

Off the Rails writes "The BBC reports on the results of a successful test of non-ASCII domain names on Internet-equivalent hardware (pdf) carried out last October. The next stage is to plug the system into the net, and if it still works, it could go live sometime next year. 'Early work on the technical feasibility of using non-English character sets suggested that the address system would cope with the introduction of international characters tests were called for to ensure this was the case ... Also needed are policy decisions by Icann on how the internationalised domain names fit in and work with the existing rules governing the running of the address books. Icann is under pressure to get the international domain names working because some nations, in particular China, are working on their own technology to support their own character sets.'"

Sorry! There are no comments related to the filter you selected.

Great (5, Funny)

otacon (445694) | more than 7 years ago | (#18332799)

now I have to learn second languages to look at asian porn.

Re:Great (4, Funny)

vivaoporto (1064484) | more than 7 years ago | (#18332845)

I watch porn to learn foreign languages, you insensitive clod!

Re:Great (3, Funny)

Lenneth-chan (926055) | more than 7 years ago | (#18332919)

I'm pretty sure most porn sounds are the same in any langauge.

Re:Great (2, Insightful)

mosburn (950098) | more than 7 years ago | (#18333025)

That's what the cheesy lines at the beginning are for, typical pizza boy/plumber/etc. to get you going as your intro to a new language.

Re:Great (0, Insightful)

Anonymous Coward | more than 7 years ago | (#18333605)

I'm pretty sure most porn sounds are the same in any langauge.

Nuh, Japanese porn girls sound like they are crying and/or in agony when they are having sex. Quite a turn off unfortunately.

Re:Great (1, Funny)

Anonymous Coward | more than 7 years ago | (#18333679)

Quite a turn off unfortunately.

It is? You vanilla people are weird.

Re:Great (0)

Anonymous Coward | more than 7 years ago | (#18333865)

Vanilla people?

Re:Great (0)

Anonymous Coward | more than 7 years ago | (#18334141)

As opposed to Artichoke people or Chocolate people or Grape people, I guess.

Re:Great (2, Funny)

nacturation (646836) | more than 7 years ago | (#18334519)

Vanilla people?
Vanilla typically refers to the deep brown extract from the vanilla bean, which is itself nearly black once fully dried and cured. So the original poster is clearly referring to African tribesmen.
 

Re:Great (1)

Hoi Polloi (522990) | more than 7 years ago | (#18334853)

If there is one thing Asian porn has taught me is that Asian people have pixellated genitals.

Phishing just got a lot more interesting (4, Funny)

L. VeGas (580015) | more than 7 years ago | (#18332827)

Imaging all the new ways to spell bank0famerlca.com.

Re:Phishing just got a lot more interesting (4, Informative)

slart42 (694765) | more than 7 years ago | (#18333185)

>Imaging all the new ways to spell bank0famerlca.com.

This is already happening. A common example is the cyrillic lower case "?", which looks almost exactly like the latin "a" in most fonts.

See http://en.wikipedia.org/wiki/IDN_homograph_attack [wikipedia.org] for more information.

Re:Phishing just got a lot more interesting (4, Funny)

drsquare (530038) | more than 7 years ago | (#18334699)

Rubbish. Since when does a question mark look like an 'a'?

Re:Phishing just got a lot more interesting (3, Informative)

colfer (619105) | more than 7 years ago | (#18333253)

Preventing that has been part of Mozilla's IDN implementation, and I assume other browsers have addressed (ha) it as well. If a TLD, like .ie, Ireland, has a policy against phishing, and a table of lookalike letters, then Firefox will present the IDN address in the address bar in its own, non-English, language. Otherwise, Firefox displays the address in its IDN-encoded form, which is all ASCII. AFAIK, from reading bug reports on Mozilla, this is already in force.

Re:Phishing just got a lot more interesting (2, Informative)

colfer (619105) | more than 7 years ago | (#18333427)

Here are the references on IDN puny-code spoofing prevention settings in Mozilla. http://kb.mozillazine.org/Network.IDN.blacklist_ch ars [mozillazine.org] http://kb.mozillazine.org/Network.IDN.whitelist.* [mozillazine.org] http://kb.mozillazine.org/Network.enableIDN [mozillazine.org] http://kb.mozillazine.org/Network.IDN_show_punycod e [mozillazine.org] For example. .jp Japan is whitelisted but .ie Ireland is not. There was a debate between people that wanted to disable or hobble IDN/puny-code, for security, and people who wanted to internationalize Mozilla completely. The resulting blacklist/whitelist and configurability was a compromise.

