For ccTLDs it is up to the particular ccTLD (effectively it is an extension of the particular country jurisdiction).

Pre 2012 TLDs have very special contracts and bit different set of what the registry is allowed / not.

For new gTLDs (2012 round)
IDN related documentation + IDN tables and systems are
checked before the moment the registry starts real work (or when the backend is being changed).

 There is a kind of review of documentation + set of tests 
and for IDNs there is some kind of a manual review in cases:

What code points in an IDN table need special considerations?
 • Code points with Unicode script property value COMMON or INHERITED. 
• Code points with IDN property CONTEXTJ or CONTEXTO.
 • Right-to-left code points.
 • Code points with general Unicode category Modifier Letter or Mark. 
• Mixing of code points from different explicit Unicode scripts 

Full set of backend testing docs could be found there
https://www.icann.org/resources/registry-system-testing/

Sincerely Yours,

Maxim Alzoba
Special projects manager,
International Relations Department,
FAITID

m. +7 916 6761580 (+telegram, +signal, -whatsapp)
skype oldfrogger

Current UTC offset: +3.00 (.Moscow)

On 17 Apr 2021, at 11:49, Dr Ajay Data via UA-discuss <ua-discuss@icann.org> wrote:

only .com and some  ccTLD in my knowledge. It will be interesting experience to know which TLDs allow mix script while registering domain names. Obviously needsless to say, its a huge security issue. To large exent it has been taken care on IDN TLDs.  
 
 
 
Dr. Ajay Data
Founder & CEO
From: S Maniam via UA-discuss <ua-discuss@icann.org>  MailId : [113239427]
To: ua-discuss@icann.org
Subject: [UA-discuss] Is multiple scripts allowed
Date: 16 Apr 2021 05:58:41 PM

Greetings,
 
pls see below information:-
 
*Spot the Difference?*
 
*gtbank.com* is not the same as *gtbαnk.com*
 
*ecobank.com* is not the same as *ecobαnk.com*
(the first one is correct, the second one is from hackers)
 
The "a" in the later url is a cyrillic alphabet. 
 
An average internet user can still fall for this. Be careful for every mail requiring you to click on a link.
 
Please Stay Alert
 
Cyber attacks have gone steps higher.
 
 
pls share your thoughts.
Is such combination of ASCII and IDN scripts allowed. 
 
regards
 
Maniam 
 
_______________________________________________
UA-discuss mailing list
UA-discuss@icann.org
https://mm.icann.org/mailman/listinfo/ua-discuss
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

Do not Remove:
[HID]20210416175838554[-HID]

[XGENFOOTER]

[-XGENFOOTER]
_______________________________________________
UA-discuss mailing list
UA-discuss@icann.org
https://mm.icann.org/mailman/listinfo/ua-discuss
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.