VeriSign Changes DNS Servers: No ASCII Needed

An anonymous reader points to this story at The Register and this one (in French) at news.yahoo, writing "VeriSign has made changes to the root DNS so that they handle non-ascii names (for .com and .net). Furthemore, an erroneous lookup results in getting a VeriSign IP, not an error message." An excerpt: "The IAB [Internet Architecture Board] feels that the system VeriSign had deployed for .com and .net contains significant DNS protocol errors, risks the further development of secure DNS, and confuses the resolution mechanisms of the DNS with application-based search systems."

Adverts.

[Big+Mark]

" an erroneous lookup results in getting a VeriSign IP, not an error message."

An erroneous lookup results in getting directed at a n advert, instead of getting told you're in error, more like.

-Mark

Re:Adverts.

[Ed+Avis]

Q. What do you call an error message which contains no useful information?

A. An advertisement.

Re:Adverts.

"The changes VeriSign made basically introduce an element of guesswork into domain resolution. The system guesses that the user is looking for an internationalized domain name (IDN) and presents them with a way to access it"

If you are using an non ascii character set and attempt to resolve a domain using this you are sent to a webpage which tells you about verisigns plugin to allow nonascii character sets to be used to resolve domains. Effectively the plugin just converts nonascii character sets to ascii character sets on the client.

Re:Adverts.

[Jimmy_B]

An erroneous lookup results in getting directed at an advert, instead of getting told you're in error, more like.

Not exactly. It looks at the query and decides whether it thinks you want a non-English domain, and if so, directs you to a page to get an IE plugin which adds support for international URLs. A very dirty hack and not in any way part of the DNS standard, but not advertising.

Re:Adverts.

[gmuslera]

So now the only meaning for name resolving is to use IE, no other browsers, nor other protocols (i.e mail).

Buying that kind of domains from Verisign is a very bad idea.

I can't wait to see the next O'Reilly book: "Verisign DNS vs BIND"

Re:Adverts.

[smetnoc]

> A very dirty hack and not in any way part of the DNS standard, but not advertising.

You might be right about that, but in my opinion this sets a very dangerous precedent.

Advertising comes to mind.. as does censorship.

Re:Adverts.

[Q+Who]

A very dirty hack and not in any way part of the DNS standard, but not advertising.

You might be right about that, but in my opinion this sets a very dangerous precedent.

Advertising comes to mind.. as does censorship.

Think of the children!

Re:Adverts.

[Zeinfeld]

So now the only meaning for name resolving is to use IE, no other browsers, nor other protocols (i.e mail).

The I18N specification has been published by the IETF for a long time.

The point is to drive deployment of I18N through the existing root infrastructure. The IE plug in means that 90% of the browsers in use can use the international names today.

There is not much point in doing a Mozilla plug in. The Mozilla user base tends to upgrade pretty regularly and will pick up the internationalization code soon enough. That is meant to be the whole point of open source.

I can't wait to see the next O'Reilly book: "Verisign DNS vs BIND"

BIND also supports the international names.

The real story here is people who actually want to deploy stuff versus the foot draggers in ICANN and the IETF. The IETF has been dicking arround for at least six years on this issue and no closer to a resolution.

Re:Adverts.

[Alsee]

Q. What do you call an advertisement which contains useful information?

A. An error.

-

Re:Adverts.

[roybadami]

The IETF has been dicking arround for at least six years on this issue and no closer to a resolution.

Not true. The IETF solution was approved by the IESG some months ago for publication as a Proposed Standard.

One of the four documents has recently been published as an RFC, and the remaining three are in the RFC Editor Queue pending final RFC Editor and authors' review (ie publication as RFC is iminent).

draft-ietf-idn-idna-14 Internationalizing Domain Names in Applications (IDNA)

RFC 3454 Preparation of Internationalized Strings ("stringprep")

draft-ietf-idn-nameprep-11 Nameprep: A Stringprep Profile for Internationalized Domain Names

draft-ietf-idn-punycode-03 Punycode: A Bootstring encoding of Unicode for IDNA

Re:Adverts.

[NoMaster]

Not exactly. It looks at the query and decides whether it thinks you want a non-English domain, and if so, directs you to a page to get an IE plugin which adds support for international URLs. A very dirty hack and not in any way part of the DNS standard, but not advertising.

Bullshit. It's advertising IE. If it wasn't, it'd have either a) "plug ins" for *every* browsing engine out there (impossible - think Lynx, or a webspider...), or b) a totally server-side solution. It has neither - just an IE plugin...

Re:Adverts.

[ez76]

Q. What do you call an error message which contains no useful information?

SOP @ MS

Re:Adverts.

I see the word "Verisign" twice on the page, and two links to versign sites. One of the pages is an explicit advertisment for selling domains with non ascii addresses, similar to the "you need to have a .tv address as well as your .com, .net, .org to protect your trademark." Here are several links on that page:

What is an IDN?

How do I use one?

Where do I buy one?

How can I sell IDNs?

Become a Download Partner

www.£.com

Money.

The start of ....

[josh+crawley]

Perhaps this is the start of having he "other" dns'es take off. We all know how bad Verisign is with DNS (like slamming, overcharging, and in general cheating).

Seems like they're pulling a Microsoft to me. But this time, the big guys are pulling a "WTF" on them.

Re:The start of ....

[dhuv]

If I think that buying a website with certain characters will limit the people accessing my servers to only those that have special software then I would not buy that domain. I am sure there are a lot of others like me.

Re:The start of ....

[jman11]

Would that be like or not like websites that require flash?

You would think that the same thing that would go for the website would also go for the domaing name.

Re:The start of ....

[EvilTwinSkippy]

Never ascribe to malice what can be more easily explained by stupidity.

Re:The start of ....

[You're+All+Wrong]

Email needs to be directed around as well as web content. There's more to the internet and DNS lookups than the web and port 80.

YAW

Re:The start of ....

[roybadami]

Perhaps this is the start of having he "other" dns'es take off. We all know how bad Verisign is with DNS (like slamming, overcharging, and in general cheating).

I think you're confusing Verisign Global Registry Services, who run the .com and .net registries with Network Solutions, a division of Verisign, Inc who are a registrar for .com and .net (amongst other domains).

Re:The start of ....

[Old+Wolf]

Not enough. They won't be overthrown until the big guys pull an "OMG WTF".

Re:The start of ....

Maybe their confusing Verisign, the monopoly owner of SSL certificates recognized by your browser with Thawte, a division of Verisign, Inc. which gives the illusion of competition but in fact means that no one can be trusted who does not pay Verisign.

Who owns their dns servers ?

And why are they not allowed to implement any dns method they choose ?

what are the punishments/penalties if they choose a bad method of dns, goverment ? unions ?

what exactly is the commercial incentive to conform to IAB ?

Re:Who owns their dns servers ?

[smetnoc]

> And why are they not allowed to implement any dns method they choose ?

It's a standard that the industry has agreed on using. It's supposed to make things easier for everyone.

Of course this is unprecedented so you can't really say that they're not ALLOWED to do it. It's just not a very good idea and I'm sure most people would agree with me on this one. :)

Re:Who owns their dns servers ?

They might own their servers, but AFAIK they have a contract with ICANN to provide DNS (they negociated an extension of the .com in exchange of releasing the .org one).

If they provide "verisign DNS" which is not what they're being paid to do, instead of standard DNS, aren't they breaking their contract?

Oh, but that's ok

[KDan]

We all know we can trust corporations to do the right thing. I'm sure they'll sort it out and it will all be alright. Anyone who says they're trying to screw everyone to get some sort of competitive advantage by breaking well-established protocols is an unpatriotic leftist and should be arrested under the terms of the PATRIOT act and put away to let the good people get on with God's work.

Daniel

Re:Oh, but that's ok

hahaha...oh yeah stfu

Re:Oh, but that's ok

troll? a hint for the mods, look up 'sarcasm'

Re:Oh, but that's ok

another hint... strawman. This dude is actually serious. Only, he feels exactly the opposite of what he says. No, not that corporations are good. That's the strawman. The real message is that the "leftists" are good, and can always be trusted.

Re:Oh, but that's ok

[KDan]

Are you being sarcastic? :-)

Daniel

On News at 11, Small town in turmoil

[cyberlotnet]

Small town in Florida overnight adopted a new set of street signs they feel create a friendlier driving enviroment, and allow the non-usa population to drive safer.

Within 24 hours the whole city was gridlocked due to wrecks from confused and misguided drivers who didn't understand what was going on...

Yes its a Dramatic example, but valid one of what happens when things are changed without properly informing the public, Just taking things into your own hands.

This change is not going to serve to improve the internet but instead confuse people.

Re:On News at 11, Small town in turmoil

but why? the way i understand is that normal url are not changed at all, there are just a few more possibilities. and i doubt most users would even notice that some characters are illegal, so why would they be confused?

Re:On News at 11, Small town in turmoil

[cyberlotnet]

I wouldn't be suprised if people from other countrys that are not totally used to the internet type in international/non-ansii characters on a normal basis, Now instead of getting page not found and knowing they made a mistake, they get a advertisement and get confused.

And I know im not the only one that finger flubs and types a wrong character now and then. For those that are clueless it would be confusing.

God what a clusterfsck

[Spazzz]

It seems that nothing is sacred anymore. First you get everybody and his brother trying to introduce alternate root zones, then you get morons like NewNet that go a step further and require a browser plugin. Now Verisign does this.

I understand that having non-ascii characters in host/domain names would be desirable, however if they can't do it without breaking the DNS protocol, then they should get their ass right back to the R&D lab and try harder.

Re:God what a clusterfsck

[Q+Who]

It seems that nothing is sacred anymore. First you get everybody and his brother trying to introduce alternate root zones, then you get morons like NewNet that go a step further and require a browser plugin. Now Verisign does this.

I understand that having non-ascii characters in host/domain names would be desirable, however if they can't do it without breaking the DNS protocol, then they should get their ass right back to the R&D lab and try harder.

This issue is extensively discussed on D.J. Bernstein's page, here.

Re:God what a clusterfsck

[Zeinfeld]

I understand that having non-ascii characters in host/domain names would be desirable, however if they can't do it without breaking the DNS protocol, then they should get their ass right back to the R&D lab and try harder.

The DNS protocol has been extended to support non-ascii characters years ago. There is no real disagreement over the general approach, you simply use an approach similar to Base64 encoding on the domain name with a prefix of '--' which is safe because leading dashes are not permitted in DNS names, although the servers are required to resolve them.

