Verisign Sues ICANN Over SiteFinder

camusflage writes "Yahoo's running a story about VeriSign suing ICANN for holding up Sitefinder. Choice quote from VeriSign: 'This brazen attempt by ICANN to assume 'regulatory power' over VeriSign's business is a serious abuse of ICANN's technical coordination function.'"

I'd would say...

[clifgriffin]

That Verisign's site finder is a brazen abuse of their power as a service provider.

It's a cheap ploy to get billions of hits to a VeriSign controlled page.

I have 0 respect for Verisign...they have long established they will discard customer concern for any perceived increase in money.

A True Battle of Evils

[dmehus]

ICANN has made numerous unpopular decisions throughout its corporate life. So has VeriSign. This is truly a battle of two evils. Which one is the lesser evil, in your opinion?

In my own personal view, I do hope ICANN emerges from this lawsuit as the "victor". If VeriSign were to win its request for an injunction against ICANN, and on the broader claim that ICANN "unlawfully transformed itself from a technical coordination body to the de-facto Internet regulator," I feel it would have far-reaching implications for all of us. It would effectively muzzle ICANN and give VeriSign free reign to do as it pleases with the Internet -- at least until a legislative change was made, such as making ICANN into a government regulatory agency similar to the FCC. Mind you, that might be a good thing. It might force the Bush administration's conservative laissez-faire approach to Internet governance to get a dramatic overhaul and become more regulatory. Another plus to ICANN becoming a taxpayer-funded government regulatory body, it could keep its acronym and be enshrined into law as the Internet Commission for Assigned Names and Numbers. Or, it could become the Internet Naming and Numbering Agency -- or INNA.

Nonetheless, this will be a bitter battle.

It also has high stakes for VeriSign. If VeriSign is unsuccessful, it will almost certainly ensure that the dot-net gTLD is redelegated to a new operator later this year.

My take,
Doug

P.S. Copies of the complaint:
http://www.politechbot.com/docs/verisi gn.complaint .p1of2.022604.pdf

and

http://www.politechbot.com/docs/verisign.complai nt .p2of2.022604.pdf

Re::rolleyes:

[Quasar1999]

I agree with your views... However, I would suggest we simply get rid of verisign, ICANN, and every other company that can hold the internet hostage. I don't have a good replacement strategy in mind yet, but there's got to be a solution that doesn't leave a single company holding all the cards. Distributed administration of the internet? Is that possible? I don't know, I'm not a network theorist (or whatever the official title for that would be.)... anyone care to explain why we have a single entity in charge?

ICANN will fold to Verisign...

[Saeed al-Sahaf]

In all likelihood, considering recent political restructuring at ICANN, they will probably fold to Verisign, who essentially dictate to ICANN right now. Not a troll, not flamebait, simply true.

Reform ICANN!

[Anonymous Coward]

Glad to see that the early hooting isn't only anti-VeriSign. People ought to consider that ICANN has been burying everything registries want to do in piles of bureaucracy, while trying to grab more and more money and power. ICANN should be reformed and stuck to technical operational issues rather than playing footsie [icannwatch.org] with international bureaucrats. Think of all the nonsense that would come from the ITU/U.N. getting its mitts on "Internet governance," which is being discussed in Geneva today and tomorrow [itu.int]. VeriSign is no angel, but if it can take ICANN down a notch, I'm for it.

Why do we need Verisign?

[teeker]

This may be a dumb question....but why do we need Verisign? I know they control some of the root servers, but why them? Couldn't the internet as a whole (if it could somehow come to an agreement), give those root servers to somebody else? The list of root servers is static. If everybody just changed the list all at once, their servers would suddenly become quiet and this would be a non-issue.

Of course, I realize that doing that would not be so straightforward, but such an effort would send a message...to Verisign and to anybody else that would try this kind of crap. Self-healing network, heal thyself!

Fighting back?

[bobetov]

At what point does it make sense to start editting Verisign.com out of the internet? The basic ploy here seems to be to ride rough-shod over the concerns of the technical users and administrators who maintain the 'net, in the hopes that uneducated consumers will ignore the issue.

