Verisign's Domain Redirects

Jeffrey Kay jeff at
Tue Sep 23 11:20:55 PDT 2003

Seems like DNS is in trouble yet again.  This is a pretty interesting issue.
One could argue that managing a root gTLD server is a public trust and
Verisign is violating that trust.

-- jeff

VeriSign stands firm on domain redirect
Last modified: September 22, 2003, 6:07 PM PDT
By Declan McCullagh
Staff Writer, CNET

VeriSign said Monday that it would not abandon its decision to point
unassigned domain names at its Web site, but representatives did say the
company would form a technical committee later this week to look into the
problems caused by the change.

During the last week, criticism has steadily grown over VeriSign's "
SiteFinder " service, which has caused problems for network administrators
and confused spam-blocking utilities. A number of Internet standards bodies
and administrative groups have asked the Mountain View, Calif.-based
company--which enjoys a government-granted monopoly over the .com and .net
registry--to stop, and a second lawsuit seeking an injunction against the
practice was filed Monday.

On Monday, VeriSign spokesman Tom Galvin said SiteFinder would remain in
place because "we think the technical review committee is the appropriate
mechanism before making any long-term decisions about the service." The
committee members who will be chosen by VeriSign and will report to the
company will be announced later this week, Galvin said.

"All indications are that users, important members of the Internet community
we all serve, are benefiting from the improved Web navigation offered by
Site Finder," VeriSign Vice President Russell Lewis said in a Sunday letter
to the Internet Corporation for Assigned Names and Numbers (ICANN). "These
results are consistent with the findings from the extensive research we

ICANN is the nonprofit organization that oversees Internet domain names. On
Friday, the group asked VeriSign to pull the plug on its "wildcard"
redirection service.

Since then, ICANN's Security and Stability Advisory Committee has published
a more-detailed critique of the technical problems caused by VeriSign's
move. The committee--which includes a VeriSign representative--said it would
hold a public meeting in the Washington, D.C., area on Oct. 7 and has asked
for feedback to be sent to secsac-comments at

"VeriSign's change appears to have considerably weakened the stability of
the Internet, introduced ambiguous and inaccurate responses in the (Domain
Name System), and has caused an escalating chain reaction of measures and
countermeasures that contribute to further instability," the committee's
critique said. "VeriSign's change has substantially interfered with some
number of existing services which depend on the accurate, stable, and
reliable operation of the domain name system."

VeriSign's new policy is intended to generate more advertising revenue from
additional visitors to its network of Web sites. But the change has had the
side effect of rewiring a portion of the Internet that software designers
always had expected to behave a certain way. That can snarl antispam
mechanisms that check to see if the sender's domain exists, complicate the
analysis of network problems and possibly even pollute search engine
results. Because VeriSign will become a central destination for mistyped
e-mail and Web traffic, its move also raises serious privacy questions.

On Monday, domain name registrar Go Daddy Software filed a lawsuit in
federal district court in Arizona seeking to halt the SiteFinder
redirection. "VeriSign has hijacked this entire process," Bob Parsons,
president of Go Daddy, said in a statement. "When the user is sent to
VeriSign's advertising page, VeriSign gets paid by the advertiser when the
user clicks a link to get off the page, to the tune of $150 million
annually, as estimated by VeriSign."

It appears to be the second lawsuit filed in response to VeriSign's move.
Popular Enterprises, the parent company of search provider, sued
VeriSign over the SiteFinder redirection last week, alleging antitrust
violations, unfair competition and violations of the Deceptive and Unfair
Trade Practices Act.

Also in response to VeriSign's move, the well-respected Internet
Architecture Board published on Saturday a document titled "Architectural
Concerns on the use of DNS Wildcards," referring to the domain name system.
It says the danger of "wildcard records is that they interact poorly with
any use of the DNS that depends on 'no such name' responses."

jeffrey kay 
weblog <> pgp key <> aim <jkayk2>
share files with me -- get shinkuro -- <>

"first get your facts, then you can distort them at your leisure" -- mark
"if the person in the next lane at the stoplight rolls up the window and
locks the door, support their view of life by snarling at them" -- a biker's
guide to life
"if A equals success, then the formula is A equals X plus Y plus Z. X is
work. Y is play. Z is keep your mouth shut." -- albert einstein

More information about the FoRK mailing list