Re:Phishing just got a lot more interesting (1)

Alky_A (1015285) | more than 7 years ago | (#18334067)

I'd hope the first update all the browsers get is a 'language' label next to the address bar showing the language all the characters in the URL are from. URLs with multiple languages would then get a big flashing red bar screaming "OMG PHISH PHISH."

Re:Phishing just got a lot more interesting (1)

Yetihehe (971185) | more than 7 years ago | (#18334283)

It's not going to work. Would you visit address bkófmrika.com? (Caution - polish letters, if you do not have appropriate font, you will just see question sign "?")

Re:Phishing just got a lot more interesting (1)

operagost (62405) | more than 7 years ago | (#18334923)

That's why the phisher will register a domain with only one or two changed letters.

Re:Phishing just got a lot more interesting (1)

0xABADC0DA (867955) | more than 7 years ago | (#18334769)

Informing the user that some URL might be something different from what they thought it was supposed to be so that they can hopefully recognize fakes is just plain stupid. It relies on people interpreting information and people make mistakes, so a phisher just keeps trying until somebody messes up. Plus, it presumes excellent eyesight... some people can't really tell an 'o' from a 'e' in a normal English font, either from bad eyesight or bad monitor or both. Some people can't tell a 'b' from a 'd' due to dyslexia. But I guess it's okay for those people to get their information stolen??

The solution is to not have users type in their information all the time.

Client certificates. When you register your account the first time with some site you get a certificate that your browser has to use each time you visit the site, or you can't get in without say actually calling the business to get one. The user never types in their login / password again (certificate contains their name or id number). Now user goes to a site and it says 'dude we need your password again' when it hasn't asked for that in 5 years and they get suspicious or better yet their password expired 10 days after they received it and they *can't* give the phisher access.

The only change for this to happen is for sites to actually use client certificates with SSL and for the browser and other software (hotsync, etc) to make this easier and... problem solved.

Great (1)

Azathfeld (725855) | more than 7 years ago | (#18332831)

Non-ASCII? This is awesome! I can't wait for the ANSI addresses to start showing up.

Re:Great (1)

omeomi (675045) | more than 7 years ago | (#18333985)

Yeah, that'll be just great. "Oops! I mistyped the address...I forgot the e was supposed to be #DD44AA, while the s and the x are supposed to be #FF22BB".

Dibs! (3, Funny)

truthsearch (249536) | more than 7 years ago | (#18332865)

I got dibs on sêx.com!

Yeah well... (0)

Anonymous Coward | more than 7 years ago | (#18333099)

I'm going to be the only slashdotter in history to have se×.com

Re:Dibs! (2, Informative)

kimba (12893) | more than 7 years ago | (#18333519)

I got dibs on sêx.com!


Umm, you do realise this was registered in 2005? Such domains already exist and can be registered today.

The technical test is about having Internationalised Domain Names at the top-level, or root, of the DNS. So then you can have .sêx rather than .sex.

Of little use (0)

Anonymous Coward | more than 7 years ago | (#18332875)

I don't see this as being very popular. Does the average Internet user know how to get an umlaut to display?

All it's going to do is open the door for more domains for the squatters to sit on.

Re:Of little use (2, Interesting)

Anonymous Coward | more than 7 years ago | (#18332981)

I would bet the average German Internet user knows how to do that. It's pretty easy when the key is on your keyboard: http://carbon.cudenver.edu/~tphillip/GermanKeyboar dLayout.html [cudenver.edu]

Re:Of little use (1)

TheRaven64 (641858) | more than 7 years ago | (#18333813)

Your average Mac user does too, since it's just option-u, followed by the letter. It was similarly easy on the Psion Series 3, but it seems harder on some other operating systems.

Re:Of little use (1)

TheThiefMaster (992038) | more than 7 years ago | (#18333085)

And this is mostly for countries that don't use the same characters as English (Latin alphabet?), like Japan and China.

Phishing (1, Redundant)

Alioth (221270) | more than 7 years ago | (#18332909)

In my skim through the various links, I didn't see what they are proposing to do for practical real-world problems such as phishing. What are they going to do to ensure that a phisher doesn't register a domain with characters that look almost indistinguishible from different characters in a different language, so as to trick users into visiting the phisher's site instead of the legitimate version of the site?

Re:Phishing (1)

Billosaur (927319) | more than 7 years ago | (#18333119)

They'll do the same as is done right now: very little. If you're a company in this day-and-age, you have to register as many variants of your name as you can to ensure that phishers/domain squatters don't get undue traffic from your name. On the other hand, phishers don't necessarily need domain names that are close to their target domain; people don't generally read URLs that closely, just clicking on links they are sent. That's why phishing is still effective despite all the negative publicity.

They could split unicode into sections (2, Insightful)

Colin Smith (2679) | more than 7 years ago | (#18333193)

Call them, say, "character sets.

