Slashdot Mirror
ICANN Limits Terms Of VeriSign Domain Control
Pinky3 points to this story on Yahoo! which says: "In the much-awaited decision, the Internet Corporation for Assigned Names and Numbers (ICANN) limited the term of VeriSign rights to the .org name to the end of 2002, and the .net name to the start of 2006.
VeriSign, the operator of the world's largest domain name registries, would keep rights to the lucrative .com name through November 10, 2007, and have the right to renew this agreement for a new four-year term if it meets certain criteria." VeriSign has the .com domain locked up pretty well already, at least until 2007, and now (for Internet time at least) indefinitely. In 2011, I bet VeriSign will point out the awful mess (think of the risk!) of trying to redistribute control of .com to anyone else.
Yup, already doing it. OpenNIC.
WWJD? JWRTFM!!!
Because the first names registered would be those such as "microsoft.sux"
At this point, it might very well be "icann.sux", "networksolutions.sux", "verisign.sux". At least, those would be the ones I would register first.
But it should be pointed out that the only real restriction right now on starting your own TLD and getting away from all this crap is the fact that you'll need to convince enough people to use your nameserver as a new root-level server... Otherwise, there'd already be more popular TLDs...
If we could convince package authors for Linux/*BSD systems to include alternate root servers in their bind/genericdnsfoo packages, a large part of the problem would transparently be solved. Maybe...
--
"The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
Interesting concept. I'm not sure how you'd get around one company/organization running the centralized directory for this, though.
.com someone was working on a DNS system that used Freenet to distribute DNS around the net, but then it becomes a chicken-and-egg problem (again).
I saw in Verisign Usurps
--
"The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
Personally, I'd want to have ".deb"... :-)
.nym (one of my personal favorites) could then be made available as well. And if enough sites support alternate roots by default, then for the majority of folks, it would be completely transparent. It might even make VeriSign/NSI sit up and take notice. Not that I'll be holding my breath for THAT to happen.
Actually, there ARE a few fairly inexpensive registrars out there, such as Joker and Gandi.net. Both are only 12 Euros/year, which at today's exchange rate is about $10-$11 US. I've had some fairly good experience with Joker, others have with Gandi. It just depends if you want to use a German or a French registrar (if that matters to you). Both have most/all of their pages in english, so for the great unwashed ignorant masses in the US (myself included), it's painless.
But I really think it would be great if the free/opensource OSes got together and formed their own root nameservers. All the cool TLDs, like
But given the success of these OSes/philosophies in general, even really cheap (read $5/year or so) costs, coupled with a more intelligent name policy, would hopefully make great inroads...
--
"The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
Well, probably
Ouch. Tough break. I kept putting it off, and putting it off, and then a friend went a registered a
--
"The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
Aside from the somewhat confusing (to someone like my gf who doesn't know anything at all about DNS, yet registered a domain) web pages, I've been fairly happy with Joker, which is also 12 Euros a year. I should probably compare them to gandi.net, since I have an easier (read any chance) of understand untranslated French than I do German (and some of Joker's pages never got translated the last time I was there).
--
"The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
I hope that it is replaced in the next year or two by a more sane directory structure. If I am trying to find a web page for a business, I imagine looking up the entry for Businesses/ACME Tools (of Hayward, California, USA), not www.acmetools.com, or maybe acme-tools.com, or haywardacme.com, or even getsometools.com! I can imagine looking up the entry for Publications/The Onion: America's Finest News Source.
If a system suh as this existed with 1) a defined network protocol, 2) an easy way to add and change entries, and 3) a widely-accepted algorithm for solving naming conflicts, I think it would handily replace the DNS as the primary lookup system. Of course DNS would still be used, for namenumber translation and whatnot.
Would that be the risk that they freely give away microsoft.com to any yahoo who claims to be a Microsoft employee and forks over a few hundred dollars?
-"Zow"
I think the point is that no matter how many gTLDs are created, BigCompany is going to insist that it hold all combinations of BigCompany.gTLD and they will use the capitalist running-dog lackeys of WIPO to get them.
Learn to spell: nickel, missile, lose, solely, amendment, speech, kernel, probably, ridiculous, deity, hierarchy, versus
It's not nasty, I promise.
Dacels Jewelers can't be trusted.
I'm wondering if by 2011 the DNS system will still even be relavant to 90% of the internet. By then I think we'll see a much higher peer presence on the net where we log onto a directory server at the ISP which lets people connect to our personal web server appliances. Well for the most part this is a pipe dream. However I do think DNS might not survive the next decade. It is already fairly dated which causes about a bajillion workarounds just to enable dynamic internet connections. I think we'll only see more and more dynamic network nodes due to the fact half of the things in your home will end up being internet aware. Would you rather adapt DNS in order to get a permenant address for your PDA (which will eventually end up being a true personal assistant with a silicon rather than carbon based brain) or merely have your ISP do the work by providing directory access to you.
