NordVPN Promotion

Home / Blogs

Do We Really Need IDN?

James Seng has quoted that Korea, China and Japan must have IDN (Internationalized Domain Name) service. His statement may appear as above mentioned countries desperately need for IDN services because there are no alternative. However, there have already been well established local Internet address providers since quite some time.

Currently, there are local Internet address (multilingual keyword type) service providers such as, Netpia, 3721 and JWord in Korea, China and Japan respectively. 3721 and JWord are providing Internet address service through their client s/w and Netpia, through ISP server (DNS) and their client s/w. Common ground for these three companies are that 1) in keyword format where they do not allow prefixes and suffixes, 2) in local language. Also, IDN services were once offered through VeriSign, however, inconvenience of having 1) long address format, 2) switching character-set while typing address, and 3) downloading client s/w has created confusion to end-users and lost its popularity. Nevertheless, multilingual keyword type of address was implemented even before IDN service that end-user stuck with shorter version of Internet address.

Based on the statistics of December, 2004, there are 450,000 multilingual keyword address registered and getting 50,000,000 keyword queries per day in China, and 20,000,000 client s/w downloads in Japan and 1,000,000 registrations and 32,000,000 queries per day in Korea. As you could notice easily from China and Korea’s number, multilingual Internet address has become a de Facto standard in both countries that IDN could be alternative, not a critical need at this time.

Last winter, many people might have heard and read articles regarding phishing attacks that was caused by IDN that Mozilla has even announced they will remove IDN functions from FireFox. IE was the only browser that did not have the same problem because they did not implement IDN functions on their browser.

In addition IDN could;

1) bring weakness in stability of security

2) have incompleteness as Internet address

3) re-write already built and successful infrastructure of multilingual Internet address and create even more confusion

Microsoft had sore experience of security instability problem on their IE. Also, they could fall into yet another law suit from multilingual keyword providers like Netpia, 3721 and JWord if they implement the IDN service on IE. Well, time will tell what the next move of Microsoft is.

BLACK FRIDAY DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Jason S

Filed Under

Comments

Suresh Ramasubramanian  –  May 5, 2005 3:04 PM

Keywords are a fairly non standard way to go about the entire thing.  And your entire argument seems to be that IDN has some issues - which are being worked on by the way - and that people who are selling keyword based domains are going to sue, if they find IDN becoming a standard?

I look forward to a more detailed and reasoned experience on why you feel keywords are much more effective than IDN

James Seng  –  May 7, 2005 1:23 AM

Pls do not put words in my mouth. If you want to use my quotes, please quote what I said exactly. And I never say anything to the effect there is no alternatives.

Netpia would certainly not benefit if & when Microsoft implement IDN i am sure. But your arguments here are no more then ‘it is insecure’ and ‘i will sue’. 

Protecting your own turf, fair enough, in the commercial world. But in the world of public interest, a little competitions benefit everyone else.

James Seng  –  May 7, 2005 2:01 AM

Ah, I got asked who you work for by a few people - I realized you didn’t say it outright in your profile.

Why hide? You work for Netpia, the largest keyword provider for Korea. Your boss is Kangsik Cheon, the WGIG member who is responsible for extremely badly written IDN paper.

Suresh Ramasubramanian  –  May 7, 2005 2:09 AM

not the first time people try to use a public forum like circleid for amateurish PR efforts

won’t be the last either

unfortunately

Ram Mohan  –  May 8, 2005 9:07 PM

This is a poorly researched article that invokes traditional FUD (Fear, Uncertainty, Doubt) rather than offer anything concrete.

Yes, keywords are cool.  They are not a substitute for a domain name.  The DNS providers have to implement special software, and/or clients have to download special stuff onto their computers.  None of the “multilingual Internet address keyword” works from my computer here in Philadelphia.  The Chinese .CN domain name I go to works without any problem on my computer.

This article is bereft of sufficient technical merit to be responded to in a technical manner.  At most, it’s a statement of commercial and political opinion - which I respect your ability and right to say.