If the IAB were not almost exclusively American academics this whole spec would have been finished four years ago. Instead they are happy to discuss any issue for years so long as there is no danger of a resolution.

It is particularly ironic that they are waffling about DNSSEC since it is the timidity and ineffectiveness of the IAB and IESG that has caused that spec to be delayed so long. It has taken three years for them to accept that the original DNSSEC spec was broken.

Internationalization and DNSSEC have been going on for ten years. The IAB seem quite content for them to go on for another ten years.

So don't get too excited by IPV6. It does not look likely that anyone is going to kick the IAB and IESG into action.

Re:God what a clusterfsck

[roybadami]

This issue is extensively discussed on D.J. Bernstein's page, here [cr.yp.to].

Actually, Dan Bernstein is discussing a different issue.

He is arguing that his own solution (IDNC3) is superior to the solution that the IETF has adopted (IDNA).

This has nothing to go with whether Verisign GRS should be allowed to break the DNS to promote internationalized domain names.

Re:God what a clusterfsck

yes it is very desirable. It allows verisign to sell more domains. It forces companies like Pepsico to register pepsï.com and pëpsi.com

MOD PARENT UP

I was confused at first, thought it was offtopic, but this is a good analogy...

Re:MOD PARENT UP

Only problem is ur theory of the guy who posted the story, posting AC to mod parent up didn't happen, I was about to tell him he's an idiot and then i actually realized wtf he was talking about, so take u karma whore and suck it...bitch

All nonascii domains resolve to 198.41.1.35

[MacroHard]

You can see what they're talking about by
running this command:

[robert@alpaca robert]$ dig `perl -e 'print chr(160).".com";'` @A.GTLD-SERVERS.NET A

I tried to paste the output but the comment
system prevented me saying "too much junk" --
anyway;

It seems the article is right. Any .com or .net
domain containing a non-ascii character is resolved to 198.41.1.35 which reverses to
www.idnnow.com. My guess is they need to do this
in order to do http redirects for their customers,
since nobody will have a broken nameserver able
to serve these 'international' domains for themselves. .org domains currently don't do this
but since verisign still runs the actual DNS
servers that run .org (it seems the 'new' .org
registry just contracted the actual nameserver
work right back to them!) maybe it won't be too
long before we see this on .org as well.

Re:All nonascii domains resolve to 198.41.1.35

[MacroHard]

Also.. check this out:

perl -e ' print "GET / HTTP/1.1\nHost: ".chr(160).".com\n\n"; '| nc www.idnnow.com 80

It looks like they're planning to use framesets
to keep the 'international' url in the url box while opening the actual site inside a frameset.

Re:All nonascii domains resolve to 198.41.1.35

[billstewart]

As near as I can tell by reading the Verisign documentation, they're doing this to redirect web page requests using a browser plugin, but they're not doing anything about email - so your email client can't resolve username@ChineseServerName.com, and even if it did, 198.41.1.35 probably won't accept it. (And if they _did_ accept it, they'd be the World's Largest Open SMTP Relay, which has its own entertainment value.)

Spectacularly broken, but fortunately it only works for people who use Verisign's IE plugin, which makes it much harder to sell these domain names.

Big assumption

[deepchasm]

To spur uptake of i-Nav, the company configured the DNS servers for .com and .net to reply to some erroneous domain lookups with the IP address of a VeriSign web site, as opposed to an error message.
...
The system guesses that the user is looking for an internationalized domain name (IDN) and presents them with a way to access it.

Doesn't that assume that users only look up the names of webservers?

What happens when a user mistypes a URL and the VeriSign system merrily sends them a verisign IP, but they are using "ssh", or an IMAP mail client, or any other service that the verisign server is unlikely to be running?

The user receives unhelpful "Connection refused" messages, instead of being prompted to correct their typo by a "Can't find..." message.

Re:Big assumption

What happens when a user mistypes a URL and the VeriSign system merrily sends them a verisign IP, but they are using "ssh", or an IMAP mail client, or any other service that the verisign server is unlikely to be running?

How the heck do you mistype an ASCII URL so you get non-ASCII characters? Do you have some kind of funky keyboard that produces non-ASCII characters? I'd love to see such a fucked up keyboard. Geez, if you want to use non-standard keyboard setups or weird ass keyboards then deal with it. For those of us with standard ASCII keyboards there IS NO PROBLEM. You'd have to go out of your way to type these characters.

Re:Big assumption

You are not very bright, are you ?

If a user want to type a non-ascii URL and make an error in typing it, then what the original poster says is going to happen.

Re:Big assumption

[The+Smith]

How the heck do you mistype an ASCII URL so you get non-ASCII characters? Do you have some kind of funky keyboard that produces non-ASCII characters? I'd love to see such a fucked up keyboard. Geez, if you want to use non-standard keyboard setups or weird ass keyboards then deal with it. For those of us with standard ASCII keyboards there IS NO PROBLEM. You'd have to go out of your way to type these characters.

£

Re:Big assumption

[0x0d0a]

What happens when a user mistypes a URL and the VeriSign system merrily sends them a verisign IP, but they are using "ssh", or an IMAP mail client, or any other service that the verisign server is unlikely to be running?

Yes, techies get screwed over here. However, the vast masses know of no program but the web browser (and, for the time being, the email client). And where the masses are, there is also the money, and hence VeriSign.

Re:Big assumption

[Phroggy]

Doesn't that assume that users only look up the names of webservers?

Yes. I believe they said an e-mail protocol will work too, I don't remember which one.

The user receives unhelpful "Connection refused" messages, instead of being prompted to correct their typo by a "Can't find..." message.

They also assume that everyone runs Internet Explorer, which by default simply displays the unhelpful "The page could not be displayed" or redirects to MSN's search engine. Being redirected to a Verisign plugin page won't seem too strange to these users.

Re:Big assumption

[Phroggy]

How the heck do you mistype an ASCII URL so you get non-ASCII characters? Do you have some kind of funky keyboard that produces non-ASCII characters? I'd love to see such a fucked up keyboard. Geez, if you want to use non-standard keyboard setups or weird ass keyboards then deal with it. For those of us with standard ASCII keyboards there IS NO PROBLEM. You'd have to go out of your way to type these characters.

That's because you've never used a computer in a non-English-speaking country. On a Spanish keyboard, the Ñ key is right next to the L key. On a French keyboard, the Ù key is right next to the M key (which is next to the L key, which seems pretty strange to me, along with A and Q being reversed from what we're used to). So yes, it's easy to make these typos if you use a non-US keyboard layout.

Re:Big assumption

[wsapplegate]

> How the heck do you mistype an ASCII URL so you get non-ASCII characters? Do you have some kind of funky keyboard that produces non-ASCII characters? I'd love to see such a fucked up keyboard.

Just come by my place, then. You will then witness lots of AZERTY French keyboards, featuring such non-(7bit)-ASCII characters such as è, ç, à, ù, and of course the now-ubiquitous ''. I'm waiting for you.

> For those of us with standard ASCII keyboards there IS NO PROBLEM. You'd have to go out of your way to type these characters.

I think you're affected by the 'My-Country-Is-Alone-In-The-World' syndrom, which, curiously, seems to affect lots of Americans, even when the topic of the discussion is *internationalized* domain names (!). Something must be very wrong, here...

Re:Big assumption

or just hit the Option key: ø©ø......ß.........

Re:Big assumption

Better throw out your 'non standard' keyboard then. It is quite capable of generating all 256 chars of the ascii set.

alt-7 = bell
alt-1 = smiley
alt-255 = null
alt-0 = usually will terminate a string. I get alot of people with this one when 'testing' their code.

At least on my winxp computer. Will be somewhat different depending on the char set you use. But it will generate the same scan code.

Been there for YEARS. But you knew that before you posted right? Oh and everyone uses a AT/ps2 101 standard keyboard also. There are no french, mac, chinnese, kanji keyboards out there. Oh even IF your not using the alt trick, and a AT style keyboard, there are STILL chars that are not allowed into a dns. Such as !@#$%^&*(),:";'[]\/?{}|=-_ and tab.

The place where I work I asume ANY char can be entered. I work with truck drivers and they TRY to break the thing. My target audience has LOTS and LOTS of time to sit around and figure out how to break the box that is 'spying' on them.

Re:Big assumption

Quelle bêtise!

Re:Big assumption

[Old+Wolf]

Hopefully the script kiddies will just ddos this IP into oblivion

Re:Big assumption

[Old+Wolf]

Come on, everybody who lives outside of the U.S. doesn't matter

Re:Big assumption

How the heck do you mistype an ASCII URL so you get non-ASCII characters? Do you have some kind of funky keyboard that produces non-ASCII characters? I'd love to see such a fucked up keyboard. Geez, if you want to use non-standard keyboard setups or weird ass keyboards then deal with it. For those of us with standard ASCII keyboards there IS NO PROBLEM. You'd have to go out of your way to type these characters.

Re:Big assumption

[stephanruby]

I think you're affected by the 'My-Country-Is-Alone-In-The-World' syndrom, which, curiously, seems to affect lots of Americans, even when the topic of the discussion is *internationalized* domain names (!). Something must be very wrong, here...

Don't feel too bad. We would all be speaking French and using Minitel Numbers (instead of domain names) if the French government had actually gotten its act together and decentralized and deregulated the industry (instead of giving away free computers to the masses and controling the network like crazy).

Posted: 28/01/2003 at 08:22 GMT

[You're+All+Wrong]

It's now 02/02/2003 13:20:02 GMT

Slashdot.
Olds for Nerds. Stuff that mattered last week.

YAW.

GOATSE.CX link above

[MikeS2k]

Don't click it unless you like that kind of thing...

Take them down

Hasent Verisign been in trouble with the US Trade Commission? Why dont we just get rid of them? My 5 year old son could run a root server better then they can.

Re:Take them down

[kireK]

You son runs Dotster?

Great.. not really

[k98sven]

Ok.. now I have full understanding why people want
DNS adresses in their own language.

For instance, I live in Sweden, where the township of Mönsterås has to use the
URL "monsteras", which happens to mean "monster-carcass"..

But on the other hand, a big point of the internet is that it's supposed to be international,
how are for instance americans supposed to type unique swedish characters to find the web site?

Not to mention chinese and japanese sites..

Re:Great.. not really

[leviramsey]

For instance, I live in Sweden, where the township of Mönsterås [monsteras.se] has to use the URL "monsteras", which happens to mean "monster-carcass"..

Swedish monster ass? ;o)

Re:Great.. not really

[smetnoc]

> how are for instance americans supposed to type unique swedish characters to find the web site?