Then only allow names and queries all from the same character set.

 

Re:Phishing (2, Informative)

evought (709897) | more than 7 years ago | (#18333421)

This has actually been discussed to some extent for years. One method is to only allow domains to be registered or displayed in a single language character set, such that a domain name can use latin characters or greek characters, but not both. This can be enforced at registration or when displayed in the browser (the browser can highlight improper URLs). This does not prevent attacks where the entire spelling of the domain is available in an alternate character set. One solution is for the browser to somehow tell the user what language a URL is written in.



Here is a detailed description of how IE handles this, [msdn.com] and also a w3c page [w3.org] discussing general techniques and different browsers. An interesting note is the possible use of the fraction slash to add fake urls to a domain name. Of course, at the end of the day, standard phishing protection applies to domains which slip through the net.

Re:Phishing (1)

LaurieDash (983898) | more than 7 years ago | (#18334509)

It's still the powers that be that create the top level domains (.com, .co.uk, etc).

If you didn't allow non-ascii domain names on the current top level domains, then never create ones that look similar in non-ascii then the problem is solved.

I don't seeing anyone currently rushing to have .c0m as a top level?

hmm (-1, Offtopic)

mastershake_phd (1050150) | more than 7 years ago | (#18332911)

Ok, but is the US going to control the new DNS servers?

Maybe not.. (1)

KeepQuiet (992584) | more than 7 years ago | (#18332949)

While browsers can't even properly show non-english alphabet, this doesn't seem to be a good a idea. My native language contains many special characters and I usually end up deciphering the emails sent by mom to me, because along the way, servers replace these characters with funny things.

Re:Maybe not.. (3, Insightful)

LighterShadeOfBlack (1011407) | more than 7 years ago | (#18333167)

While browsers can't even properly show non-english alphabet, this doesn't seem to be a good a idea. My native language contains many special characters and I usually end up deciphering the emails sent by mom to me, because along the way, servers replace these characters with funny things.
Well is it the browsers or the servers that are the issue? AFAIK any modern browser fully supports Unicode and any other encodings so there shouldn't be an issue there. If the servers are the problem then either it's the protocol that needs updating/replacing (I don't know nearly enough about SMTP, IMAP4, or POP3 protocols to comment) or the servers themselves are non-compliant. If there's a problem it should definitely be fixed, but you really need to know what the problem is first.

Re:Maybe not.. (1)

walt-sjc (145127) | more than 7 years ago | (#18333675)

Considering a lot of email is text, the inability to handle a character set may make it impossible for some people to email you if you have non-ascii characters in your address. Even people in your own country may have trouble. Not everyone uses the Outlook / Exchange combo...

What about security issues? (0, Redundant)

argent (18001) | more than 7 years ago | (#18332955)

The concern I have with IDNs is that they will make it too easy to produce "lookalike" domains, like "mcrosoft.com".

Testing functionality and behaviour with "good" names is an easy bar to hurdle.

Re:What about security issues? (1)

argent (18001) | more than 7 years ago | (#18333031)

That should be "mࡺcrosoft.com". Slashdot will probably need to be upgraded to support IDNs, it seems. :)

Re:What about security issues? (0)

Anonymous Coward | more than 7 years ago | (#18333033)

Better solutions for this problem(based on hashes, caches of visited sites, or similar) are already needed. "Paypal" and "PaypaI" look exactly the same in a few fonts and are very hard to tell apart in many.

Re:What about security issues? (2, Insightful)

JanneM (7445) | more than 7 years ago | (#18333349)

Like you already have with "l", "I" and "1"; or "O" and "0"; or "V" and "U", depending on the particular font you happen to use?

Phishing attacks mostly works not because people can't see a minute difference between two lookalike letters; they work because as long as nothing is utterly obviously, grossly out of order people just assume they're in the right place. You can have domain names that aren't even close to the real one, and websites with only superficial similarities to the original and a lot of people will still be duped.

Re:What about security issues? (1)

amuro98 (461673) | more than 7 years ago | (#18334635)

It's worse than that, actually. Many codepages include double-byte versions of the ASCII characters that, for all intents and purposes, look IDENTICAL to your standard ASCII letters.

An example of this is Japanese's curious, and depreciated, half-width and full-width alpha-numeric characters. Both of these replicates ASCII letters using different code values. So within just Japanese alone, there are three distinct but identical-looking ways to display the letter "a" within a domain name. And other language codepages have this "feature" as well...

Short of being able to decipher raw bytes against a given encoding, you won't be able to tell where that link that says "ebay.com" will take you.