It seems to me that the thousands of sysadmins, ISP admins and so forth who read this site and feel the pain of Verisign's greed have an option here - alter our local DNS registries to point www.verisign.com etc to 127.0.0.1. Given enough people doing this and their business will start to feel the pain.

It would be a fine twist to this whole mess, and perhaps drive home to the PHB's at Verisign exactly how annoyed this makes those of us who understand the ramifications of their actions.

One argument they could use...

[SmackCrackandPot]

Very often, when anyone tries to access a now non-existant web page, the ISP owning the relevant server will forward you to one of their home pages. Or maybe a web domain speculator will buy up a domain name, and use that to forward you to their search engine. Verisign could argue they're doing something similar. Obviously it's wrong, but it's more or less what other people are doing.

Wait a sec

[Dark Lord Seth]

Doesn't ICANN hold SOME authority over VeriSign about DNS? Can't ICANN just "pull the plug" and tell VeriSign to go take a hike while they find someone more competent to take care of the root DNS servers? I mean, this is getting more or less ridiculous and as far as I understand it, would severely hamper several spam-fighting techniques used, possibly other things as well.

Besides, isn't it possible to get rid of the whole root DNS server idea in the first place? The attack on the root servers a few months ago didn't do much damage but it made clear that IF the root server went down ( granted, for extended periods... ) that the internet would be flat on it's arse unless we started using IP adresses. ( Which doesn't solve the problem because of absolute linking used on some websites... Though it would allow other uses again like FTP, SSH, etcetera. ) So why not a root DNS p2p network then? Still the root idea as used for DNS now, but instead of querying a set of dedicated root servers, DNS servers lower in the hierachy would query a root p2p network instead. Give ISPs a server with access to the network, same thing for registrars & co and someone decides to be a prick with DNS records, have ICANN throw them off be severing all communications with the other party's DNS servers.

Re:A True Battle of Evils

[Anonymous Coward]

Mind you, that might be a good thing. It might force the Bush administration's conservative laissez-faire approach to Internet governance to get a dramatic overhaul and become more regulatory.

How would that be a good thing?

Another plus to ICANN becoming a taxpayer-funded government regulatory body, it could keep its acronym and be enshrined into law as the Internet Commission for Assigned Names and Numbers. Or, it could become the Internet Naming and Numbering Agency -- or INNA.

And how would this be a "plus"? Who cares what it's called?

Besides which, ICANN's authority is granted by the Department of Commerce, so any .gov smackdown of Verisign would come from that direction.

Re:Fighting back?

[silentbozo]

Or better yet, demonstrate how DNS MUST operate on mutual trust, by sending anybody trying to query www.verisign.com (and other associated names) to their competitors (on a random basis.) If Verisign wants to break DNS, they'll have to deal with the fact that anybody else down the chain between the root server and the user can break it equally as well.

Remember folks, we use DNS because it's useful. If it stops being useful, we can stop using it just as quickly.

Re::rolleyes:

[Christoff84]

Errmm... Last I checked, regulating internet infrastructure with regards to assigned names and numbers is ICANN's job. Anything less than a "brazen attempt" and they would be failing at enforcing the RFCs and other regulations they've been entrusted to enforce. Since when do Verisign's business interests trump this?

Well considering this lawsuit was filed in the United States, I would assume that Verizon's business intrests would trump ICANN's interests to keep the internet running smoothly.

Then again, ICANN could remove the responsibility from Verizon to manage TLD's and give it to someone else.

Re:One argument they could use...

[s7uar7]

No, this is completely different. This is like Verisign buying every unused domain name, and forwarding to their site. They are getting for free what would cost a web domain speculator $millions.

Re:SiteFinder and non-geek disconnect

[RAMMS+EIN]

Similarly for SCO. Their claims sound quite reasonable if you don't read what other parties say about it. This is why objectiveness and freedom of speech are so important.

There was an article in the Dutch newspaper Metro a while ago, reporting on research findings that claimed 85% of Dutch individuals and corporations saw virus protection as the responsibility of ISPs. This is a ridiculous preposition, considering that virii spread just fine without ISPs, and ISP don't and shouldn't have any business restricting what traffic goes to my network.

