#What is an IDN domain?
IDNs (Internationalized Domain Names) are also referred to as special character domains. Internationalized domain names contain special characters or non-latin characters.
Examples for IDNs
Special characters from the German alphabet:
- fußball.tld
- häuser.tld
Spanish special characters:
- fútbol.tld
Chinese characters:
- 足球.tld
Cyrillic characters:
- Футбольный.tld
#Why do IDNs exist?
IDNs enable billions of people to use the internet in their national script or alphabet. Initially, letters from non-Latin fonts were not included in the Domain Name System. One could only register domains including some of the ASCII characters (a-z, 0-9 & hyphens).
With the rapid growth of the internet in Asia, the adaptation of possible characters in domain names was absolutely necessary.
Top 3 countries by % of total global internet users (source: icann.org):
2000:
- USA 30%
- Japan 9%
- Germany 6%
2014:
- China 22%
- USA 10%
- India 8%
Of all 16.797.696 .de domains approximately 4 % are IDN domains (status: 21.02.2021).
#How do IDNs work?
With IDN domains you can use almost all Unicode characters. In the current version these are 137,929 characters. Nevertheless, not all non-ASCII characters are allowed in all top level domains, as registries themselves can determine which exact characters can be used.
To ensure that IDNs also work for the DNS servers, a suitable procedure was developed when they were introduced. The Unicode character string (IDN notation) is converted into a valid ASCII character string using the Punycode coding process. This converted character string is called ACE-String (ACE = ASCII Compatible Encoding). The ACE string is then stored in the DNS.
Example:
küche.tld is the domain (German word for kitchen).
xn--kche-0ra.tld is the ACE-String (including the top level domain) that is registered in the DNS.
Further examples of what an IDN looks like as an ACE string:
| IDN | ACE-String |
|---|---|
| fußball.tld | fussball.tld |
| häuser.tld | xn--huser-gra.tld |
| grüße.tld | xn--grsse-lva.tld |
| 足球.tld | xn--5eyx16c.tld |
| Футбольный.tld | xn--90aqfidwgh3ei.tld |
#How many characters can be used in an IDN?
The ACE string can be up to 63 characters long. The coding characters are involved in the domain length. In the case of "grüße.tld", for example, there are not 5 but 13 characters.
| IDN | ACE-String |
|---|---|
| grüße.tld | xn--grsse-lva.tld |
#Problems & risks with IDNs
Problems sending or receiving e-mails
Domains with special characters can cause problems when sending and receiving e-mails in older e-mail programs. If you want to play it safe, it is recommended to also register the domain without special characters. You then use this domain for the e-mail address and the domain with special characters for the website.
Homoglyph phishing attacks
IDNs can be forged with so-called homoglyphs. These are letters that look similar to others, as is the case with 0 and O or I (i) and l (L), for example. Attackers can therefore create "fake pages" that look the same, with the URL also looking very similar. If this page is then used to query login data, great damage can be done.
The domain looks pretty similar to the original. In many cases you can hardly tell the difference:
| ACE-String | IDN | Original |
|---|---|---|
| xn--mlka-qpa.tld | mìlka.tld | milka.tld |
| www.xn--le-m1aa24e.tld | www.ɑƿƿle.tld | www.apple.tld |
| www.xn--80ak6aa92e.tld | www.аррӏе.tld | www.apple.tld |
| xn--n1afa3fe.tld | сіѕсо.tld | cisco.tld |
Many web browsers have now implemented security precautions against these attacks.