Re:What about security issues? (1)

99BottlesOfBeerInMyF (813746) | more than 7 years ago | (#18333399)

The concern I have with IDNs is that they will make it too easy to produce "lookalike" domains, like "mcrosoft.com".

This really seems like a pretty minor issue to me. Browsers would just need to adopt a policy of flagging URIs with mixed language character sets, highlighting that character in red or something. More dangerous is the new domain land grab as companies grab legitimate domains in other languages that natives feel the real company simply must own, but which the parent company probably does not. This can be addresses by a certificate scheme that ties identity verification to the site, however, and such a scheme really needs to be implemented on a wide scale to deal with current security problems anyway.

Cool new phishes (0, Redundant)

Threni (635302) | more than 7 years ago | (#18332959)

I look forward to www.paypa|.com etc etc

Great... (0)

Anonymous Coward | more than 7 years ago | (#18333013)

Slashdot; "it is what IT is" unless it isn't...

  • slàshdot.org
  • sláshdot.org
  • slâshdot.org
  • slãshdot.org
  • ...
  • slashdöt.org


We should simply invade any country that doesn't use the latin alphabet and teach them English.

Get back to work, Dubya (0)

Anonymous Coward | more than 7 years ago | (#18333079)

And quite posting as AC...we know who you are.

Re:Get back to work, Dubya (0)

Anonymous Coward | more than 7 years ago | (#18334243)

it's not like he knows English well enough to follow up with this suggestion...

Re:Great... (1)

ObsessiveMathsFreak (773371) | more than 7 years ago | (#18334425)

We should simply invade any country that doesn't use the latin alphabet and teach them English.
Please don't. That's how your own country got started in the first place.

Re:Great... (0)

Anonymous Coward | more than 7 years ago | (#18334505)

And look how she turns out! Oh wait, you were saying....?

In practice it means "national" URLs. (1)

KokorHekkus (986906) | more than 7 years ago | (#18333035)

If your company/organisation/you have any international contacts then you will NOT be using these international URLs. So you still need the old-style URLs or you'll need to explain how to get those umlauts etc to type in the url. On their national keyboard... not yours that has them. And if you've done any support you know how hard it's even to get someone to READ what's already on the screen...

Re:In practice it means "national" URLs. (2, Informative)

leuk_he (194174) | more than 7 years ago | (#18333177)

umlaut is hardly a problem if you set the use keyboard to üs-ïnternätional. But asian/hebrew/arabic/hebrew charcacter are much more difficult to enter... in my expierence.

But you will still be able to click them. IDN support is available in most popular browser (although disbled for security issues.)

Re:In practice it means "national" URLs. (1)

kimba (12893) | more than 7 years ago | (#18333581)

IDN support is available in most popular browser (although disbled for security issues.)

What browser are you referring to? IDN support is in Firefox, IE, Opera etc. and not disabled, so I am wondering what this most popular browser you are referring to is...

Re:In practice it means "national" URLs. (1)

KokorHekkus (986906) | more than 7 years ago | (#18333775)

umlaut is hardly a problem if you set the use keyboard to üs-ïnternätional. But asian/hebrew/arabic/hebrew charcacter are much more difficult to enter... in my expierence.
Those who will have these "international" URLs will almost all be using their national keyboards so they will not be familiar with the US keyboard layout... or other foreign layouts. And umlauts was just one example... what about "ç" (had to paste it myself..) or "". How would they be certain how they're mapped in a foreign keyboard (not just US.. swedish, german, french etc). I think my point stands... i.e "you still need the old-style URLs" (when having international contacts).

Re:In practice it means "national" URLs. (1)

JanneM (7445) | more than 7 years ago | (#18333249)

So you still need the old-style URLs or you'll need to explain how to get those umlauts etc to type in the url.

How often do you ever type in an URL in the first place? You get the link from another web site, from Google, in an email or wherever. And AFAIK, the fallback representation is no less readable and typeable than many current domain names.

Besides, if the website is already in the country's language, you won't be too likely to be interested in it anyway unless you know it (and, presumably, know how to type it).

Re:In practice it means "national" URLs. (1)

KokorHekkus (986906) | more than 7 years ago | (#18334111)

Getting it the URL from a mail will be all nice and dandy if the mail comes from someone who knows the input method. But if the person who got it wants to send the link to someone else they'd need to paste it instead of typing it (I often type URLs into mails instead of pasting them). Of course you can find the urls by other methods... but you'll just be pissing people off by making it more difficult to reach you. And there's much more easier ways to do that if you want to play that game.

And I said "If you have any international contacts...". Obviously if you only use the local language you're not having much international contacts. So the last "Besides..." was pretty much a non sequitur.