I wrote a letter to the paper explaining this, blaming the spread of virii on people using faulty software, from suppliers negligent to release patches, and users not applying them. I also mentioned alternatives. The posted the letter (omitting the alternatives; sadly, as I don't like pointing out problems without proposing solutions), and I hope it has helped people gain some more insight. I intend to post the letter (and a translation) on my website.

Interesting

[petabyte]

I don't suppose ICANN can just allow them to go ahead with sitefinder and simulaniously terminate their contract to host the registrys?

That's wishfull thinking but it would still be nice. I'm glad my .org is beyond their slimy reach for the moment.

Verisign: theroot.ofallevil.com

[Myriad]

How better to show my displeasure with Verisign and their Site Finder 'service' than by making use of the very DNS system they want to mess up?

May I present: theroot.ofallevil.com [ofallevil.com]
Joining the ranks of: thesource.ofallevil.com [ofallevil.com]

I love DNS...

Blockwars [blockwars.com]: multiplayer, head to head, free tetris like game

The solution

[wurp]

The solution is to alter a DNS server so it examines the results it gets back from its parents, and if it's a BS Verisign auto-search response, tell the requestor that the domain doesn't exist. Then we all start running and/or pointing to a DNS server that runs this new & improved DNS server, and all is good.

Be sure to make the change modular so we can remove it when Verisign pulls their head out.

Re:Why is Verisign still alive?

[Anonymous Coward]

get your facts straigt

whereever you buy your .com/.org/.net domains versisgn gets money because the run the dns servers it's about $6 per domain iirc

Re:A True Battle of Evils

[milkman_matt]

So you are looking forward to being required to get a license for your Web site and a permit for your mail server?

I know it's bad to restrict people like that, but DAMN that would make the internet a paradise (if regulated properly) especially the 'permit for your mail server'. In fact, tell me again why this is bad? We've proven ourselves to be incapable of managing our servers responsibly so far...

-matt

Time to think about DDoS

[Wolfier]

When SiteFinder DOES go back up.

"Which invalid random URL do you want to visit the next millisecond?"

The papers just reflect general society

[swb]

And general society is pig-ignorant when it comes to computers and technology. A reasonable percentage can do the obvious things with technology that corporations have spent billions making as easy as plug and play, but by and large they remain totally ignorant when it comes to even the most basic explanations of how technology works.

Furthermore, there's a significant number of people who hold the notion that knowing "how things work" somehow makes you some kind of commoner or blue collar schmuck, and unfortunately many of these people are in high-visibility leadership positions and they pass these attitudes down to their followers, spreading the misguided notion that ignorance of technology -- ANY technology -- somehow is evidence of your superior social or economic standing.

So I actually can't blame newspapers, other than that they're just reflecting the general ignorance of the general population (plus all the usual problems with in-depth facts and information gathering daily news media have).

I think it's up to us or some geek advocacy group to work the PR hard on this so that the news media gets a better idea of what's actually happening and how it hurts the internet. We know that Verisign will be more than willing to work THEIR PR resources to get their side of the story out.

Re::rolleyes:

[armando_wall]

Last I checked, regulating internet infrastructure with regards to assigned names and numbers is ICANN's job.

Yeah. I don't know what's going on in these verisign people's minds.

I remembered them stopping the service because of ICANN issuing warnings and threatening to sue. It's not like ICANN literally forced them to shut that nasty service down (they should have that power, by the way).

Re:Why is this still an issue!? I don't understand

[iso]

to put it bluntly
a perpetual contract

Verisign doesn't have a perpetual contract on the com/net gTLDs. Their contract on .net expires in 2005 and .com expires in 2007. The already lost .org to PIR [pir.org] last year, so it is plausible that they may lose .com and/or .net as well.

However, be careful what you ask for. PIR has proven themselves to be even more incompetant than Verisign. It was nice to see them move to EPP [coverpages.org], but if they had messed up a .com transition as much as they messed up the .org transition you'd have been crying on your knees to bring Verisign back.

Regardless, SiteFinder still stinks.

Re:I'd would say...

[EvilJoker]

What would happen if another domain registrar would decide to do something similar? Could it lead to antitrust action against VeriSign?

Re:a US-gov-controlled internet?

[thrillseeker]

when has the gov't taken over a previously private role and done a better job?

