On 2022-10-08 04:07, Mutegeki Cliff via UA-comms wrote:
*Hello, * It's Cybersecurity awareness month and I wanted to do a Universal Acceptance activity around Internationalised Domain Names and Cybersecurity. Is there any existing training content for this? Also is there an expert in this field who can assist in helping us set up a successful event?
*Kind Regards, * *..............................* *Mutegeki Cliff Agaba * *Website: www.mutegekicliff.com <http://www.mutegekicliff.com>* *Phone : + 256 776 800 679 *
It would be great to have some UA-supportive training content about homograph attacks and Internationalised Domain Names. I routinely see the risk of homograph attacks used as a reason to reject IDNs and Universal Acceptance. See, for example,
IDN homograph attack <https://en.wikipedia.org/wiki/IDN_homograph_attack> and
Why does Unicode have separate codepoints for characters with identical glyphs? … This causes severe security issues [IDN homograph attacks]… <https://softwareengineering.stackexchange.com/questions/368856/why-does-unic...>. I wrote a response, posted there and on my blog: <http://blog.jdlh.com/en/2018/05/31/unicode-identical-glyphs/>. There are three effective responses to this objection, I suggest:
1. Put risk in perspective. IDN Homograph attack risk is real, but small compared to other risks, such as non-IDN homograph attack risk, other kinds of misleading domain names and URLs, other kinds of attacks not involving the user reading domain names. The incremental risk due to IDN homographs is small, compared to overall risks. 2. Benefit is much greater than cost. IDNs bring great benefits, such as ease of use and internet accessibility, to many people. These benefits outweigh the costs from small increased risk. 3. Challenge the standpoint of the critic. I hear the IDN homograph risk criticism from people in North America and Europe, whose cultures are well-served by unaccented latin characters of legacy domain names, and whose economies have thoroughly adopted internet use. They get less personal benefit from IDNs than do people from other parts of the world, from cultures which use non-Latin scripts, from economies where internet use has reached only a multilingual, internationalised elite. Challenge the critic why their personal measure of cost-benefit should overrule others, who have a much more favourable cost-benefit from using IDNs. I hope this is helpful for us as we come up with UA-supportive ways to communicate the benefits of IDNs and the challenges posed by homograph attacks. Best regards, —Jim DeLaHunt
On Wed, 5 Oct 2022 at 17:30, Mark W. Datysgeld via UA-comms <ua-comms@icann.org> wrote:
Good call, Maria. After we did the refresh, there still remained several areas that can use work... that bar, for example, could remove the Popular tab and just keep the Recent.
Best, --- Mark W. Datysgeld Director at Governance Primer ICANN GNSO Councilor
------------------------------------------------------------------------ *From:* Maria Kolesnikova via UA-comms <ua-comms@icann.org> *Sent:* Wednesday, October 5, 2022 08:50 *To:* ua-comms@icann.org *Subject:* [UA-comms] Update on uasg,tech
Dear all, I was searching for some documents on uasg.tech and mentioned that there was no update at the sidebar Popular for a long time. The last publication is dated by 2017. It would be great to update it! Source: https://uasg.tech/2022/08/make-your-systems-ua-ready-with-the-new-ua-readine... and on other pages with this sidebar. Thank you! Maria Kolesnikova
_______________________________________________ UA-comms mailing list UA-comms@icann.org https://mm.icann.org/mailman/listinfo/ua-comms _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________ UA-comms mailing list UA-comms@icann.org https://mm.icann.org/mailman/listinfo/ua-comms _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-- . --Jim DeLaHunt,jdlh@jdlh.com http://blog.jdlh.com/ (http://jdlh.com/) multilingual websites consultant 2201-1000 Beach Ave, Vancouver BC V6E 4M2, Canada Canada mobile +1-604-376-8953