Re:In practice it means "national" URLs. (1)

widhalmt (1053294) | more than 7 years ago | (#18333599)

So any company will do itself something good if they get the "local" and the english domain. I already have customers acting that way. Unfortuantely many companies aren't even aware of this drawback. :-( I'm really curious what this switch will bring us and what problems will arise with all the little programmes which are already hard to use, like WAP browsers.

gn44 (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#18333091)

host 3h\at the house

Can we have "/..org" now ? (1)

Rastignac (1014569) | more than 7 years ago | (#18333115)

It can be cool (?).

Re:Can we have "/..org" now ? (1)

zootm (850416) | more than 7 years ago | (#18333391)

/ is a separator in URLs, so I suspect not.

Re:Can we have "/..org" now ? (0)

Anonymous Coward | more than 7 years ago | (#18334249)

/ is a separator in URLs, so I suspect not.
But there are many Unicode characters that should look much like it. For example there's a separate division character available that should be interpreted like any other non-ascii letter.
I'm just not sure about the dot part.

Re:Can we have "/..org" now ? (1)

zootm (850416) | more than 7 years ago | (#18334823)

I'm sure there's plenty of Unicode characters which look like a period too, so yeah, if you just want it to look like it you're probably fine. At worst the dot could be replaced with a dot at half-line height (which would probably be more accurate to the word "dot" anyway ;) ).

Too much! (-1, Troll)

Anonymous Coward | more than 7 years ago | (#18333131)

Isn't there enough chink shit on the internet already?

They are not "international urls" (1)

El_Muerte_TDS (592157) | more than 7 years ago | (#18333175)

They are internationalized urls. If they were international urls I would be able to enter them in my browser without doing funky stuff.

Couldn't they just have encoded it? (1)

mwvdlee (775178) | more than 7 years ago | (#18333191)

Pardon my ignorance, but couldn't they have just thought of an encoding scheme? Similar to how certain characters are encoded in the path of an URL ("&"-style or "%20"-style). Possibly a more complicated scheme would have been necessary, but surely it would have been possible without requiring changes to the ASCII nature of domains.

Re:Couldn't they just have encoded it? (1)

Tet (2721) | more than 7 years ago | (#18333303)

Pardon my ignorance, but couldn't they have just thought of an encoding scheme?

Already been done. See Punycode (RFC3492). The problem with encoding schemes, though, is that they aren't memorable, and hence are problematic to typo into, say, the location bar of a browser.

Re:Couldn't they just have encoded it? (1)

slart42 (694765) | more than 7 years ago | (#18333343)

>Pardon my ignorance, but couldn't they have just thought of an encoding scheme?

This is exactly what is happening behind the scenes AFAIK. It's called Punycode.

See http://en.wikipedia.org/wiki/Punycode [wikipedia.org]

English "X" vs. Cyrillic "khah" (3, Insightful)

J.R. Random (801334) | more than 7 years ago | (#18333243)

This is just common sense -- there's no reason why Chinese, Greeks, and Russians should have to use a character set meant for the English language. But any given URL should have a language associated with it and any character in that URL not associated with its language should be color coded. So English language URLs would get "omicron" flagged while Greek URLs would get "O" flagged. The "default" language could be English so that existing URLs are unchanged, for other languages their ISO code could precede the URL. Now this particular scheme might have some fatal flaw but something similar ought to be workable.

Re:English "X" vs. Cyrillic "khah" (0)

Anonymous Coward | more than 7 years ago | (#18333527)

Cause it's our goddamned internet.

Romanization as DNS lingua franca (2, Interesting)

StreetStealth (980200) | more than 7 years ago | (#18333643)

Couldn't these linguistically-heterogenous domain spaces still be universally linked through romanization? I see one possible solution: An intermediary DNS conversion server; i.e. type "[those were supposed to be Japanese kanji].co.jp" and your DNS request is treated the same as "rakuten.co.jp". Beyond the inability to rake in tons of money for new registrations, what might be the disadvantages of such a system?

Re:Romanization as DNS lingua franca (2, Interesting)

Nimey (114278) | more than 7 years ago | (#18333989)

For some languages, like Arabic, there is no one standard for romanization. A trivial example is Qu'ran/Koran.

Re:Romanization as DNS lingua franca (1)

amuro98 (461673) | more than 7 years ago | (#18334775)

Japanese has 2 romanization standards, Chinese has at least 2, as well as the "bo-po-mo-fo" method some learned in schools which is itself a non-ASCII character set... And what about languages that have no written form whatsoever? Doesn't Unicode attempt to address these languages as well? Does that mean we could eventually see something like k!ung''.com from a hunter-gatherer tribe in South America?

