As already pointed out last year, the treatment of IDNs in Internet Explorer and Firefox is flawed, so that I decided to cancel the domain сніжок.net. However, apparently a few other domains have a privileged stance with respect to the anti-spoofing measures implemented in Firefox. I recently discovered that a name with the German umlaut “ö” (or “o with diaresis”) is not put to the same harsh treatment of showing the IDN in its encoded form and therefore spoiling the whole (aesthetic) point of registering an IDN in the first place. Interestingly “ö” is considered different enough from “o” to allow the users not to be fooled into thinking it’s an “o”. Well then, dear Firefox developers, please explain to me with what the cyrillic characters “н” and, more obviously, “ж” can be confused to allow a spoofing attack? Maybe “н” with “H”? Well, perhaps you should try to type an uppercase domain name into your browser’s address bar and observe …? But while the confusion of “н” for “H” may have a certain foundation, there is no latin letter like “ж” … no, “x” looks nothing alike!!!
So what the heck are they thinking? Is it because English native speakers or “Westerners” in general don’t feel the need to give other people with other letters (and character sets) the aesthetic pleasure of using their own words without transliteration into some latinized form? This treatment is certainly killing a great idea … but it’s great at that, at least.
// Oliver