A simple solution would be to allow all sorts of different spellings. Of course it would cost more, but how many would you really need?

Usually the problem is that, as in your case, the name contains characters that are not native to other languages.. well.. get rid of the accents! That should fix everything. Use BOTH. (Of course, if such a thing were allowed.)

Re:Great.. not really

[k98sven]

Usually the problem is that, as in your case, the name contains characters that are not native to other languages.. well.. get rid of the accents! That should fix everything. Use BOTH. (Of course, if such a thing were allowed.)

Of course, that's the obvious solution.
OTOH, the problem with this is that translitteration isn't easy, or consistent.

Swedish characters like å, ä, ö, for example:
English-speakers usually "brush the dirt off" and write a and o instead. But the correct translitteration is aa, ae and oe, respectively.
(With japanese it gets even worse..)

Not to mention names like München (Munich)..
Should the have www.münchen.de or www.munchen.de or www.muenchen.de or www.munich.de or all of them?

(Actually they do have all of these except the first, ironically..)

Re:Great.. not really

[chief-dot]

I disagree. .com is not an international TLD, it's a TLD for the USA. What's the native language of the USA? Well some messed up hybrid of English.

So I don't think that a .com or .net root should need to work with anything other than it's current character set, maybe this could be addressed further down the line if something was to change.

Having said that. Regional roots should be able to use a local character set if they so wish...maybe this is done already (??).

If your monsterous city registers under the regional NIC that it was supposed to and you still have trouble then I'd say it's a bit rude.

5 minutes of research would sort out the fundamental issue of whether regional DNS zones are implimenting local character sets... I'd also imagine that the DNS RFC would need to have taken such requirements into consideration...which I don't think is currently done (??).

So yeah, DNS isn't my strong point but I still think I should be able to disagree with you over expecting TLD's of the USA to support every other countries character set :)

Re:Great.. not really

[Aerog]

Sometimes it's a difference in simple accents that changes the word quite a bit. Like with the monsteras.se domain, there's at least one word in German that varies drastically if you mess with the accents. . .i.e:
With accents: humid
Without accents: homosexual.

Or at least that's what I remember about it. Sometimes you could be getting yourself into quite a bit of trouble doing something like that.

Re:Great.. not really

This town name could even be typed with the extended ASCII set -- no non-ASCII domain name needed.

Re:Great.. not really

[j7953]

But on the other hand, a big point of the internet is that it's supposed to be international, how are for instance americans supposed to type unique swedish characters to find the web site?

How are for instance Russians supposed to type latin characters to find an American web site?

(I suppose that they have keyboards that allow the user to type ASCII characters as well as cyrillic ones, but is that because they want to or because they have to?)

Re:Great.. not really

[Hank+Powers]

Swedish characters like å, ä, ö, for example:
English-speakers usually "brush the dirt off" and write a and o instead. But the correct translitteration is aa, ae and oe, respectively.

In Finnish the problem is that there's no valid transliteration for å, ä, ö (we use the same characters). Actually, ae and oe are understood by some people but officially they aren't correct _at all_ in Finnish.

Why? Simply because we have also words that already use the combinations ae and oe; e.g. koe, aikaennätys, paeta...

The only de-facto correct way is just to drop the points from the alphabets. Hämeenkatu becomes Hameenkatu. There's however again the problem that the meaning of the word changes. Hämeenkatu is "Häme street" but Hameenkatu means "skirt street". :P

Re:Great.. not really

[beebware]

I'll hate to shatter an illusion, but .com , .net and .org ARE international domains (along with .int) - the USA has .us as it's country code. Ok, it might not be widely used, but it IS there.

Re:Great.. not really

[vadim_t]

They type it just fine, because a Russian keyboard (like mine) has Russian letters written under the latin ones. The english layout is the main one, because AFAIK nobody made an OS that lets you give commands in Russian to it yet.

Removing the latin letters would be completely impossible. How would people deal with english command line programs? What would be 'explorer.exe' called in Windows? How would you type an english domain name?

Re:Great.. not really

[sg_oneill]

Sorta.

I remember it being the general rule that .com was for the us and .com.au is for australia(for instance)

But that kinda faded.

Re:Great.. not really

What's the native language of the USA? Well some messed up hybrid of English.

Coño, chico, pero que equivocado estas!!!

Re:Great.. not really

What's the native language of the USA? Well some messed up hybrid of English.

Actually, contrary to popular belief, American English isn't really any less 'correct' than British English. At the time when the original settlers of the US left Britain, there were numerous dialects of English corresponding to the various Germanic kingdoms existing on the isle. Since most of the colonists were not from London, they brought with them English rules and vocabularies different from those of the London dialect which eventually became British English. For example, 'color' is not actually a shortening of 'colour,' just the Latin-esque spelling rather than the French. So it's really a case of divergent evolution.

This has been your pedantic, pointless etymology lesson of the day. Don't eat me.

Re:Great.. not really

[dvdeug]

But on the other hand, a big point of the internet is that it's supposed to be international,
how are for instance americans supposed to type unique swedish characters to find the web site?

If your audience is international, then you chose a domain name that they all can type. If your webpage is only in Armenian, it doesn't really matter if your domain name is too; if someone else wants to read it, they can cut and paste the link in.

Re:Great.. not really

[kEnder242]

The Japanese have been dealing with this for a long time. In fact they have a whole phonetic alphabet for foreign words, katakana.

Everything in kanji (pictures) can be written in hiragana the "native" phonetic alphabet. There is no real problem converting that to romaji (English, ASCII etc). It is even be easier since there is no confusion caused by starting with a writing system similar to romaji.

I hear that the Chinese actually use English letters to teach how each kanji (same pictures, different meanings) are pronounced.

Re:Great.. not really

[lahi]

This town name could even be typed with the extended ASCII set -- no non-ASCII domain name needed.

You *are* utterly clueless when it comes to character sets, yes?

ASCII is ASCII.Seven-bit US ASCII. The so-called "extended ASCII" character sets are *NOT* ASCII, although they typically happen to have overlapping definitions of at least the printable ASCII characters 32-126, and usually also the control characters 0-31 and 127.

As a matter of fact, for some reason my Mozilla 1.2.1 chose to render this page in *another* "extended ASCII" variant Cyrillic Windows-1251, which did NOT render the name "Monsterås" correctly. (Sorry, but I don't have deadkeys enabled, so I can't type o correctly.)

So *which* 8-bit character set do *you* presume out of ignorance?
ISO-8859-1 or ISO-8859-15? Macintosh? Some Microsofty Windows variant?

Having an 'Ø' in my name, I am sensitive to this issue. Heck, I had to hack John Norstad's NewsWatcher to support Latin1 and even some rudimentary Quoted-Printable support (because A/UX sendmail was 7bit only) back in 1993! It really makes me sad to realize how nothing seems to have changed in matters of language support in the 10 years that have passed since then. Oh, sure, we have Unicode and ISO-10646, but we still see ISO-8859-X and proprietary socalled "extended ASCII" charsets, and even the occasional nationalized ISO-646 variant again and again. And if that wasn't enough, XML and HTML has compounded the confusion with silly character entities, so things can be encoded to the n'th degree. Who needs encryption?!?

-Lasse Hillerøe Petersen

PS. As a demonstration, let me insert a signature I used long ago:
Min kæphest har fået et føl! (Probably ISO-8859-1 or -15, depending on how Mozilla and SlashCode will mangle it.)
Min kfphest har feet et fxl! (ISO-8859-1 with 8th bit stripped.)
Min kæphest har fået et føl! (SGML character entities. Apparantly SlashCode is broken, I had to type & to get the & character. I hope preview is identical to what will eventually get posted.)
Min K{phest har f}et et f|l! (ISO-646, danish variant.)
Min K=E6phest har f=E5et et f=F8l! (ISO-8859-1, Q-P encoding.)

Re:Great.. not really

[Old+Wolf]

Well, until five minutes ago I would have said that resolving non-ascii URLs to a set IP would be impossible to implement

Re:Great.. not really

[You're+All+Wrong]

Exactly. During the winter olympics a few years ago (OK, a decade), the olympic committee decided that it would make sense to transliterate all competitors names into ASCII.
All the on-screen competitors lists that came up, and the ones that commentators would read out to you were in this format.

That means that a Finnish competitor with the name Väinö Mäenpää would be printed on screen as Vaeinoe Maeenpaeae. Now that's slightly fucked to the _eye_, but then imagine what happens when a phonetic Finn attempts to pronounce _twice_ the number of vowels that he would normally have to.

The difference between the front vowels and the back vowels (e.g. ä/a) is far less to most ears than the difference between two vowels and one (ae/a), and whoever thought it would be most sensible to do what they did should have been shot. Let's face it, few pronounce 'Moog' correctly, so feeble attempts to change 8-bit spellings in order to accomodate 7-bit speakers is futile, as they can't even get 7-bit words right.

Trasliteration is a complete minefield. DJB realises this, but Verisign are just greedy.

Re:Great.. not really

[zonker]

that's what happens to the bikini team in 30 years...

Re:Great.. not really

The word you're thinking of is "schwul".

Re:Great.. not really

[k98sven]

Everything in kanji (pictures) can be written in hiragana the "native" phonetic alphabet.
There is no real problem converting that
to romaji (English, ASCII etc). It is even be easier since there is no confusion caused by starting with a writing system similar to romaji.

I agree. There is no real problem for a japanese-speaker to convert to romaji.
It's almost impossible for them to use a computer without this knowledge.
Romaji translitterations are consistent, as well.. but the problem is that they are not always consistent with how a native english-speaker would translitterate.
(even translitterating an english word to katakana and then "back" to romaji doesn't really work say:"SevenEleven"-->"SebunElebun" in Japan)

But you are correct in pointing out that they do have rules for translitteration, which is a at least a good step in the right direction.

Re:Great.. not really

[Quixadhal]

I guess we go back to the old reliable way of doing things... maintaining our own /etc/hosts file.

I understand the need/desire for international character support, but since I can't read Kanji... it doesn't really matter if I get the correct UTF-8 name, or an ASCII mangling of it... it will won't mean anything to me.

What we really need is not character representations, but rather translations. If we had "root" servers which would respond to language-specific lookup requests, we could ask for the name in whatever character set we needed.

In a prior example, Mönsterås might come up as Mönsterås in swedish, but in english it would resolve to whatever that actually translates to (sorry, don't have a lookup handy), and in ASCII it would become "Monsteras".