Re:Romanization as DNS lingua franca (1)

ConceptJunkie (24823) | more than 7 years ago | (#18334891)

Reminds me of the Saturday Night Live sketch listing the various spellings of "Khadafy".

Re:English "X" vs. Cyrillic "khah" (2, Insightful)

pavon (30274) | more than 7 years ago | (#18334541)

Agreed, although I think a dialog box should also be shown as an annoyance / deterant. Otherwise just imagine what the Web 2.0 folks will do when they realize they can redirect their site to one with cool multi-colored URLs, thus conditioning people to ignore the colored warning. And you thought del.icio.us was overly cute :)

Frist stoP (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#18333245)

those obligations. Which don't 0se the worse and worse. As for the project.

Glyph Masquerade (1)

Doc Ruby (173196) | more than 7 years ago | (#18333267)

Also needed is automatic translation by, say, a Firefox extension, from the domain name's registered home language (if any) into the user's default language. How do you say "goatse" in Urdu?

A good complement to the new system to preempt the huge coming problem of "glyph masquerade" would be registrations including a list of the domain name translated into different languages. Or at least a declaration of the home language. Without enforcement (ICANN doesn't even enforce name/address veracity) it won't be proof of anything, but it would be a start. And 3rd party databases could include in trust ratings the completeness of the name entry, as well as cross-checks.

I'd like my GUI to at least indicate when a domain name is rendered in foreign glyphs, so I can try to tell whether it's really just foreign glyphs that look like a familiar English word, fooling me into clicking on something totally unrelated.

Opening the system to foreign scripts and languages will get even more worthwhile people and orgs onto the Net, so it's well worth the risks of misidentification. But the risks are real, and largely predictable. We should roll out the new, inclusive system with risk mitigations to welcome those new people in greater security.

Re:Glyph Masquerade (0)

Anonymous Coward | more than 7 years ago | (#18334247)

How do you say "goatse" in Urdu?

I dunno, but you can experience it by eating the beef vindaloo!

Re:Glyph Masquerade (0)

Anonymous Coward | more than 7 years ago | (#18334377)

How do you say "goatse" in Urdu?

It's: docruby

No big deal (1)

Dancindan84 (1056246) | more than 7 years ago | (#18333295)

With the exception of the phishing possibilities that others have already noted, there really shouldn't be any change for English speaking internet users. Most English websites aren't going to want to use special characters. My parents have a hard enough time grasping ctrl-c and ctrl-v for copy and paste. Good luck to anyone explaining alt-145 for them to get to æon.com

Other strange domains already in existence (0)

Anonymous Coward | more than 7 years ago | (#18333315)

I saw this domain.. ©.com (http://©.com) for me it is accessible in firefox but not IE

More than just non-ASCII (0)

Anonymous Coward | more than 7 years ago | (#18333365)

66.35.250.150 is non-ASCII.

Security minded questions (2, Interesting)

merc (115854) | more than 7 years ago | (#18333419)

Will having non-ASCII data in FQDN's open us up to buffer-overflow attacks in various network-aware services?

Re:Security minded questions (0)

Anonymous Coward | more than 7 years ago | (#18334563)

My guess is that for a typical network app written in C (I bring up C because it's infamously prone to buffer overflow attacks), if it's totally unaware of fancy domain names, it should just work dumbly. For example if the domains are encoded using UTF-8, strlen() will still work on a UTF-8 string, even if the application is too dumb to know that it's UTF-8 and not ASCII.

On the other side of things, if the application is written with internationalization in mind and maybe uses wchar_t's everywhere properly, that wouldn't be much of a problem.

The problem could come when apps try to change from narrow characters to wide characters, and they get it sort of moved over but miss a line or two here and there.

Some Unanswered Questions About IDNs ... (2, Interesting)

Ron Bennett (14590) | more than 7 years ago | (#18333453)

Below is a quick copy and paste from one of my posts on DNForum regarding IDNs ... I own some IDNs and believe they have much potential, but there are still many unanswered questions...

Excerpt from a post of mine on DNForum regarding IDNs:
http://www.dnforum.com/showthread.php?p=732080 [dnforum.com]

I'm running into a lot of issues that many IDN folks aren't discussing - probably because they've not consider them ...

Various issues / threats / questions:

?? The existance of numerous diverse dialects, even totally different languages, etc in the same country ... it's among the reasons that English dominates in some areas; some natives, even if they can understand a particular dialect, will sometimes speak a totally non-native language, such as English, instead to avoid risk of offending the other party. One can't assume one language dominates an entire region - languages can also overlap many areas ... it's one of the reasons some are pushing for language / culture based TLDs, such as .CAT (among the dumbest ideas ever, but that's another discussion for the .CAT thread running here on DNF).

