Internationalised Domain Names (IDNs) - Consultation
From
: Sam Sargeant
Received: 16 October 2007

Internationalised Domain Names (IDN) in .nz - Consultation

I strongly support the addition of the macronised vowels to the .nz domain space to allow use of Te Reo Maori.

Some people have expressed a view that the currently available characters for domains are sufficient and they would be unable to visit sites with unfamiliar characters. I see the primary audience for IDNs being those who communicate online in Te Reo Māori. These users will already have the knowledge and ability to enter the characters. I hope that a New Zealand Internet which allows complete expression in their language will encourage uptake amongst those speakers.

I believe there are no major technical considerations for supporting IDNs on the existing .nz name servers. The required changes will be a policy on permitted characters and business logic inside the SRS to enforce this policy. Registrars may need to make changes to offer IDNs to registrants, but this should be out of scope for the IDN WG.

The biggest concern presented by an IDN is the prospect of phishing.
Undoubtedly TradeMe will be used as an example target but it potentially applies to any website in the unmoderated 2LDs. By using a macron above one of the vowels an attacker can direct users to http://www.trādeme.co.nz/ or http://www.āsb.co.nz/ -- both look very similar to the regular name and present an increased risk for users.

It may be possible to check new IDN registration for names that are registered to another party and raise an alarm. e.g., "At Tacker" registers internetnz.net.nz, which doesn't match the existing registrant of "InternetNZ" and thus causes an alert to be raised. However this is a reactive approach and provides a window for attackers to launch an attack before it can be closed. It may be worth considering policy that requires all IDNs to be moderated, although this may cause frustrating delays for registrants.

I would not welcome a policy that requires registrars to police new IDN registrations. If some form of moderation or checking takes place this is best done by the NZRS or the DNC office.

I would also support a policy that allowed for further expansion of allowed characters in IDN registrations for other languages used by communities in New Zealand. I see no need to clutter and confuse the domain name space by adding ideographs like and .

Many web-browers maintain a whitelist of ccTLDs that have an acceptable IDN policy. Websites in those ccTLDs will have the proper IDN representation visible in the address bar, while those not included in the whitelist will see a slightly unfriendly URL such as http://www.xn--TeEeoMori-bcb.org.nz/ instead of http://www.TeReoMāori.org.nz. If IDNs are to be implemented contact should be made with the browser vendors to ensure the .nz ccTLD can be included in this whitelist.

Issues, in priority order:

1. Agree policy on which new characters shall be made available
2. Identify methods for preventing or mitigating phishing attacks
3. Consider moderation requirement for all IDN registrations
4. Communicate policy with web browser vendors so the .nz TLD is added to whitelists
5. Consider policy on allowing further characters for other languages

Sam Sargeant :: Technical Director

OneSquared

Phone. 0800 663 778 :: Fax. 0800 663 778 :: Direct. 04 498 3489 Mobile. 021 712 171

Level Four, Anvil House, 138 Wakefield St
PO Box 9879 Wellington New Zealand
http://www.onesqaured.net
sam@onesquared.net