I get tons of spam email on one of my accounts, and I asked the postmaster (yahoo, BTW) why they didn't just filter out all messages where the sender or subject didn't use ASCII from my delivery? *I* can't read it, so either it should be translated or ignored. BTW: Their anti-spam filter can't handle non-ascii characters, and thus defaults to delivery... joy.

Re:Great.. not really

[smetnoc]

Hmm, I'm curious about something. If you're an immigrant and your last name contains an accent that is not used in the country you moved to.. you simply get rid of the accent and everybody's happy. I'm from Canada and know a lot of people who have done this. Haven't heard of any problems with alternate meanings, or the names just looking wrong, or whatever.

So it seems to me that people are willing to drop the accents and adopt a new alphabet under certain circumstances.

The problem we were discussing is that.. well.. there are hundreds of alphabets in use around the world. You use the one that suits you most.. this usually being the alphabet in use where you live.

You start running into problems when you wish to reach an international audience. Which alphabet do you adopt? Should you change the spelling of your city/name? In my opinion, yes, if you have to. If you really wish to reach an international audience with whatever content you're pushing, use what they would be most comfortable with. If simply removing the accents changes the meaning of the world to something unacceptable.. by any means! change the word to something else.. use an alternate spelling.

Some might argue that cities with multiple names might confuse. There are dozens of examples around the world where this has occured and not caused any problems. Danzig/Gdansk, Cracovia/Kraków/Cracow, Moscow/Moskva, Copenhavn/Copenhagen, the list goes on and on.

More erroneous behaviour on the part of Verisign..

[Neophytus]

Verisign are now introducing propriatary, Internet Explorer only, DNS mechanisms much like the system I saw a couple of years ago where by using another company's DNS servers you could have domain.anything. Not only does this mean that anyone not using IE cann't access sites that use this 'special mechanism', but people with standard keyboards cann't access other 'language sites' without using character map - and even that does not contain japaneese/chineese characters IIRC.

Oh, may I also draw your attention to this part of the EULA:
11. Automatic Updates/No Maintenance.
VeriSign has the right, but not the obligation, to provide you periodically with automatic modifications, updates, upgrades, or error fixes for the Software using the transmission mechanism described above. This license does not entitle you to any support or maintenance for the Software.

Another browser 'add-on' that gives itself the right to install whatever the fuck it wants. Verisign should of been closed long ago.

And before anyone complains..

[wackybrit]

Before anyone complains about this:

Furthemore, an erroneous lookup results in getting a VeriSign IP, not an error message

Remember that if you use IE, you automatically get thrown to a Microsoft Web site if you go to a non-existant domain.

Although, bizarrely, I've been getting 500 Server Errors on every incorrect/non-existant domain I've been going to in the last few days. Could this be connected to the main story?

Re:And before anyone complains..

[The+Great+Carbunkel]

Unless you adjust the settings for search.

Re:And before anyone complains..

[yggdrazil]

Remember that if you use IE, you automatically get thrown to a Microsoft Web site if you go to a non-existant domain.

But Verisign change the behaviour of the underlying DNS system, no matter which portnumber, application or OS you use. Yet they only provide a MSIE for windows plugin for IDN domain names.

The internet is not all web, and the changes they made can be bad for applications like mail. The changes they made to DNS behaviour is not a good thing.

Verisign is evil. This is yet another proof. Take the .com and .net registry away from them ASAP.

Re:And before anyone complains..

Where? I've been trying to get rid of it for days, but can't find where to adjust it. Can you tell me?

Re:And before anyone complains..

[Old+Wolf]

Yeah, that's really annoying. Is it possible to change it to just say 'Dns Error' or 'Connection Refused' ?

When you get the stupid IE error page you dont know if it was a dns error or the side was down, unless you look at the statusbar in time and see 'dnserror.shdoc.navdll' or whatever

Re:And before anyone complains..

I've been getting 500 Server Errors on every incorrect/non-existant domain I've been going to in the last few days.

Maybe you're sitting behind a transparent HTTP proxy now. Does it still happen if you try to connect to some odd port on the far end? If it doesn't happen consistently - on all ports - then someone may be in between.

Try hitting an anonymizer service that reports your IP back to you or similar. If it's not your actual address, someone upstream from you is proxying your packets.

VeriSign and UTF-8

[Saiai+Hakutyoutani]

Well anyway, VeriSign isn't using UTF-8 domain names, it's using it's own, Internet Explorer only, proprietary domain name protocol.

What's the point if you, using your UNICODE browser and UNICODE system can't resolve a single VeriSign domain name?

Re:VeriSign and UTF-8

[Phroggy]

Well anyway, VeriSign isn't using UTF-8 domain names, it's using it's own, Internet Explorer only, proprietary domain name protocol.

It's not proprietary just because nobody else has implemented it yet. It's open and documented.

Another fine example....

[slayer99]

...of US corporate stupidity being allowed to prevail over common sense.

Re:Another fine example....

Remember that it is US corporate brilliance that has given us automobiles, airplanes, toaster pastries, computers, internet browsers, Unix, and Linux distributions.

Not all corporations are the same. Surprisingly, they vary almost directly with the people who run them.

IETF IDN Working Group

[jazdc]

I hear of all these proprietary ways to handle non-ascii domain names and constantly fail to see why people cannot wait for the IETF IDN Working Group to finish their work.

Re:IETF IDN Working Group

[rtaylor]

It's been what, 5 or 6 years now? They're going to be another decade before their done.

Does this mean...?

[Temporal]

Furthemore, an erroneous lookup results in getting a VeriSign IP, not an error message.

So, does this mean I will be able to type in "http://shittyassregistrar.com" and get VeriSign?

Re:Does this mean...?

[Gothmolly]

NO, I own that domain. Of course, I did it just so I could put up a redirect page to VeriSign...

Re:Does this mean...?

No but http://shittyassregisträr.com will sure do

Re:Does this mean...?

So, does this mean I will be able to type in "http://shittyassregistrar.com" and get VeriSign?

No, but try http://shîttÿåssrégìstrãr.com.

Re:Does this mean...?

[You're+All+Wrong]

Nope. You have to escape the name, so they recognise it as being non-7-bit.
You'd probably need somtehing like
--verisign-sucks.com
or something, I forget exactly how it works.
(like I ever knew or cared).

YAW.

Re:Does this mean...?

[ariels]

No. You need to add a character with 8th bit set. Try:

dig `perl -e 'print chr(255)."vrsn.com"'`

(substituting your favourite 4-letter abbreviation for "VRSN") or

dig `perl -e 'print chr(237)."dnnow-is-a-bad-idea.com"'`

also works as expected.

Kinda like alternic has been doing for years...

[the1brian]

Selling people domains that are non-standard by using a different DNS... http://alternic.org/ . They've called it "Enhanced DNS". I'm pretty sure hardly anyone actually ever used this...at least no sites of any significance. I'm guessing verisign will have a little more luck, but still not much, as it is a bad business model trying to sell things that require a plugin for the general public... I can just see businesses going out and buying domains that people can't even get to, because they don't have the plugin, and won't get it.

The real significance of the AlterNic site is that the guy that founded it back in the 80's or so ended up in prison for a while, then when he got out, he couldn't use a computer for a signifcant number of years by court order because back when network solutions ran the whole show for domain names, he hacked there DNS to route internic.net to his site, and also hacked their DNS to include his custom top level domains such as .sex.

As far as the license agreement giving verisign the right, but not obligation to automatically update the software without asking first...can you say spyware? Does CometCursor ring a bell?

Re:Kinda like alternic has been doing for years...

[yggdrazil]

No, actually, it isn't. IDN is an internet standard for transcriping international characters in DNS.

There is nothing wrong with the standard here, the main problem is that Verisign destroys the consistency of the DNS system, just for the sake of advertising one of their plugins for one browser for one OS.

Support for IDN should be built into DNS resolvers in applications or operating systems, not being used for messing up DNS consistency.

Microsoft could patch MSIE to support IDNs quite quickly, and then there would be no need for Verisign's stupid dirty hack.

Re:Kinda like alternic has been doing for years...

verisign doesn't care about the browser. That's just a gimmick they are using to sell domains.

Amen, brother!

[0x0d0a]

The mass additions of TLDs, the hacking up of DNS to fix short-term problems...the Internet's changed a lot, and the new target audience is the web-only, Windows-using, Internet Explorerite. Other uses of the Internet are secondary at best, and need not be catered to.

Fortunately, as long as the backbone ISPs don't screw around too much, we can still use alternate DNS roots (like OpenDNS) that hopefully make better decisions.

Seems like any time a company gets big, it gets mean, evil, and totally unable to make the best technical decision.

I hope and pray that Red Hat never ends up there. So far, so good...

Who the hell types domain name anymore?

[EvilTwinSkippy]

/* Begin Rant */ I'm curious.

Who the hell actually types in domain names anymore. My first stop on the net is usually google. Why? There is no way of telling where a domain name actually goes.

I work at the Franklin Institute. Our domain fi.edu. Our customers who type in FranklinInstitute.com get sent to one of those DNS parking sites. (We do have FranklinInstitute.org and FranklinInstitute.net.)

Of course, there is also a Franklin Institute in Boston. Are we then supposed to be FranklinInsituteOfPhiladelpbia and they be FranklinInstituteOfBoston. (Hmm, or franklininsitute.phl.pa.us and franklinintitute.boston.ma.us.)

And, the original name for our organization was The Franklin Institute for the Promotion of the Mechanical Arts, that exceeds 32 characters. We could use the acronmy FIPMA, but most of the folks that visit don't know the PMA part.

Just think of WhiteHouse.com or GMSucks.com.

Granted, it is really nice to see www.petesfamouspizza.com on the pizza joint next door. But at some point you end up writing it down. After a while it will end up being just like a damn phone number, making no sense at all.

/* End Rant */

Re:Who the hell types domain name anymore?

[the1brian]

I type domain names all the time...if you have a good memory, and type at least decently fast, it's definately faster than using a search engine...

Re:Who the hell types domain name anymore?

[gilroy]

Blockquoth the poster:

Who the hell actually types in domain names anymore. My first stop on the net is usually google. Why? There is no way of telling where a domain name actually goes.

Wow. It must be interesting to cruise the Net and never return to a site you've already visited. I don't use domain names for search purposes. But once I've found slashdot.org or bn.com or thinkgeek.com, yes, indeed, I use those to jump right to the page I want without having to pass through a search engine. I like google -- which, of course, I get to by "google.com" -- but I don't need to visit them every time I want to buy a book, for example.

Re:Who the hell types domain name anymore?