Public transport. In fact, most cases where you get an effective monopoly.

Actually, no. Government control of public transport has simply allowed hiding the true cost behind a tax structure - it's great for those that make use of it to not have to bear the full costs - but rather unfair to all those who have no choice in the matter to foot the bill regardless. Contrarily, a privately funded system has to pay its own way, and be paid by the actual users - which is why so few such efforts are started and even fewer work.

Re:A True Battle of Evils

[ScrewMaster]

It also has high stakes for VeriSign. If VeriSign is unsuccessful, it will almost certainly ensure that the dot-net gTLD is redelegated to a new operator later this year.

Yes, and that would be too bad, wouldn't it. The thing is, they currently have a guaranteed revenue stream (one that really is all out of proportion to the investment they have to make to maintain it: of course, that applies to most registrars. I wish I could run a database with hundreds of millions of entries and get $20-$30 every year for each of them.) If they kill this particular Golden Goose I cannot say that I would feel remotely sorry for them.

Re:I'd would say...

[nutznboltz]

Just put together CGIs that produce lots of invalid E-mail addresses that appear real and wait for them to be harvested by SPAMbots. Eventually there would be an awful lot of SPAM being sent to the One True Incorrect Address. Web spiders could be fooled into DoSing by pages full of invalid links.

Re:Working with...

[AndroidCat]

It's surprisingly honest. "in the end we're still dead in the water" implies that they are currently dead in the water. Surly overpriced service with bogus invoices, yes, "dead in the water" is a good start.

Re:Working with...

[kcbrown]

"Working the ICANN process is like being nibbled to death by ducks," said Tom Galvin, VeriSign's vice president for government relations. "It takes forever, it doesn't make sense, and in the end we're still dead in the water."

Funny, that sounds a lot like the process of getting Network Solutions (a.k.a. Verisign) to make domain changes -- or, at least, a lot like the way it used to be. I ditched them a few years ago for precisely this reason.

To Verisign: look in the mirror, pal.

Why isn't Verisign getting fired?

[DonGar]

A simple question. Verisign is just a sub-contractor. Why haven't they been fired over site finder, and why do they believe they won't be fired now?

If they are being paid to do a job, they have to do the job they way they are told to do it, or quit/get fired. Right? Why is this any different just because the employee is really a multi-billion dollar corporation?

Since when does "the right to innovate" equate to the right to rewrite job requirements?

technical solution?

[ajagci]

What Verisign's action means is that they return a different kind of result for non-existent domains. That's an annoying, one-sided change to technical standards, but apparently, they are not going to budge.

OK, so why not just modify DNS client software to recognize the bogus DNS entries as an authoritative non-response and have them behave as before?

If Verisign persists and tries to mask those domains really well, this may, of course, require trying to connect to the bogus site, but in that case, Verisign is just paying for a lot of bandwidth for advertising without getting any eyeballs for it.

Re::rolleyes:

[Anonymous Coward]

Surely the US has some institutions that would be able to handle this administration? Things that come to my mind are the .mil, NASA and MIT. I think if you want to get companies such as Verisign out, you have to give it to a neutral government, educational or military institution (.mil may be a problem internationally though).

Re:Working with...

[gbjbaanb]

I don't know - ICANN stomped on sitefinder v1 almost straightaway. I call that a pretty fast moving process.

Perhaps it only goes slowly once you get the hourly-billed lawyers involved.

Remember to let their CEO know how he's doing!

[Phil John]

at forbes CEO approval rating site!:

http://www.forbes.com/2003/05/01/cx_ceointernetpol l.html [forbes.com]

Re:Non-Existant .com & .net names

[Huge Pi Removal]

That would only hold true if domain names could have an unlimited number of characters. I think that a domain has a limit of 64 characters, so given [a-z0-9-] as legit characters, we have a namespace of 37^64, ish, which is about 10^100 (since 64 * log(37) = 100).

Now, admittedly there are assumed to be only 10^80 particles in the universe...

Verisign: We don't want sitefinder

[salesgeek]

What is killing me about this whole thing is that the internet doesn't want sitefinder! This is verisign going: you need this. You want it. And the internet at large going. No, you can keep it.