Thursday, February 15, 2007

Using Internationalized domain names (idn) with Firefox

Internationalized domain names (idn) is a way to support non-ascii characters in domain names. Most characters in the world can be put in domain names with idn. Technically speaking, an idn (ex: viagénie.com) represented in the Unicode character set are encoded in ascii with a prefix (xn--) and saved as is in the DNS. For example, viagénie.com is actually stored as "xn--viagnie-eya.com". It is up to the browser to show it decoded properly (as viagénie.com instead of xn--viagnie-eya.com).

There has been some (appropriate) concerns on the too large character set available for idn, such as spoofing domain names. The brute force cure is to show the encoded version (xn--viagnie-eya.com) to the user instead of the decoded version (viagénie.com) of the idn. Therefore, some top-level DNS registries have applied some restrictive rules on the possible set of characters that can be registered in the domain names under their authority, some haven't. There is work currently to update the idn specification to be more restrictive in the use of inappropriate characters in idn.

By the principle of precaution, Firefox developers decided to disable the decoding of idn for the TLD registries that do not have sufficient restrictive rules (on the judgement of the developers). The drawback of this is that, by default, for some tlds, idn displays well (i.e. viagénie.biz), for some tlds, idn are displayed un-decoded (ie. xn--viagnie-eya.com). Other browser vendors have different ways: always decode, never decode, ....

One of the tld registry in the list of non-decoded idn in Firefox is .com, but .biz is decoded. Type in the url box of your browser:
  • http://www.viagénie.com
And then, after connecting to the site, look at the url box. The .com in Firefox default config should show the xn-- version.

To force Firefox to enable IDN and to decode .com idn, do the following:
  1. about:config" in the url box.
  2. filter "idn"
  3. make sure that network.enableIDN is set to True
  4. add a new item: "network.IDN.whitelist.com" as a boolean and set it to true. (to add a new item, go to the up-right corner and option click the little icon there: took me a while to find it out!)

Disclosure Note: I was the co-chair of the IETF working group on idn and am co-author of some parts of the whole specification(RFC 3454, RFC 3491). So yes, I'm partly responsible for this not perfect idn solution that needs improvement. But I think that even in the current shape, it is still good enough technology to make the Internet more ready for everybody in any language.

Technical references:

4 comments:

aamonster said...

IDN in current shape - a great hole for fishers.
And you'd better set network.enableIDN to false (or at least set network.IDN.whitelist.com etc to false), because if you set it to true you once go to site like http://gmаil.com (look at 'o' letter - it's not latin 'o' but russian 'о') and lost your account.

aamonster said...

sorry, mistake in example - http://gmаil.com with russian 'а'.

Anurag said...

Would it be okay if I clean my system unit three times a month using shop vac? Can this possibly inflict damage to my computer?
Ms office support
Pc optimization
Printer support

markjacktechnicalsupport said...

I'm hoping that they completely remove storage limits. Do it for April Fools Day. Then buy Dropbox and do the same thing.
operating system support
Setup, Configure and Troubleshoot Wireless Network (Wi-Fi)
computer repair