Suresh Ramasubramanian  –  May 9, 2005 12:40 AM

Circleid is not a place for articles without technical merit that are posted only to spread FUD or score political brownie points.

“Jason S”‘s commentary is totally out of place, and as he works for a large keyword provider but doesnt seem to be open enough about this in his member profile, I’d say it just doesnt belong on circleid.

Ram Mohan wrote:
> This article is bereft of sufficient
> technical merit to be responded
> to in a technical manner. At most,
> it’s a statement of commercial and
> political opinion - which I respect
> your ability and right to say.

Ebina Cho  –  May 9, 2005 1:18 AM

Whoever they might be and what their intentions might be, your replies are very disappointing. I strongly believe that this is not a place for praising IDN in which any opinion against IDN is considered PR. To fullfill “pulic interest” about IDN could be done by productive discussion not by attacking other’s privacy breaking codes of conduct.

Suresh Ramasubramanian  –  May 9, 2005 1:31 AM

> this is not a place for praising IDN in
> which any opinion against IDN is considered
> PR.

Oh, there are lots of ways you can express opinions against IDN, by presenting reasoned technical arguments. The arguments in this circleid article were neither reasoned nor technical. 

Further, in the spirit of full disclosure, articles that criticize something, when written by someone who provides a competing technology, must be accurately signed.  “Jason S” doesn’t give his surname, and beyond saying that he is assistant to a WGIG member, does not inform us that he works for Netpia.or that his boss is the COO there.

James Seng  –  May 9, 2005 2:24 AM

CircleID published the homographs attacks on IDN and altho it is a big blow to those who wanted IDN, it was well-recieved and the technical community responded with technical solution. The point is the article is no more the FUD (“I will sue Microsoft!”).

And in a discussion of policy making for public interest (in this case on IDN), anonymity (he has his picture up there btw) is a not well-received, especially if the ‘informant’ has a vested commercial interest in the outcome.

This is not a case where the he has a reason to be anonymous to say what he wants for public interest. - in fact he has a reason to be anonymous to say what he wants for his private interest. That to me is a big difference.

Ram Mohan  –  May 9, 2005 4:16 AM

>To fullfill “pulic interest” about IDN could be done by productive discussion not by attacking other’s privacy breaking codes of conduct.

This is not an issue of “breaking privacy” or “codes of conduct”.  Jason S was deceptive in his article and about his interests.  This is not a serious article, just a political opinion.

There’s no “public interest” in praising keywords and damning IDNs, especially after you don’t disclose that you or your employer makes $$$ from keywords.

Ebina Cho  –  May 9, 2005 4:38 AM

In regard to Mr. Suresh Ramasubramanian’s reply:

Full disclosure is a philosophy of security management. Full Disclosure means “Full details of the vulnerability are disclosed to the public”, often through Bugtraq, Secunia, Full-Disclosure or other sites.

The theory behind full disclosure is that releasing vulnerability information immediately results in quicker fixes and better security. Fixes are produced faster because vendors and authors are forced to respond in order to save face.

Full disclosure came to life after it became clear that the method employed by CERT did not work out as intended and it was rumored that CERT had a policy of providing advance information on vulnerabilities to some organizations and government agencies, which pay for this privilege. In the meantime, the vulnerabilities were actively exploited by hackers.

Researchers were angered and insisted that the vulnerabilities must include full-disclosure of “the details of the vulnerability” and this is the spirit of Full Disclosure -nothing to do with “Privacy Disclosure” things.

Just wanted to comment “technically” as a network security consultant. ;)

Suresh Ramasubramanian  –  May 9, 2005 7:44 AM

Ebina - yes, thanks. I’m aware of the full disclosure list and its history. And I do find it useful to lurk on that list .. however that’s completely besides the point here.

Would “transparency” and “declaration of vested interests in a debate” be terms that are more acceptable to you in this context?

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

DNS

Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

NordVPN Promotion