VeriSign Granted a Patent Covering SiteFinder

An anonymous reader writes "Remember VeriSign's SiteFinder? Turns out that a couple of months back VeriSign was granted a patent on resolving unregistered domains. This came about thanks to its acquisition of eNic, operator of the .CC Domain. How long before Verizon, Earthlink, and OpenDNS are hit up for licensing fees?"

Better link

Original discussion [slashdot.org]

Server

I'm guessing combine this with apache and they'll catalog your web site without you having to pay for a registered domain.

Oh the Humanity

Maybe we should patent REALLY BAD IDEAS to prevent them from spreading. Of course, it's hard to imagine in advance that ISPs and a company like VeriSign would make a business from poisoning and subverting DNS.

Flash Wars: Adobe in the History and Future of Flash [roughlydrafted.com]

Re:

Unfortunately the patents become public domain after 20 years.

Re:

After having been trivial, obvious, and awash with prior art by the gallery for decades previously.
None of the presidential candidates, AFAIK, has said peep #1 about patent reform. Hm.

That might be a good thing...

If it stops DNS providers from using this practice... I'm all for it.

Re:

Are we discusing the same Verizon? The one that made every single failed lookup on DNS for the *.com domain, which htey manage, resolve to their advertising pages? It broke a huge number of DNS testing tools, and caused all sorts of nasty traffic problems.

The chance of Verisign blocking this kind of behavior, except to protect the turf so that only they can do it, is so small as to be the same of making SCO admit they lied about owning UNIX.

But prior art...

Didn't the patent on being an asshole expire a long time ago?

Good!

Hopefully Verisign will use this patent to bludgeon this abominable practise to death at ISPs and OpenDNS.

p

Re:

You should check your OpenDNS settings, there is an option to disable the search feature or if you don't like it use another service.

Re:Good!

That's not true. Look under "shortcuts" in your network preferences and turn off the proxy. It doesn't bother 99.99% of our users and it makes shortcuts and google work beautifully, as both should. But if you don't like it, turn it off. :-)

-davidu

This COULD be a good thing, done properly

Imagine verisign charging an absolutely absurd amount for their licensing. I mean totally out of line, like $1M/month. Don't want to pay licensing? Don't infringe.

That would dramatically reduce the amount of this DNS perversion going on.

Not that this is going to happen, but it's an interesting prospect to think about. Heaven forbid the system be taken advantage of to the benefit of the people.

Could, but won't

If they make it something reasonable, they get to collect license fees. Money for no work. If they use your idea they get nothing except respect from the community.

I know which one they're going to pick.

Obligatory Behind-the-times Question

My ISP has recently joined the ranks of retards who return an incorrect result when a domain is not found. I've been looking around but it's unclear who is out there running DNS that I am welcome to use, that is worth using, and that is likely to be at the same IP for a long time. Whose servers should I use?

Re:

opendns

http://www.opendns.com/ [opendns.com]

Re:

I should have actually read your request properly before posting. OpenDNS is designed to give you almost exactly what you don't want.

Sorry.

Re:

OpenDNS is designed to give you almost exactly what you don't want.

designed to, yes, but it's not mandatory.

i've been using OpenDNS for the last month or so and have found it to be very good -- much, much faster than my ISP's DNS, and reliable. i get the standard "not found" messages rather than "useful" search results and ads if i type a wrong address, since i've switched off all OpenDNS's extra features for my IP. there were one or two features which looked like they may have been useful which had to al

Re:

Typically the ISP is just having their own DNS servers do this (as opposed to using a hidden DNS proxy). The solution is to run your own resolving cache.

I'm trying to avoid going to the root servers, which I understand is considered to be rude if you're just joe schmoe and don't have a bunch of users behind you.

Thus, even running my own cache (actually, I'm using dnsmasq for local resolution) I still need forwarders. I just don't want to use the ones from my ISP.

Re:

Do you mean root (".") or TLD (".com" et al) servers. Sorry to ask but a lot of people say "root" but mean "tld".