?? An IDN that contains western european characters that very close matches a non IDN ... ie. cafe.com verses café.com ... what happens? Will the IDN be highlighted / blocked by default? ... likely an easy UDRP target? ... introduction of a new IDN specific dispute procedure? -perhaps there already is one?

?? Trademark issues ... ie. an IDN that is similar / exact to a trademark in another country ... less obvious, what about an IDN that translates to that of a trademarked word / phrase? -I believe there's a thread discussing such an issue now on one of the other boards here.

?? language variants (more applicable to asian languages, etc) related issues ... how good / stable are the various language variant tables?

?? what happens when a language variant table changes? -how are conflicts handled?

?? what happens if a character variant (an IDN [IDL package] technically can comprise multiple character variants [code points]) is released? ... does the current registrant get first dibs? ... even if yes, it may not be quite that simple if a character variant occurs in numerous permutations.

?? What happens if a reserved character variant is changed to a preferred character variant? - while such a change would have little to no effect on affected IDNs (IDL packages), it could result in the appearance of some IDNs changing ... probably not a biggie compared to some other issues, but one to be aware of.

?? How reliable, especially for those in languages with numerous character variants, will IDN domain resolution be? ... IDN resolution depends on much client-side APIs.

?? How well will IDN resolution APIs be regulated ... I can easily envision scenerios in which a web browser and/or other applications (email, IM, etc) implement resolution differently ... ie. adding and/or ignoring one or more valid language associations for a particular IDN / converting similar-looking western european characters to standard A-Z characters, etc. A related concern is language table management - I'm a little hazy on if the tables will be internally stored by each app or remotely loaded for each session, etc.

Rambling on, but there are a lot of things that one needs to be aware of with IDNs.

H4x0rs our there rejoice... (1)

chord.wav (599850) | more than 7 years ago | (#18333459)

http://www.145/ [www.145] |-|D07.org

Imagine it with different ANSI colors for each char.

Balkanising the internet? (3, Interesting)

hcdejong (561314) | more than 7 years ago | (#18333515)

Would this lead to segregation of the internet into zones defined by the language used for the domain name? At the moment, I can access e.g. Japanese websites easily, even if the content of that site is in a language I don't understand [1].
If non-Roman domain names become popular, will I still be able to access them, or will they disappear behind untypeable URLs? A search engine may be able to mitigate this problem somewhat, but ATM I sometimes get search results for Japanese-language pages only because my search term is present in the URL.

1: yes, a site can still be useful in this case and no, despite the stereotype it's not just for porn.

Re:Balkanising the internet? (1)

Churla (936633) | more than 7 years ago | (#18333583)

You're looking at this from the perspective as a native English speaker.

Imaging all the Japanese who don't know English, but have to learn/type english domain names. Very unintuitive for them.

My concern would be for all the internet filtering and firewalling software which explicitly only allows ASCII in HTTP headers.

Re:Balkanising the internet? (2, Informative)

kimba (12893) | more than 7 years ago | (#18333621)

My concern would be for all the internet filtering and firewalling software which explicitly only allows ASCII in HTTP headers.


IDN encoding is pure ASCII, in a similar way that MIME email attachments are. The protocol layer never sees anything other than letters, numbers and hyphens. All IDN encoded domains are prepended with "xn--" so that end-user interfaces can tell them apart and convert them back and forth.

Re:Balkanising the internet? (1)

tpjunkie (911544) | more than 7 years ago | (#18334005)

Considering english is mandatory in schools there, the number of people who dont know any is quite low, and mainly an older segment of the populace (insert korea-old people-email joke). Also, Romanji (as roman characters are called there) are used everywhere, from signs to advertising to hillarious clothing [engrish.com] . But true enough, in many countries english domain names on a non english keyboard could be a real pain in the ass.

Re:Balkanising the internet? (2, Interesting)

badasscat (563442) | more than 7 years ago | (#18334007)

Imaging all the Japanese who don't know English, but have to learn/type english domain names. Very unintuitive for them.

Bad example.

The Japanese are probably the *least* likely of any non-English speaking country to use non-roman url's. The fact is the standard Japanese keyboard is the same exact QWERTY keyboard we use. They can type Japanese through software, which is how they normally work when writing to each other, but there's nothing "non-intuitive" in using an English keyboard in the way that it was intended. In fact, most of them write Japanese using romanizations, then select the correct kanji through a list. So they're universally familiar with romanized url's, and like any habit, it's not going to change just because an alternative became available. Typing kanji is harder on a Japanese computer than typing a romanization.

Now, the Chinese, Russians, etc. I don't know about, so there could be better examples out there of people who would take advantage of this.

