IDN Implementation Status Update
Gervase Markham <gerv <at> mozilla.org>
2005-07-22 16:12:57 GMT
This is a message to tell interested parties the current status of the
mozilla.org changes to Firefox regarding IDN.
We have implemented a TLD whitelist system, which currently contains 21
TLDs for which we correctly display IDN domain names in the UI.
Any IDN domain name in a non-whitelisted TLD displays as punycode. This
is a security feature and so there is no user interface for adding or
Any registry which wishes to be added to the whitelist should follow the
instructions on that page. In terms of what constitutes a homograph, we
are being guided by the Unicode Consortium's confusables list:
and by common sense. Our policy in this area is still somewhat in flux -
in particular, we are not yet sure whether we should require that
registries to consider two characters which differ only in accent
(sometimes by the shade of a single pixel at normal font sizes) as
homographic. In the mean time, we strongly advise that registries do this.
We have implemented a character blacklist, which will soon contain
'DIVISION SLASH' (U+2215) and 'FRACTION SLASH' (U+2044). After that, we
may extend it to forbid more characters which may be used to spoof URL
This is not meant to prejudice the outcome of the current IAB-IDN
discussions on potentially reducing the number of characters permitted
in IDN, but we feel the danger posed by the use of such characters in
3rd and 4th level domains is great enough to require an immediate ban.
Any domain name which contains one or more of these characters displays