Configurable IDN Homograph attack protection?
I'd like to start a discussion of whether it's possible to have the IDN homograph protection be a bit more configurable? More specifically, attacks are usually using characters with small accents, but the legit IDN names usually use other characters, like the Norwegian Æ, Ø and Å. Maybe it's biased, but I feel these should not be part of the protection scheme, as they are clearly separate characters? Would it even be possible to only protect names with vulnerable characters or on a TLD basis?