[Minna+Kirai]

The phone number thing isn't off-base. The most important public use for typing in hostnames is as the prefix of a web-address you've gotten off of printed materials, like a billboard or advertising circular or bibliography.

Yes, in that case, it is functioning mostly like a phone number. The addition of more length and more characters only makes it somewhat easier to remember. (Pizza stores will almost always have the "pizza" substring in their names. No analysis of a list of phone numbers can give you the slightest clue where they go, without dialing them up)

Re:Who the hell types domain name anymore?

Who the hell actually types in domain names anymore. My first stop on the net is usually google. Why? There is no way of telling where a domain name actually goes.

Yes, but some us who use the 'net and not just the web do actually need/want DNS to function properly and not be subverted by NetworkFinalSolutions.com's stupidity.

Re:Who the hell types domain name anymore?

[jim3e8]

No analysis of a list of phone numbers can give you the slightest clue where they go, without dialing them up

976-LOVE

Re:Who the hell types domain name anymore?

[MikeFM]

Myself I like resources to have a digital signature produced with standard encyption methods (PGP/GPG) with a standardized lookup server. Some P2P protocols use that for finding resources and it seems to work pretty well.

DNS is sort of past it's usefulness. As you said it's impossible to keep all the addresses straight so the majority of people just use a search engine to find the site they want. What signatures does is keep an abstraction layer between the address used by the application and the actual ip - pretty much what DNS does for us now. Since it uses encryption sigs they are hard to fake and there is no need to bicker over them. Random numbers are hardly trademark-disputable items.

Re:Who the hell types domain name anymore?

[zBoD]

> /* Begin Rant */

... really you DO NOT need to markup your comments.

Please stop the "<flame>", "mod me down if you want", "ianal", "my two cents" and such ridiculous disclaimers. Please just say what you have to say, that's all. We'll judge the rest by ourselves

THANK YOU.

Re:More erroneous behaviour on the part of Verisig

[bheerssen]

And the storm shall engulf the followers of Mammon, and they shall become confused. Then shall the legion be like unto a great icon to lead the broken masses.

from The Book of Mozilla, 3:32

(Red Letter Edition)


for the followers of Mammon: about:mozilla

Email fails

[billstewart]

At least the way I read the document, it does only support web servers, which means that SMTP email fails, as well as all the other services. So you can have http://MyChineseServerName.com but not postmaster@MyChineseServerName.com, which is spectacularly broken.

Big question...

[kireK]

When did Verisign merge with Microsoft? Did I miss something here?

what about charsets?

[axxackall]

Russian alphabyte (cyrillic) can be presented in one of ~20 charsets, 5 of them are still in active use:

• "MSDOS" cp866;
• "Windows" 1251;
• "Unix" KOI8
• "Mac" (???)
• ISO 8859-5

The Russian goverment offially approves only ISO 8859-5, but most of people just ignore that charset and noone (besides the govt) use it.

All charsets are different one from each other, mainly (and in most cases) by different positioning the same russian letter in different places of the "code page". That requires to have separate font modification for each charset you want to use (yes, it's true, I have 5 areals, 5 couriers etc); alternatively it requires to decode the document on the fly from the doc's charset to the charset of currently chosen font (some programs can do it, others cannot).

Now, when I see a domain name with some non-ascii letters, and I assume it is in Russian language, which charset should I choose in order to display it properly and to be able to read it? The domain name itslef doesn't keep such information. Does DNS keep it? I don't think so.

Is one russian charset has been chosen over others? If so, who dare to decide it and to be critisized by users of other 4 charsets?

Personally I think that due to such problems in some languages (Chineese also? India as well?) all non-ascii strings should be used in internet only along with some identifiers of the charset. For example, web pages and email messages use such (often - in inconsistent way). Also, XML can assign a charset per sub-tree. But how about domain names? I think non-ascii usage should be limited to documents, while all system identifiers (including domain names) must be ASCII. Period.

Re:what about charsets?

[dvdeug]

Is one russian charset has been chosen over others?

Yes. An encoding of Unicode is used, because that can handle every language in the world and needs no language tagging.

Re:what about charsets?

[tialaramex]

Your conclusion (use ASCII and stop moaning) is correct, but your reasoning is wrong.

The IDN system is for international domain names, not just Russian domain names, a moment's thought will reveal to you that this means it must be based on Unicode. So it is /implicit/ that they are encoded in a certain way and the IDN software sorts all this out for you just as it would with Arabic or Chinese.

The fact that some obsolete software only works in KOI8, or whatever is irrelevant, none of that software will work with IDN without hefty modification.

Why should we "just" use ASCII for Internet DNS?

Actually that's the wrong question. We don't use ASCII, we use a very restricted subset of ASCII. The DNS infrastructure is quite capable of permitting domains called e.g. _;_.~ but they aren't human readable, so all but the most easily recognised ASCII characters were simply banned.

[Yup, banned. Most Unix resolvers just fail requests for domains like this without ever going to the network]

If we don't permit case-sensitive & don't allow wacky ASCII characters, why should we allow all sixty or so variations on the character 'a' that are recognised by Unicode? Just to make Verisign more money?

That's what this is really about BTW, Verisign needs to invent more "variations" of coke.com that can be registered to protect them from "pirates" so that Verisign shareholders can see "growth". Ugh.

Re:what about charsets?

[dvdeug]

If we don't permit case-sensitive & don't allow wacky ASCII characters, why should we allow all sixty or so variations on the character 'a' that are recognised by Unicode?

So that people can use names that are meaningful to them, instead of having to mangle the name of their organization into a very limited foreign character set? 0/O, and l/I/1 are allowed in ASCII (both paypal and paypai), so it's not like confusion didn't already potentially exist.

Re:what about charsets?

Now, when I see a domain name with some non-ascii letters, and I assume it is in Russian language, which charset should I choose in order to display it properly and to be able to read it? The domain name itslef doesn't keep such information.

These domain names would be using Unicode running on UTF-8. Unicode on UTF-8 can encode all characters of all languages, so there is no need to "tag" text as one language or another.

A short explanation: Unicode denotes a 4-byte range of characters. The first 127 Unicode "code points" are equivalent to ASCII; the first 256 Unicode code points are equivalent to ISO8859-1. Russian is in there somewhere, but as a > 256 value, as are Chinese, Arabic, Klingon, etc. In fact, there are not enough languages and characters in the world to fill up 4 bytes (32 bits), so only the first 65535 (2 bytes) Unicode code points are defined at this time.

Unicode only defines a number and an associated character. There are many ways to encode a number, so there are many ways to encode Unicode. For instance, NT uses UTF-16, which means that every "character" is 2 bytes long. This means you can directly encode all of the defined Unicode code points in UTF-16; eg, Unicode code point 1000 is encoded as UTF-16 value 1000.

Now, UTF-16 plays nasty tricks on just about all existing software and protocols that hasn't been written to deal with UTF-16. Just look at the win32 APIs, which have two versions of every function that takes a string parameter. A more clever way of encoding Unicode is UTF-8. UTF-8 is a variable length encoding, which means that a "character" can be encoded as one, two, three, four or five bytes. The neat trick is that if you're only using ASCII (the first 128 Unicode code points), you only use one-byte UTF-8 characters. This means you can start using UTF-8 with existing software and protocols with no change. It's also a very simple encoding, so you can write some routines to deal with UTF-8 pretty easily and you don't have to rely on some bl0ated library. The encoding uses the idea that if you set the high bit in a byte, you use that as a marker meaning that the next byte contains additional information about which character the sequence denotes - note how this scheme works gracefully with software written in C which knows nothing about Unicode). This is clever and elegant: before Unicode, if someone sent you a stream of bytes with the high bit set, they also needed to send you some additional information as to which encoding to use (8859-5, KOI8, etc); however, if the protocol/software has some mechanism for denoting which character set to use, you can just add UTF-8 to that list of encodings. If the software/protocol doesn't have a place for selecting the encoding, it was broken in the first place: it would never select the correct encoding if you're using Russian and the developers were using French.

So, to answer your question, Russian would be encoded as UTF-8, not KOI8, ISO8859-5, or any of the other "one-byte" character encodings.

Re:what about charsets?

[KidSock]

I have a dumb question. If domain names can be Unicode how will such characters be represented in an HTTP URL. According to RFC 2396 there is no defined way to represent anything but US-ASCII in an HTTP URL. Unless there is a way to negotiate an alternative character set escaping would have to be used like this UTF-8 escaped example http://www.c%d0%beke.com. Or you could UCS-2BE escape it like: http://www.c%043eke.com. What does your browser see when you mouse over these? In IE I get "http://www.cke.com" and "http://www.c3eke.com".

Re:what about charsets?

[Old+Wolf]

Your post gives me an idea: why not just use UTF-8 for domain names?

This wouldn't require any bullshit approval and crap, no existing DNS systems would break because they currently reject requests with non-ascii utf-8 characters, the only implementation barrier would be waiting for any apps that want to support it to encode their URLs with a UTF-8 library.

Re:what about charsets?

In Soviet Russia, you don't choose charset, charset chooses you!!!

Re:what about charsets?

code in your own language if you want computers to work in them. Oh yeah, you're just an igorant white American who *thinks* they are being mangamanious and "politically correct."

Re:what about charsets?

[tigga]

The Russian goverment offially approves only ISO 8859-5

Just clarification - there was GOST 19768-74, which was superseded by GOST 19768-93. There are Soviet (then Russian) federal standarts regarding KOI7 and KOI8 charsets.

So Russian government suppose to support at least two charsets..

There are standards for those things.

[billstewart]

We've been dealing with internationalization for more than a decade - applications either support UTF8 or Unicode or CP850 or some similar standard for handling them, or else they don't, and most operating systems provide some hook for inputting them. (That won't help 7-bit-character implementations of vi, but too bad :-) Windows has their Character Map application, so I can go get an Å and a å and cut&paste them into my document.

The real problem is that the DNS standards say that capital and lower-case letters are equivalent, so example.com and EXAMPLE.COM and ExAmPlE.com all get the same result, and DNS lookups translate everything to the same case before looking it up. To handle single-byte international character sets wouldn't have been that difficult - either define a mapping from uppercase to lowercase, or else require that users translate all of those things by hand. But Unicode's two-byte characters make this fail badly - if the bytes happen to be aa, changing them to AA gets you an entirely unrelated character, and vice versa, but the DNS standards force this to be done, because they don't know about double-byte characters. The most serious problems this causes are that only about 1/4 of the characters are valid in DNS, which makes far too many words unavailable - it's bad enough that aa and AA and aA and Aa all become aa, but the chances of a 10-letter word being available are way too low (and think about the trademark problems of coke.com vs. COKE.com vs. CoKe.com etc.) Other problems include the chance that you can't display reverse DNS names properly (because the database has the wrong case in it) or alternatively that the canonical forward and reverse DNS names are different, which is annoying enough for 7-bit character sets where only the case is different, but when the letters change entirely, it's really bad.