Anyway, primary the root zozne yourself. Run a copy of .com locally. Stop sucking on the tit of US government run DNS servers; we've been babied for 20 years and we really at this point should be doing this stuff for ourselves.

Somebody ought to look in the wayback machine for alternic.net. I have a vague memory of Kashpureff doing this well before 2001.
Talk abourt irony. (He went to jail for hac

Many Reasons this is Appalling

There are so many things wrong with this. The first one is that it doesn't actually work as indicated in Claim 1, because it's operating at the wrong levels of the protocol stacks. DNS maps between names and IP addresses, and is used for many different kinds of Layer 4, 5, and 7 applications, but URLs are a Layer 7 function typically supported by browsers, and the identification of what kind of service the client is interested in is not known at name resolution time, or even what Layer 4 transport protocol or Layer 7 application protocol, and in fact the methods used in the patent have the DNS operator's web server decide what kind of response web page to provide in response to a URL included in a HTTP request, even though the client's DNS request might not have been intended to be used for HTTP. When Verisign implemented their annoying breakage of DNS functionality, they supported HTTP on port 80, and had a stub email server that did a sloppy approach to rejecting connections, and AFAICT didn't provide other services, such as correct rejections on SSL's TCP Port 443 or SSH's TCP port 22. It's not clear that they even did the right thing at Layer 3 - if you were trying to "ping misspellllled-example.com", they not only should have answered the DNS request with a "No Such Domain" error message, but if you sent it a ping, it shouldn't respond (I forget if they responded to pings or not; many systems don't do that for self-defense.)

Another reason this patent shouldn't have been accepted is that wildcard domains were a standard capability, and having a web server try to provide useful information in a 404 page was probably a known capability, or at least obvious to someone skilled in the trade. Responding to a DNS request with the IP address of a web server that isn't the one the customer was looking for might not count as "obvious to someone skilled in the trade" because it's obviously wrong.

Re:

It's stupid, but that doesn't mean nobody's ever done it - my ranting is as grumpy as it is because Verisign did it and several other sets of people have done it since then. Verisign's attempt was really egregious, since they're the main registrar for .com and .net, and ICANN yelled at them until they stopped (one of the few times I think ICANN has really done the Right Thing.) Most of the other people who've done it are ISPs (who shouldn't do that, but you can always set your system to point to some othe

on a related net neutrality issue:

http://www.truthout.org/docs_2006/050508R.shtml [truthout.org]

'''
The Federal Communications Commission has recently encountered mounting scrutiny in response to its broad deregulatory practices. Public frustration regarding the FCC has peaked at a time of fierce debate on net neutrality.

        In a memo obtained Tuesday by The Washington Post, 30 current and former commission employees complained about the leadership of FCC Chairman Kevin Martin.

        Staff members observed that "the FCC process appears broken and most of the blame appears to rest with Chairman Martin."

        The memo, written to chairman of the House Energy and Commerce Committee John Dingell and chairman of the House Energy Subcommittee on Oversight and Investigations Bart Stupak, increases pressure on the FCC chairman, who, in particular, has been accused of a rigidly anti-regulatory, pro-corporate approach. Many critics assert that his approach has contributed to a lack of oversight over network providers.
'''

What's a little deregulation between friends, right?

I sincerely hope they sue Earthlink...

I sincerely hope they sue Earthlink, because maybe then Earthlink will stop the stupid practice of NOT returning a failure when the domain is not found.

It is getting ever more difficult to find DNS that just works as it should, instead of coming up with a result for every request, even if it has to make one up. :o(

*mutter* *mutter* *mutter*

Tomas

Re:

Or just make them pay VeriSign. Say... what's VeriSign doing to make money now-a-days anyway? Nothing? Hmm... whatcouldpossiblygowrong?

Re:

i start to use SSL certs other than verisign

VeriSign bought Thawte and GeoTrust.

And other than VeriSign, whose code signing certificates are accepted for 64-bit kernel mode code in Windows Vista? Comodo's certificates aren't [tech-pro.net].