Re: Support of kepler, sputnik, etc and security risks

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Support of kepler, sputnik, etc and security risks
From: Florian Weimer <fw@...>
Date: Sun, 25 Oct 2009 11:10:51 +0100

* David Given:

> Interestingly, after posting my message I tried resolving the
> addresses; and it turns out that www.google.com and www.𝐠𝐨𝐨𝐠𝐥𝐞.com
> both appear to resolve to the same address... as does
> www.google.𝐜𝐨𝐦. (Using the bold versions of the characters here to
> make them visible --- these are all from U+1D400 MATHEMATICAL BOLD.)
> So it certainly looks like something is remapping at least some
> letter-like glyphs to actual ASCII. I don't know whether that's my
> Linux system or part of DNS.

It's part of IDNA normalization implemented in the application/browser
(it's called Nameprep IIRC).

References:
- Support of kepler, sputnik, etc and security risks, Fernando P. García
- Re: Support of kepler, sputnik, etc and security risks, Jim Whitehead II
- Re: Support of kepler, sputnik, etc and security risks, David Given
- Re: Support of kepler, sputnik, etc and security risks, Tony Finch
- Re: Support of kepler, sputnik, etc and security risks, David Given

Prev by Date: Re: Metatables, C and Script...
Next by Date: Interning strings considered harmful (somewhat)
Previous by thread: Re: Support of kepler, sputnik, etc and security risks
Next by thread: Re: Support of kepler, sputnik, etc and security risks
Index(es):
- Date
- Thread