--On Friday, October 25, 2024 20:10 +0900 "Martin J. Dürst" <duerst@xxxxxxxxxxxxxxx> wrote: > Hello John, Linda, others, > > Just a small aside below. > > On 2024-10-25 03:42, John C Klensin wrote: > >> That is usually considered a rather different case from the >> notorious "paypal" example (cited in the draft) where the >> Latin-script lower case "a" characters can be maliciously replaced >> by Cyrillic characters that, with most choices of type styles / >> fonts, usually look identical. One can substitute Cyrillic >> characters that look more or less like "p" and "y" too, and maybe >> even the "l" (using digit-one if needed), but those substitutions >> require more assumptions about choices of type styles to avoiding >> looking alike (or to cause it). For example, does the >> Latin-script "p" look like the Cyrillic-script "р" (U+0440)? >> Maybe. How about Latin "y" and Cyrillic "ч" (U+0447)? > > No need to use Cyrillic "ч" (U+0447). Cyrillic у (U+0443) does a > much better job. "раура1" (also with a 'one' at the end) would > look much more like "paypal" than "рачраӏ". Indeed. I was sort of trying to make the "people often see what they expect to see" point and, for some reason, forgot the more obviously confusable U+0443 in the process. thanks, john -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