Re:There are standards for those things.

[dvdeug]

To handle single-byte international character sets wouldn't have been that difficult

Except for the fact that there's no such thing; a single-byte character set can cover common usage for western Europe, or Greece, but not both, and there's no single-byte character set that can cover Japanese or Chinese.

But Unicode's two-byte characters make this fail badly - if the bytes happen to be aa, changing them to AA gets you an entirely unrelated character, and vice versa

They aren't just sticking in UTF-16 and hoping it works. aa is aa, not a double byte character.

Re:There are standards for those things.

[darkwhite]

Single-byte characters suck, to put it mildly. Try using Japanese, French, Russian, and English at once with single-byte characters. (That's what I do - but not with single-byte).

With proper implementation, there is no upcase problem; your string ops library uses a Unicode upcase table that has matchings for all uppercase/lowercase character pairs in Unicode.

Re:There are standards for those things.

[lahi]

They aren't just sticking in UTF-16 and hoping it works. aa is aa, not a double byte character.

An elaborating comment may be required here. The scandinavian letter 'å' is phonetically related to a long or open 'a' sound. In Denmark, until 1948 or so, the sound was written 'aa', and for example the town I live in, Århus, was written 'Aarhus'. This also meant that aa came before ab alphabetically. When 'å' was adopted from swedish, it was placed _last_ in the alphabet, and since then Århus has been placed _last_ alphabetically. Of course there was much resistance to this change, and some people continued to use 'aa' instead. And in international contexts, it was often transscribed as 'aa' as well, hence the usage which was mentioned above.

The city "competing" with Århus for fame and glory, Aalborg, became Ålborg. Now, not so long ago, they decided in Ålborg that they wanted to spell it Aalborg again, among other reasons it was said that they wanted to be at the _beginning_ of the alphabet.

However - and this is the amusing part - danish lexicographic alphabetization rules require that 'aa' be alphabetized as 'å' when pronounced as 'å', and otherwise as the letters 'a' 'a'!!!

So Aalborg didn't get to be at front alphabetically after all!

Aaaah (Ååh!),and of course people who attempt to write an algorithm to sort danish words correctly tend to develop a painful and chronic headache.

-Lasse

How to type non-English characters

In Windows, you use what's called an Imput Method Editor. (IME) For example, if you computer runs Japanese Windows XP, and you type into Notepad, you phonetically type out the character names on an English keyboard, and it maps the characters to the appropriate Kanji characters. Or if you just want to play with this in English, you can install some other languages and fonts... but don't hit Left-Shift and Left-Alt (as I once did) while in the password dialog... You can't type an English password in Arabic...

Because English keyboards have far fewer letters than asian alphabets, the Speech recognition and Handwriting IMEs are much more popular in these regions. It's also really weird how RTL/LTR directions are handled in Windows when you type multiple languages on the same line of text. English goes left to right, then Hebrew or Arabic which goes right to left, and if you go left, it goes right or left depending on where you are...

Mixing layers

[pslam]

The real story, just like the IAB says, is that it's a hack, and it messes with the distinction between application and service.

Here's an analogy: let's say you try to implement a method to display a pop-up search window when an executable file is not found. The obvious and clean way to do that is at the application level. When the application gets "file not found" from the filesystem, it arranges to pop up a search window. You'd only resort to alternate means if you can't modify existing applications.

Alternatively, you could implement a hideous hack where the file system instead opens a default executable. The application then never knows that the file wasn't found and executes it. It's achieved the same end, but it'll have a lot of side-effects. For a start, the application may not have wanted to execute it. It might even be trying to detect whether it exists. Other applications may not be expecting that behaviour and it'll break them. Another operating system may have that file system remotely accessed and end up running a non-native executable when it was looking for a native one. And years later, developers will still be working around this messed up behaviour because hacks are hard to get rid of once they are deployed at large.

DNS is not supposed to be a "lookup service for http transfers". Assuming that every lookup will be because of web browsing (by IE no less) is stupid. It's not even a good hack. As someone else who has replied to this article has pointed out it may not even cover the majority users. What about all those email servers bouncing email all over the place? What about all the peer-to-peer users? VeriSign would end up getting an enormous amount of non-web related connections hitting their "default IP".

VeriSign may be trying to get something out the door, but they could at least have implemented one of the preliminary specs (like simple UTF-8 encoding or mangling). Not a hack which only works for http transfers initiated specifically by IE, which breaks every other protocol and every other application.

Re:Mixing layers

[Tailhook]

The real story, just like the IAB says, is that it's a hack, and it messes with the distinction between application and service.

The academics what to maintain their precious model and the grown-ups need to deal with real world demands. Same old problem, new medium.

When 32 bits was clearly too few to cope with many new Internet hosts the academics began to invent IPV6. Meanwhile, the grown-ups deployed NAT, classless subnets and RFC2317. Despite the extent of hackery, the sky fails to fall.

Attempting to "secure" the Internet (and push a certain agenda) the academics invent IPSec. The grown-ups, wishing to obey and comply, discover that IPSec provides zero support for NAT and must invent NAT-T. NAT-T is also an ugly hack. Yet the sky, somehow, remains aloft.

The academics are perpetually behind the curve and chock full of agenda. The grown-ups operate on short time lines and small profit margins. If academia wishes to retain control of the destiny of the Internet, it must accelerate the process an order of magnitude. Prior to this you are to expect to witness further hackery from the likes of Verisign et al.

The world wants fully internationalized DNS. The world will not wait another 5-10 years for IETF to bless a solution. The world does not care about the "distinction between application and service". Get over yourselves and deal with it.

In the end, the world will get what it wants. The grown-ups will see to it that the sky remains safely above us. The structure of the Internet will be the result of the first solutions that appear (as opposed to the "best",) regardless of whether they come from Verisign, Microsoft or the IETF.

BTW, perpare to start working on your resolvers. The ones you're using are now obsolete.

Re:Mixing layers

[Zeinfeld]

DNS is not supposed to be a "lookup service for http transfers". Assuming that every lookup will be because of web browsing (by IE no less) is stupid. It's not even a good hack. As someone else who has replied to this article has pointed out it may not even cover the majority users. What about all those email servers bouncing email all over the place? What about all the peer-to-peer users? VeriSign would end up getting an enormous amount of non-web related connections hitting their "default IP".

First off email is going to be afected very little because there won't be MX records in the zone and port 25 won't answer. So the end user will get back an error message. Life will go on without bad things happening. Peer to peer will be much the same.

Secondly, in the real world IE won the browser wars, live with it. The end users voted with their mice.

Ad hoc configurations to ease in infrastructure transitions have always taken place in the real world and the old farts of the IAB have mostly resisted them. They stuck their heads in the sand on the 32 bit address problem issuing notices about how dreadful NAT is. Fact is that without NAT the Internet would already be out of addresses. But don't expect the IAB to pro-actively investigate ways of making NAT really work well. They have decided not to bother with that until IPv6.

Re:Mixing layers

[pslam]

First off email is going to be afected very little because there won't be MX records in the zone and port 25 won't answer. So the end user will get back an error message. Life will go on without bad things happening. Peer to peer will be much the same.

Well there's three breakages already:

• DNS says the domain is valid, but there's no MX records - which gives an error something like "No MX records for this domain/host" instead of "Domain/host doesn't exist".
• DNS says the domain is valid, the emailer somehow tries the host directly (which you could configure it to do) and finds it's not responding. This gives the error "Host not responding" rather than "Host doesn't exist".
• Peer-to-peer apps will try an address and it won't respond. This gets treated internally "Host not responding, try later" rather than "Host doesn't exist, delete from list".

Secondly, in the real world IE won the browser wars, live with it. The end users voted with their mice.

I think that at least one justice system has found this to be untrue - users didn't vote with their mouse, it was won by illegal means. I mostly agree with that ruling. The world is more than just Windows and IE - that's what a proper platform independent protocol is supposed to be all about.

NAT is a hack. It also makes a mess of transparency and isn't 100% in the minority of cases. However, the minority of cases usually break completely. Even things like Quake broke originally until the protocol was modified and people put in special handling in their NAT stuff.

But NAT isn't a fair analogy at all. People use NAT on their home networks, office networks, and other small LANs. Or simply as a poor man's firewall. We're not asking VeriSign (or a local cache) for information on how we should NAT. It's a local hack with the locals completely understanding that it's in there. VeriSign's DNS hack has global effect and can't be turned off.

Unless, of course, you filter the response of "198.41.1.35" (what they return) to mean "host not found". But that would be a hack to fix another hack... which is usually how these poorly thought out "fixes" end up...

Re:Mixing layers

If there's an A record in the domain, whoever's running it is going to get hammered with connect attempts. Lots of MTA software tries the A record when there's no MX. This makes things work even when clueless people on the other end leave them out.

Re:Mixing layers

last I checked, there weren't even 4 billion computers, much less hosts connected to the internet. The "acedemics" (who sell IP addresses) panicked when the internet went from 1 million to 2 million hosts in less than a year after taking 15 years to get to the first million -- and figured at that rate of increase, they'd run out in next 5 months. Whereas people who actually use computers realized that IPv6 was really a dirty hack that wasn't needed, and it was just a bunch of stupid white Americans complaining about a perceived problem the chinese and estonians didn't really have. Same thing with this, only Verisign is advertising.

Re:Mixing layers

[Foresto]

"Secondly, in the real world IE won the browser wars, live with it. The end users voted with their mice."

Whether the users voted IE into its current stranglehold position is entirely debatable, especially considering recent legal findings. Regardless, even if IE is most popular now, consider that Netscape Navigator was most popular several years ago, and another browser may be most popular in the future.

In any case, this whole argument is irrelevant to the matter at hand, because DNS does not belong exclusively to the web. Several other posters have already given good examples of this.

Can we mod Verisign as "arrogant?"

