I thought it was still a project, but apparently it “already
works”: I refer to Internationalized Domain Names (as defined by
RFC 3490),
or the possibility of inserting (almost arbitrary) Unicode characters
in Internet domain names—that is, one can now buy not only
domains with names such as myname.com but also those like
мояфамилия.com;
the way it works, really, is that when any IDN-compliant
program encounters a domain name like
мояфамилия.com,
it transforms it into something cryptic like
xn--80aqalcbm2c2fg.com (the encoding is an extremely
complicated one, known as Punycode
, which is described in RFC 3492)
and then handles it as if the user had typed exactly that. So
basically we could say that the Internet domain name registrars have
found they could sell such absurd domain names as
xn--80aqalcbm2c2fg.com by telling you that it really
means
мояфамилия.com
and by persuading the authors of Web browsers and whatnots to perform
the conversion. Ingenious.
All this means, of course, that people will abuse the system in
every possible way. One question is whether character normalization
prescribed by RFC 3454
(another unmanageably complicated specification) will actually be
performed or whether it will turn out to be possible to register
domain names such as goo<zero-width unbreakable
space>gle.com or other idiotic things. Someone has
already pointed out that it is possible to register
paypal.com with a cyrillic ‘а’ instead
of the second ‘a’, in other words paypаl.com,
which really means xn--paypl-7ve.com
(here, Mozilla is being
overzealous: I actually write this as a link to
http://www.xn--paypl-7ve.com/ and it displays it as a
link to http://www.paypаl.com/; this would be
acceptable behavior if I had written
http://www.paypаl.com/—in
HTML—or http://www.payp%D0%B0l.com/, but
this is really going too far). IE, as usual, is saved by
not adhering to standards. Ha, ha, ha.
Conversely, there may be rules about not registering domains of a
single character, but what if someone wishes to register
xn--2sx.com, literally? Well, it's been done already, it seems.