In March 2018, I was ready for the opening up of .ie domains to non-commercial entities. Now, with proof of Irish id, anyone could register any available .ie domain (rather than just their name as before). I wasn’t ready for the extra efforts that my domain name choice, fograi.ie, would need.
Fograi (actually it’s fógraí) is the Irish word for announcements/notifications/adverts. Soon after registering fograi.ie with the superb registrar letshost.ie, I began to wonder about síneadh fada’s. A síneadh fada is an acute accent on vowels (á, é, í, ó, ú) in Irish. I quickly discovered that síneadh fada’s (and a whole lot more characters besides) became eligible in domain names in the early 2010s.
I was happy that I could get the real and proper version of the domain registered, fógraí.ie. I wasn’t so happy about having to pay to register a second domain for one website. However, I did register it. So that’s when the fun began.
I don’t recall when I first noticed it. I probably saw it a few times but didn’t give it any attention. However, soon, it got my attention. Then it became my focus. xn--fgra-ypa6a.ie is what was registered. Not fógraí.ie, but xn--fgra-ypa6a.ie! Now before it starts to sound like I got scammed by letshost.ie (I did call them superb) let me clarify a few things. Firstly, I lied, but only a little. I had registered fógraí.ie but xn--fgra-ypa6a.ie is how it is registered.
DNS servers have run addressing on the internet since the ’80s. DNS servers convert text web domains, e.g., fograi.ie to a numbered system, e.g., 188.8.131.52 known as Internet Protocol (IP) addresses. These DNS servers were designed to only accommodate the 26 Latin characters, a-z, the digits 0–9 and the hyphen character.
Punycode is a simple and efficient transfer encoding syntax. It uniquely and reversibly transforms non-basic Latin text into basic Latin text. This encoding process is how fógraí.ie ends up as xn--fgra-ypa6a.ie, which the good ole DNS servers can understand.
Equipped with my two domains, fograi.ie and fógraí.ie, I went about the task of getting an email address. Primarily for its familiarity and affordability, I decided upon using GSuite, basically a business version of Google’s Gmail. Buoyed by the sight of fógraí.ie in the web browser address bar, I deviated from the original plan of firstname.lastname@example.org and went instead for eolas@fógraí.ie. Of course I did! What fun! (Remember I promised you some of that earlier).
That’s when it happened. I saw it again. Every time! In every xn--f email I sent, there it was.
Even if such an email does not get spam filtered, it’s a wholly unreasonable expectation on the recipient to be able to identify it from a scam email.
Domain spoofing was a concern of security experts before the internationalisation of domain names. Would you notice the difference between the ‘а’ in the Cyrillic alphabet and the ‘a’ in the Latin alphabet? Try these two links to see the difference:
аpple.com v apple.com
Scammers could look to register Cyrillic alphabet ‘а’ аpple.com as part of a scheme to target users of the real apple.com.
It would be difficult or impossible to register such a domain as Cyrillic alphabet ‘а’ аpple.com. There are blocks on mixing characters from different alphabets in domains. Each domain suffix has its own rules, known as Label Generation Rulesets. Ireland’s .ie domain suffix additionally allows the Irish accented characters (á, é, í, ó, ú) only.
My domain name pain is a prime example of an (English) First World problem. The reason for internationalising domain names is to create an equally accessible internet for all of the world’s citizens. At the end of the year 2000, 26% of the 360 million global internet users resided in the USA. In 2019, China and India lead the way accounting for more than a 30% share of the over 4 billion global internet users. Asia overall accounts for over 50% of the global total.
The Internet Corporation for Assigned Number and Names (ICANN) manage the internet’s Domain Name System (DNS). ICANN policy is driven by its community, which consists of anyone who wants to be involved. ICANN is eager to allow people around the world to access domain names in their local languages.
Punycode also allows the use of emojis in domain names. ICANN prohibits emojis in domain names as it considers them risky. ICANN says that emojis can be hard to tell apart and don’t display the same on each platform.
Not all domains heed ICANN warnings and allow emojis in domain names: .cf, .ga, .gq, .ml, .tk, .st, .fm, .to, .je, .gg, .kz, .com.kz, .org.kz, .ws
Since you have come this far you might be interested in the ICANN meetings which are open to the public but registration is recommended.