I'm a loner Dottie, a Rebel.
If ICANN really is as corrupt and mismanaged as all that, I can well believe in a scenerio that The Register put forward a while ago: an alternative and fair(er) root DNS system set up by a consortium of the larger ISPs. Alternate DNS systems aren't a new idea, what with Alternic and all that, but the idea that a hacker-led initiative such as this could ever gain the support of the rest of the world (because this is a diplomatic rather than technical challenge) is fairly remote. No, think about it... how many representatives of the enormous backbone carriers would need to gather in a room to agree on such a solution, and give the finger to ICANN? Not a great deal, I'd imagine-- they'd have the money and motivation to set up the necessary committees, registration systems and technical infrastructure, and if they did it fairly, any ISP's involvement in such a `fixing' of the DNS system would gain them brownie points with the community. Heck, even if they didn't do it fairly, it's not as if it could be much worse than the current setup.
It might sound like pie-in-the-sky language, but given the outrageous conduct we're witnessing, it seems increasingly possible.
Matthew @ Bytemark Hosting
And they will only make $XXX million in that time frame. Remember that there's tons of names going every day, and eventually the selection will be extremely limited to anything but the most unique names, so the potential for profit of the future owners would be greatly limited.
Yes, but what about the millions of domain name holders paying $$ for renewal each and every year? Those renewal fees soon mount up to a pretty tidy sum with very little effort on Verisign's part.
Ongoing coverage of ICANN issues in a Slashdot-like format can be found at ICANNWatch.org. In addition to today's coverage, note the interesting letters from Senator Burns to the Dept. of Commerce and to the GAO.
I have a blog.
Everyone here should listen to Karl on this, after all he is one of the most progressive (not to mention honest and ethical) ICANN Board members. And one of a small minority that was actually elected to the board.
In other words: He's one of the good guys .
He also was one of a small minority of board members who opposed today's ICANN action.
The problem with this is that .org was never intended for non-profit organizations, it was intended as the catch all domain for those who didn't fit into the others.
Further, the enforcement of such a provision would drive the cost and prices of domains up into the hundreds of dollars per year.
Lastly, when the TLD has been in use, and has millions of registered domain names in use, for as many years as .org has been running in this fashion, it would be grossly inappropriate to change the policy now. The harm to existing domain owners alone is a reason why this particular move should be blocked.
There are some excellent comments in the DNSO GA list for March 2001 that describe the problems with this change in policy in detail. Please take the time to read them before jumping to the conclusion that this change would be a good thing.
The archives are here, make sure you fast forward up to March 2001 (they start in Nov 2000).
I guess some browsers have problems with that large domain name.
You can reach the site at http://www.disgrace.org/ also.
Also, the DNSO statements to ICANN are at:
http://www.icann.org/melbourne/dnso-input-verisign -revisions-28mar01.htm
The ICANN propoganda about the agreement is at:
http://www.icann.org/melbourne/info-verisign-revis ions.htm
ICANN was facing a real problem with this issue. They need the additional money Verisign/NSI will be paying them under this contract compared to the old one, but in a rare instance, nearly all of the organs of the Domain Name Supporting Organization opposed the new contract. The Constituencies, except the one of which Verisign is the sole member and the Intellection Property one who is counting on getting commercial activity in .org prohibited and the ccTLDs who are hoping this means less money from them to ICANN, indicated strong and vociferous opposition to the new contract. The General Assembly also came out strongly against the new contract. The Names Counil was slightly less strong on the point, but still came out against the new contract by a clear and indisputable majority.
So how could ICANN adopt the new contract without abandoning their pretense that they were a bottom up consensus organization?
Get some very minor concessions in the last 24 hours that address some of the more irrelevant points raised by the constituencies, and then use those changes to say that they addressed the concerns of the DNSO and that justifies their ignoring the consensus of the DNSO that the original contract should have remained in effect.
They have shown similar patterns in the past, including during their startup when the Department of Commerce mandated that they address concerns raized by the Boston Working Group and the Open Root Server Confederation. They made some minor token changes and then proceeded to do business as usual.
Under this contract the only type of organization who can run the .org registry is a non-profit organization, thus setting the framework for disenfranchising millions of .org domain name holders by changing the registration policy for .org. Even if the existing .org holders get to keep their domains, they face some serious disadvantages as a result of any change of .org from an unrestricted catch all gTLD, as it was intended, to a non-profit only TLD.