Re:Balkanising the internet? (1)

semiotec (948062) | more than 7 years ago | (#18334073)

well, I am guessing that Google and other search engine/portal sites will be wetting their pants out of excitement, if what you fear becomes prevalent, as people will have to rely more and more on searching for the sites and clicking the link rather than typing in the address. But seriously, I think most navigations these days are done through clicking anyway, rather than actually typing the address into the navigation bar, and even then the auto-complete feature means you rarely have to type the entire address. There also also tools like the useful Firefox extension that turns any text string into a url, which really reduces the necessity of having to type out an address. I think the only web address I ever type these days is my bank's address.

dates (0)

Anonymous Coward | more than 7 years ago | (#18333543)

What's with the stupid dates - eg 7 March 2007 on that site?!
You'd think they'd use the ISO 2007.Mar.7

First Test? (1)

Rocketship Underpant (804162) | more than 7 years ago | (#18333545)

As far as I know, Japanese URLs have been working and in use for quite some time. I've visited several myself. Mind you, I'm surprised anyone in the anglophone sphere takes notice.

Terrorists (0)

Anonymous Coward | more than 7 years ago | (#18333755)

Now we're just letting the terrorists win! They're hide behind their exotic non-ascii URL names, hold secret forum meetings, etc., and there is nothing the USA can do to see them! Hopefully the NSA will get special training ("Okay. Hold down ALT. Now press these numbers on the numeric pad...")

I heard of this long time ago (1)

guruevi (827432) | more than 7 years ago | (#18333825)

And there are quite some solutions to it. One of them (I think this is the one we're talking about) is converting the characters to ASCII and serialize them. Quite simple, let the browser do it.

*top* *level* domains, not domains (0)

Anonymous Coward | more than 7 years ago | (#18333957)

What are those morons at BBC writing about? Internationalised Domain Names (IDNs) have been available for some years. Ah, that's it, from the ICANN home page:

Autonomica AB has, under a contract with ICANN, investigated whether the addition of top level domains containing encoded internationalized characters (so called IDNs) would have any impact on the operations of the root name servers providing delegations, or the iterative mode resolvers used to look up the information. No impact at all could be detected. All involved systems behaved exactly as expected.

So it's about non-ASCII top level domains, not just non-ASCII domains, i.e. . instead of .co.jp.

Some have been working on this for a while... (1)

ketilf (114215) | more than 7 years ago | (#18334159)

http://pi.cr.yp.to/ [cr.yp.to]

As a side note, it's interesting that Slashdot says this link is at cr.yp.to.

fingering fun (1)

monotony (999416) | more than 7 years ago | (#18334347)

so how am i, on my gb keyboard suppose to conveniently type in all sorts of foreign characters?
if there is going to be some traditional ASCII alternative url.. then just what are we doing?

i am all for versatility, but there is always talk about unification, this would just segregate the web into 'things i can type' and 'things i can't'

and considering that html is in american, and that most people take into account that english is a very common language when designing a page, are we not just creating some novelty, which after a while will annoy all but a few?

of course, dns is only a convenience anyway, we could solve all this and all start memorising ip addresses, especially when IPv6 should soon be in play. XD

Misleading article ? (1)

Bob-taro (996889) | more than 7 years ago | (#18334495)

From the test results document [icann.org] (it appears to me, anyway, that this is test they're talking about in the article):

With IDNs, the domain names stored in the DNS servers are ordinary domain names just like before. The names stored have no special properties that makes it possible for the DNS servers to single out the IDN domains. There is no reason to believe that IDNs would make the DNS system as a whole behave different from its normal behaviour. Nevertheless, for prudence ICANN has asked that it be tested that this assumption is true.
I looked at this because I wanted to see what some of these internationalized URLs looked like, and they were all regular ascii urls. I'm not really sure what this test proved.

Re:Misleading article ? (1)

Andy_R (114137) | more than 7 years ago | (#18334927)

I spent a while blundering round the icann site trying to find out which characters they were going to support, and all I foud out is that they never use 10 words to say something when 1000 would do. No wonder they never get anything done!

Has anyone found a list of the new characters they are planning to allow? There are loads of ASCII ones currently banned, and I'd like to know if would allow a backdoor to registering some english domains that I might want, such as Andy_R.com

Already done (2, Interesting)

kahei (466208) | more than 7 years ago | (#18334749)


Once again, committees lag behind actual problems and actual solutions.

Now if you'll excuse me I'll go back to browsing .jp.

(I seem to recall that /. has issues of its own, so the ascii encoding of that would be http://xn--cckev5k8eta5k.jp/ [xn--cckev5k8eta5k.jp] . Anyway, the point is that characters beyond ASCII have been used for ages. Mostly by people who don't mind it when users from other countries can't access their site.)
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?