[roderickm]

Though supporting international, non-English characters in domain names is a Good Thing, Verisign makes some arrogant assumptions in their broken implementation:

a) DNS is only used for HTTP (web). By pointing failed lookups at idnnow.com (198.41.1.35) to see the plugin website, Verisign breaks all other services' proper "not found/unresolved/connection refused" response. "Not found" is a more helpful answer than an erroneous one.

b) The universal web platform is Internet Explorer on Windows. First, it's not just the browser that needs to be patched -- all internet hosts will need updated DNS resolvers to handle the binary, non-ASCII names. Even if (a) were true above, there are many other browsers and platforms than IE/Win. And they're using their monopoly power to leverage proprietary software into users browsers.

c) Everybody speaks English. It's time that we as Americans realize that we are not alone in this world. Pompous assumptions like these foster hatred of the U.S. Yes, Verisign offers eight other translations of idnnow.com, but combined with (a) and (b) above, it's just another broken way that an American Megacorp tells the world How It's Gonna Be.

d) Verisign runs the internet. Okay, so this one's almost true, because they have a stranglehold on some of the internet's most intimate infrastructure... but my big beef with Verisign is that they do not approach their responsibilities with an attitude of service. Nameless servants of the public all over the globe quietly keep the internet up and running, but Verisign's public decisions infer that theirs is the only policy that matters.

So, can we just mod Verision as "arrogant?"

roderickm

Re:Can we mod Verisign as "arrogant?"

[TheRaven64]

Newsflash!

The whole world now runs on slashcode. In other news Dubya has been modded 'Troll' and the Senate 'Duplicate'.

Re:Can we mod Verisign as "arrogant?"

maybe this would be insightful... IF IT WERE A REAL OPINION !!!

This an another case of an English-only speaking American pretending to "feel your pain" and show how bad their own country is and how superior they are to the rest of their compatriots.

Next time trot out a house nigger to express your opinions for you. Even the anti-bush "war protesters" are smart enough to get a French politician to front for them.

ah the insecurity

[myrashka]

I can see it now (taking a previous post accurately pointing out that Web browsers are not the sole users of DNS):

[on a *nix type machine]

% telnet iwanttohackdns.com

Welcome to the Verisign unsecured "no one ever uses telnet" root server configuration system.

Command? Delete DNS
Are you sure (Y/N)? Y
DNS Purged.
Command? Quit

Goodbye.

% telnet myserver.mydomain.com

Welcome to the Verisign unsecured "no one ever uses telnet" root server configuration system.

Command? Quit

Goodbye.

Re:ah the insecurity

[Jugalator]

[on a *nix type machine]
% telnet iwanttohackdns.com

You know, on a Windows type machine, replace the % with > and everything would work like on the *nix machine. :-) Yup, we have telnet too, believe it or not. ;-)

XP even has those fancy ping6 and tracert6 utilities for IPv6 support. We're not *that* many years behind you unix guys. :)

This is a bad idea

[Minna+Kirai]

Not only is the implementation a painful, incomplete hack, but even if the DNS protocol were cleanly extended to handle non-ASCII names, it would still be wrong.

DNS names are a very low level component of the internet- they layer just above IP addresses, and provide a persistent way to find an IP host. Today, with hostnames in ASCII, any person smart enough to use a computer can write down a name off a printout, and type it in later. Everybody, regardless of speaking Spanish, Korean, Russian, Chinese, Swedish, or Hindi, can basically recognize and repeat the ASCII alphabet. Not only is it the shortest, simplest character set the world has to offer, but most internet users are already getting some training in it.

Sure, with a Russian character map it might not be completely convenient to punch in an ASCII name- but with a little effort, anyone can do it. But if DNS hostnames start to come in Kanji or Hangul, it will be inestimably worse.

It's trivial to print the whole English alphabet on a single page, and with a rudimentary pronounciation-guide too. But Chinese contains more than 10k characters, many so rare that just 10% of the Chinese population can reproduce them. How'd you like that as the hostname that's been DNSing you? Try reading it over the phone to the upstream sysadmin, maybe?

The system of DNS hostnames is most useful when it uses a least-common-denomintator character set which every literate human can reasonably read, input, and maybe even pronounce. It's mostly like that today, and keeping it ASCII is the way to maintain it.

Naturally, non-English speakers will want to be able to publish server addresses in their own language. But systems to perform these lookups should be created separately from DNS- either on top of it (resolving to DNS hostnames), or alongside (resolving to IP addresses). That way, major international servers will tend to be dual-named: local language for primary users, ASCII-DNSname for everyone else.

The system libraries that software uses to lookup names can be extended to optionally check alternative-charset nameservers before going to the DNS ones, depending on the user's i8n settings.

That solution would be drastically more complete, and less disruptive, than what is presented in the article.

Re:This is a bad idea

[kalidasa]

But Chinese contains more than 10k characters, many so rare that just 10% of the Chinese population can reproduce them.

You're off by at least one order of magnitude on the first figure, maybe 2, and the second figure (percentage of the Chinese population who can reproduce all valid charactes in the Chinese writing system) is almost by definition 0%. Not that this undercuts your argument.

Actually, the best thing to do would be to create a new unification system for alphabetic scripts, matching the Han unification for Chinese-based scripts, just for use with URLs. That way Cyrillic o, omicron, and Latin o would be the same DNS codepoint. Frankly, if you're going to look at a website with a Chinese URL, you're going to know Chinese anyway.

Re:This is a bad idea

[Minna+Kirai]

You're off by at least one order of magnitude on the first figure, maybe 2

Writing 10000 instead of 13000 is not what I'd call an "order of magnitude".

Re:This is a bad idea

[Minna+Kirai]

Whoops, a better link is gives the number as between 6500 and 46964, depending on how obsessive you want to be. Still inside an OOM.

Re:This is a bad idea

[slamb]

Minna Kirai wrote: "But Chinese contains more than 10k characters, many so rare that just 10% of the Chinese population can reproduce them."

kalidasa wrote: "the second figure (percentage of the Chinese population who can reproduce all valid charactes in the Chinese writing system) is almost by definition 0%"

That's a completely different statement. Minna said that there exist characters that only 10% of the population can reproduce. You said no, there are very few, if any, people who can reproduce every character. Both statements could be true, since Minna has not claimed any one person is in all of those 10%s.

You should pay a little more attention to what people are saying before claiming they are wrong.

Re:This is a bad idea

[dvdeug]

Not only is it the shortest, simplest character set the world has to offer,

Not. 0 and 1 is shorter and simpler, as is the Latin alphabet.

But if DNS hostnames start to come in Kanji or Hangul, it will be inestimably worse.

In this day and age, most of us have the ability to cut and paste. Using a kanji or a hangul domain name is a sign your targeted audience has no problem with kanji or hangul.

It's trivial to print the whole English alphabet on a single page, and with a rudimentary pronounciation-guide too.

Not really a useful one, considering the odd digraphs and the fact that DNS names aren't necessarily English.

How'd you like that as the hostname that's been DNSing you? Try reading it over the phone to the upstream sysadmin, maybe?

How do you pronounce ztz01588a.xxqcji.org? That's a valid domain name. Try reading the IP address.

every literate human can reasonably read, input, and maybe even pronounce.

Knowledge of the English alphabet is not required for literacy.

Re:This is a bad idea

[dvdeug]

Actually, the best thing to do would be to create a new unification system for alphabetic scripts, matching the Han unification for Chinese-based scripts, just for use with URLs.

Actually, they do use the same unification system for alphabet scripts as they do for the Chinese script.

That way Cyrillic o, omicron, and Latin o would be the same DNS codepoint

What about a and , or and Y? And what about the Armenian ?

Re:This is a bad idea

[kalidasa]

The actual number is more on the order of 100,000, the Kanxi is not exhausitive (as you should be able to guess from your link, given the fact that it was published in the early 18th century. Look at the Unicode FAQ at http://www.unicode.org/unicode/faq/han_cjk.html . Unicode also is not exhausitive.

Re:This is a bad idea

[kalidasa]

I parsed it diffferently, as "many are so rare that just 10% of the Chinese population can reproduce them (meaning the set)", while you are parsing it as "many are so rare that for some of them, just 10% of the Chinese population can reproduce them (there are individual characters that only 10% of the population can reproduce). Anyway, it's probably still wrong, as there are many archaic characters that are understood only by scholars of Chinese literature, whom I would beg to suggest do not make up 10% of the population.

Re:This is a bad idea

[BZ]

> Frankly, if you're going to look at a website with
> a Chinese URL, you're going to know Chinese anyway.

Not if you're a browser developer attempting to reproduce a bug someone filed...

Re:This is a bad idea

Frankly, if you're going to look at a website with a Chinese URL, you're going to know Chinese anyway.

So Chinese people never write in English?

Let's say you're a Chinese person, with a website that has a Chinese domain, and you want to publish something in English, in order to reach an English-speaking audience. I mean, there are English pages on non-English domains like .de, .hk, etc...

Sure, an English speaker wouldn't recognize the domain's characters, or be able to recall it, but that shouldn't stop him or her from being linked to it, or bookmarking it, or finding it on Google...

Re:This is a bad idea

Knowledge of the English alphabet is not required for literacy.

But I'll bet that more people understand Roman-based characters than anything else.

Take the number of people who know Chinese characters. Take the number of people who know Cyrillic characters. Take the number of people who know Arabic characters. And so on, for each type of character. I'll bet Roman-based characters like in English will be at the top of the list.

Re:This is a bad idea

[You're+All+Wrong]

"""
Frankly, if you're going to look at a website with a Chinese URL, you're going to know Chinese anyway.
"""

What if you're looking for the abuse@ address for a Chinese ISP that host spammers that spam you in Chinese?

YAW

Re:This is a bad idea

[Minna+Kirai]

Not. 0 and 1 is shorter and simpler,

The definition of simplicity, as percieved by humans, is a complex thing. It includes not just the axis you chose (number of characters), but also the information content per-character, ease of distinguishing between characters, and most subjective of all, ease of acquiring training about the characters. The English alphabet scores high on all scales.

More specifically, humans can easily remember series of about 8 characters. Using binary you'd only have 256 values represented. Decimal gives you 10 million. Decimal + alphabet is 300,000 million. Start adding many more characters, and you're exceeding people's abilities to tell them apart.

How do you pronounce ztz01588a.xxqcji.org?

Zee tee zee oh five ate ate ay dot ecks ecks que see jay eye dot oh are gee.

It wasn't easy, but in a minute of effort anyone could do it. Now tell me what percentage of the words on this page you can pronounce?

Try reading the IP address.

IP addresses change. For instance if I wanted to inform a website operator to remove my copyrighted materials, per DMCA. If there's no comprehensible hostname, my lawyers won't be able to tell one Asian warez site from another!

The argument to "just use IP addresses" can be applied against the whole DNS system.

Re:This is a bad idea

[tigga]

How do you pronounce ztz01588a.xxqcji.org?

