[Standards-JIG] proto-JEP: Best Practices toPrevent PhishingAttacks on the Jabber/XMPP Network

Andreas van Cranenburgh andreas at unstable.nl
Thu Nov 17 01:40:22 UTC 2005


On Thu, Nov 17, 2005 at 12:02:42PM +1100, Trejkaz wrote:
> Hmm... interestingly, "1 vs. l" would only trick people using serif, while
> "l vs I" would only trick people using sans-serif.  But international
> characters are certainly more fun.
> 
> The classic example of the internationalised characters being used would
> be the Cyrillic A.

It occurs to me, this is another reason why I like terminal/console: it
has monospace fonts, which are usually easier to read in terms of
characters being visually different.

Don't know for sure, but IIRC there have been studies which say that
monospace is also /generally/ easier to read.

So eh, the point: let's use monospace for all fingerprints (hashes) and
domainnames; ie. security-sensitive stuff. Reasonable?

PS: of course any kind of monospace you might want, Courier New, Courier
by company X, or something totally different: appearance is not really
the issue to solve.

-- 
        Andreas        [ http://unstable.nl | xmpp:andreas at unstable.nl ]
                       [  callto:ils.seconix.com/andreas at unstable.nl   ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20051117/5dde2d72/attachment.sig>


More information about the Standards mailing list