February 26, 2005

Opera Fixes IDN Spoofing Bug

Opera released the second Beta version of its next browser (8.0 Beta 2). It includes an answer to the recent security debate over Web site spoofing.

Download Opera (8.0 Beta 2)

Opera has created a whitelist of safe Top-Level Domains for IDN. TLDs are considered safe if they have implemented anti-homographic character policies or otherwise limited the available set of characters to prevent spoofing. Current whitelist contains .no, .jp, .de, .se, .kr, .tw, .cn, .at, .dk, .ch and .li. List is updated automatically in the Opera version check. Domain names from other top-level domains that contain characters outside Latin 1 will be displayed in punycode.

What else to look for in Opera's Beta 2:

  • Easier customization and skinning
  • Online Certificate Status Protocol (OCSP) verifies that the certificate has not been revoked by the certificate authorities
  • Atom newsfeeds

Related: Firefox 1.0.1 (Security Update)

Posted in Security and Privacy by Syam Kumar at 06:21 PM
Permalink | Trackbacks (0)