Zee tee zee oh five ate ate ay dot ecks ecks que see jay eye dot oh are gee.

Should be -
Zet tee zet... ;)))

Re:This is a bad idea

[dvdeug]

The English alphabet scores high on all scales.

But not necessarily highest. The Russian alphabet scores higher - most case pairs in Russian look the same, unlike English, and has a few more characters, but not too many.

IP addresses change.

So do domain names; many domain names are linked to IP addresses. (I was once x8b4e53cd.dhcp.okstate.edu.)

my lawyers won't be able to tell one Asian warez site from another!

If you're sueing Asian warez sites, you better get an Asian lawyer, or he's going to have a hard time in court!

Re:This is a bad idea

[Minna+Kirai]

But not necessarily highest. The Russian alphabet scores higher

The very-important criteria of ease of learning is composed of 2 parts: inherent simplicity, and existing skilled base. Existing skilled persons both reduces the total amount of learning needed, and provides new learners with educational resources.

That's where the Roman alphabet really dominates. It is the primary component of the native character sets of all Americans (North & South), most Europeans, many Indians and Africans, and is recognized and used by the computer-using classes of China, Korea, Japan and Singapore.

(Did I forget Australia? Oh well, won't bother to go search for what they use)

Re:This is a bad idea

[dvdeug]

What if you're looking for the abuse@ address for a Chinese ISP that host spammers that spam you in Chinese?

That's what cut and paste was made for.

Re:More erroneous behaviour on the part of Verisig

[Phroggy]

but people with standard keyboards cann't access other 'language sites' without using character map

Mac OS makes it really easy to type most accented characters in the standard 8-bit ASCII character set with a normal US keyboard, in addition to providing a character map (Key Caps). So, I can easily type domain names in languages like Spanish, German, etc. That doesn't help me with languages that use other character sets like Russian, Japanese, etc. but I can't read those languages anyway, and if I could, I'm sure I'd figure out a way to type them.

Re:More erroneous behaviour on the part of Verisig

SHOULD HAVE

not should of

turn off your TV and read a book.

I18N

[Ancil]

Can't we all just speak English and get along?

Re:I18N

[MavEtJu]

Why can you use your native language / characterset and aren't others not allowed to use theirs?

Re:I18N

[tigga]

Why can you use your native language / characterset and aren't others not allowed to use theirs?

Could you use your native language and characterset in in IP addresses?

:)))

It's not a big deal - URL in someone's native language. It's just unwashed webmasters masses starting to produce unreadable URLs scares me. I imagine Indian user typing japanese URL, or cutting and pasting it....

Re:I18N

[MavEtJu]

Could you use your native language and characterset in in IP addresses?

Sure, that are just arabic numerals (for the people who don't know, the numbers 0-9 you use are arabic).
I can also the standard a-z to make all the words in my language, except for the ones which need accents.

Now, if you and I can do it, why can't other people?

Multiple Choice Question

[willpost]

Which word pair is most like the following:
VeriSign::DNS

a) Rambus::JEDEC
b) Qualcomm::CDMA
c) Enron::PUC
d) SBC::HTML
e) SCO::UNIX
f) Microsoft::GNU
g) Unisys::GIF
h) Forgent Networks:JPEG
i) MPAA::DVD
j) RIAA::MP3
k) Corporate Greed::Standards

Times up, turn your test over, put your pencils down. There will be an essay...

Re:More erroneous behaviour on the part of Verisig

[La+Temperanza]

Yes, Mac OS's accent system is very handy, as well as the alternate Option and Control charsets. I wonder if someone has implemented anything like it for *NIX yet. Russian speakers usually just remap their keyboards. I don't know what Russian programmers do... Never tried to input Japanese or Chinese on a Mac, but this is one of the few areas where Microsoft seems to beat *NIX, at least on English-native systems. The only thing I've been able to do with FreeWnn and kinput2 so far is cause arcane XMMS crashes.

http://www.�.com/

http://www.(TM).com/

Re:More erroneous behaviour on the part of Verisig

Normal UNIX machines have the Compose key... it's the crappy Windows keyboard that has to go.

Re:More erroneous behaviour on the part of Verisig

[La+Temperanza]

Sweet.

http://134.76.25.165/~woelz/linux/kbd/tastatur.htm l

Here is an example

[cscx]

Try going to http://www.épocas.com.

Although you will have to cut/paste as Slashcode strips intl character from the URL (they killed all unicode and non- [A-za-z0-9] characers after all that crapflodding).

Unicode in HTTP URLs?

[KidSock]

Does this mean the domain names are ISO-8859-1 or can they be Uniocde? If they are Unicode, how do you represent it in an HTTP URL? And do browsers support such a thing?

IDNs "have" their IETF approved standard

[globalpersian]

Actually IDNs have their IETF approved standard called "Internationalizing Domain Names In Applications" (IDNA). It calls for changes to individual applications to support IDNs. It is composed of three standards that are going to be published as RFCs and are currently in the queue of RFC editor.

The IDNA standard is currently used by many application developers. For example Mozilla guys are including IDNA in some parts of the Mozilla project

Patented standard (?)

[infolib]

There is a patent by walid.com on substituting national characters with ASCII in DNS systems. (So ærø.dk would be looked up as aro.dk etc.) IETF tried to build a standard but were told (bottom mail) that they could use the patent based on "reciprocity" meaning that companies using internationalised domain names would grant walid license to all their patents.

Re:Patented standard (?)

The patent is null and void because it is based on a white paper submitted by Martin Durest of W3C search for his name and work on google.
http://www.google.com/search?hl=en&ie=UTF -8&oe=UTF -8&q=Martin+Durst+w3C

This angers me

[Todd+Knarr]

I'm sorry, but Verisign should have their status as both registrar and root nameserver operator revoked after this. We depend on being able to tell when a DNS name doesn't exist. The master nameservers for two of the biggest TLDs should never, I repeat never, lie to us about that by returning a record when no such record exists for the name queried.

What Verisign's doing is the equivalent of the phone company responding to a 411 request for a name that isn't in the phone listings not with "I'm sorry, we don't have a listing for that name." but with "The number is .".

Advertising and Mixing layers

[einhverfr]

First of all, I am not opposed to answering non-ascii queries, but one has to realize that those queries might be rather limited in audience as those of us who rely on Ascii and standard US keyboards won't be abloe to type the addresses very well ;-)

However on the subject of a default IP address--

For example, if I am trying to reach my Jabber server, I would rather get a host not found error than a valid IP address that is not listening on that port-- it makes troubleshooting what is going wrong a whole lot easier. Again, with email, I would rather have my program give me a "Host not found" error than tell me than wait for the connection to time out, or be refused. Again, it leads to a very admin-hostile environment.

What they are trying to do is put up those "This domain is not yet ownzed. Click here to buy it now!

Re:More erroneous behaviour on the part of Verisig

[puetzk]

you don't even have to work this hard... just picking en_US instead of us as your keyboard layout when configuring Xkb (XkbLayout in the config file) means the right win key is compose, and the right alt key is mode_switch.

You insensitive clod

Your insensitivity towards the existence of other languages in this world is just apalling.

finally....

[sharph]

now i can have my website be www.@100??? ? ? ? ? ???1?C?tQ.com

See here, moron! (Was - Re:ah the insecurity)

You know, on a Windows type machine, replace the % with > and everything would work like on the *nix machine. :-) Yup, we have telnet too, believe it or not. ;-)

translation: ...Uhh huh huhh huh...yeah...my wintendo has tell-nets! It's got so many cuz I overcocked my mega hurts!

Fucking moron. Not a production or user hosting machine I own has 'telnet' installed on it. Telnet is a nasty insecure protocol and if you don't know how to use netcat you probably shouldn't be doing whatever it is you are doing. Just stop surfing around the interweb on company time and get back to that excel spreadsheet!

I want you to read this very carefully. Your posession of a pretend DOS shell is not something I wish to degrade. It certainly is good at appearing cryptic and very similar to UNIX to the untrained eye. Woo fucking hoo. Comparing your fake-ass command prompt to zsh or any decent shell (bash, ksh...) is like comparing your mom to someone sexy. You probably do both.

XP even has those fancy ping6 and tracert6 utilities for IPv6 support. We're not *that* many years behind you unix guys. :)

See here, moron. A box with a command prompt in it does not mean you even have zsh, much less a decent multiuser kernel, stable drivers, or the security of a UNIX system. You should take a look at MacOS X if you are truly obsessed with power. Quit being ignorant. You're essentially using Windows NT 4 with the latest bugfixes and a newer interface.

Hey, great for playing games on, though!

Yes, I'll be the first to say that it's stupid to argue about which OS is superior, because there are specific roles that fit best. For windows, that's ideally not connected to the internet or if so firewalled and proxied to hell.

The desktop OS of choice is inarguably the MacOS, though. How long X has hobbled the adoption UNIX on the desktop. The flaming pile of dog shit that is X windows has been mercifully doused by Aqua. Still compatible with your X apps, though!

If you want power, go get a Mac, start learning about the internals, and in a couple of years come back with a clue. At least install Linux or *BSD on that x86 box and do something USEFUL with it. And don't forget to shut the fuck up.

Re:See here, moron! (Was - Re:ah the insecurity)

I was starting to feel sorry for dude because you were outleeting him, until you brought up Macintosh and Aqua. But I'm not going to stoop to your level and compare X to your pithy "display" API.

Re:See here, moron! (Was - Re:ah the insecurity)

[JazzManDRP]

This would have been an intelligent comment, if more than 10% of it was correct. Telnet is on the standard Windows install of every machine I've seen in the last 5 years. And I don't recall that Jug's post was ANYTHING to do with what shell you do or don't have, just that Windows has telnet too. Grow. Up.

My notation was apparently not clear.

[billstewart]

When I used "aa", "AA", etc., I wasn't referring to the Danish AA = Å (Duhh - I should have thought of that problem; I've been to Århus/Aarhus and Aalborg/Ålborg); I was referring to two bytes which could be interpreted as two single-byte characters or one double-byte character, demonstrating that this can lead you to do the wrong thing. I probably should have used xy/XY/Xy/xY or some U+4-digits instead.

W3C Internationalized Resource Identifier (IRI)

[Chris+Croome]

There has been quite a lot of discussion of this stuff on various W3C lists, especially over issues as the fact that hex encoding of UTF-8 is case insensitive and URIs are case sensitive...

See the Internationalized Resource Identifiers (IRIs) page for more info.

Re:More erroneous behaviour on the part of Verisig

Good call, AC!