They say the change to .org is not for certain, do you believe them?
Have a .org domain? Join the protest.
http://www.ORG-domain-name-owners-lobby-against-II, for one, welcome our new Antichrist overlord.
There's really no reason I can think of that the top level domains have to be managed by those who handle it so poorly. This is a great oppportunity for an open-source style community effort. That is after all how come the root servers are spread all over the place.
The name service uses a nice flexible protocol. It would be a cinch to add a new server to one's hints file, or to switch completely to using a separate group of top-level servers.
Top-level name servers of the new system would probably need some serious connectivity, but we could spread that out easily enough.
I'm already looking at doing this for the MetaLAN, a virtual network of home users' internal networks using FreeS/WAN - we're going to set up our own DNS system to use the .meta TLD for all of our internal IP space. I'd be interested in helping with setting up a similar alternate community-based DNS system. Anyone know of people already doing this? If not, want to start one? I do.
The Signal/Noise ratio can be improved in two ways. Remaining silent is the OTHER way.
By the time 2011 roles around, there will [most probably] be an onslaught of new generic top level domains (like
---
---
"Of course, that's just my opinion. I could be wrong." --Dennis Miller
Org for "organization" is perfect for a catch all kind of tld -- any kind of organization not necessarily a business. Redefining it would only cause confusion.
For non-profits, ".NGO" would match their own native argot -- they often call themselves "non-governmental-organizations" to indicate that they are working on issues of public importance but they aren't government sponsored.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
I guess this sounds like a good thing, but I seriously mistrust corporations with this much power. I mean, they change the rules, but they can always change them back. And, as long as the powers that be have the word "corporation" in their name, capitalism dictates that their decisions will have more to do with profit margins than the continued, healthy growth of the internet.
sean> Under this contract the only type of organization who can run the .org registry is a non-profit organization,
Can anyone comment on where people who need an unique domain name, but don't have a organization are supposed to go??
e.g. I have a domain name for family use.
Thank you for the link, I'm adding my domain name to the petition.
Since the .org domain has been wildly abused over the last couple years, exactly how is this to-be-announced non profit organization re-establish control over the .org domain, and make sure that it is used for its original purpose?
.org owners keep their domain names......
This is going to get ugly...... I sincerely hope they let existing
Feed the need: Digitaladdiction.net
but http://i.want.chocolate too! so whose server does it point to? or if you are suggesting that a list of sites come up when you type that in, whose name is at the top of that list? how do i tell someone how to find my site? "search for http://i.want.chocolate and then click to the second page of results. i'm usually about 4 or 5 names down the list". excellent system!
the problem with all the domain name replacement ideas i've seen (RealNames being the most popular one) is that they have most of the same faults as the old one. it's a tough problem, since the name NEEDS to be unique, but many people will want the same name (and the names need to be relatively short and easy to remember -- otherwise we could just use IP addresses).
Go over to dhs.org. There, you can register a 3rd level domain for yourself off of the dhs.org or wox.org domains, which they own. I have two such domains, and host them off of my Linux server which has a DNS server running. By doing so, ANYTHING.mydomain.dhs.org is mine. I can add one system, I can add a hundred systems. I can even dynamically assign them if I want to. That's not the case if it's simply one big string. I have to pray that a.mydomain.dhs.org is available, which is not guaranteed just because I am using b.mydomain.dhs.org.
While me running my own little domain for ego's sake is not the most important reason in the world to use a given standard, the same advantage exists for larger organizations. Everyone who uses AOL has a domain name assigned to them when the log on, based on their IP. It's something like dialup45-pool22.aol.com, or something equally obscure, but still unique. More importantly, still having symantic meaning of its own. You can tell right off that it's an AOL system (.com not meaning much any more), and that it's a temp dialup connection in modem pool #22. If everything was random strings, they couldn't do that, unless they registered EVERY possible permutation of *aol* just to make sure that no one else did. Can you imagine fuckme.aol.com, or ihate.ibm.com? Right now, those don't and can't exist (unless someone at IBM's network center is having an arguement with his boss).
It's the same logic behind IP address blocks. My university owns its own class B, so 123.456.*.* (real numbers withheld, of course) will always be something here at the school. That makes administration far easier, and makes tracking down a hacker far easier as well.
Even phone numbers use the same hierarchical system. Country Code, Area Code, Exchange (somewhat muddled now), and Extension.
And yes, even your own name is a hierarchical naming system, specifically because it's easier to understand. If your name is Frank Johnson, then you can name your kids pretty much any first name you want, but their last name will almost always be Johnson. It's then much easier to identify you as their father/mother, and vice-versa.
Hierarchical naming and numbering systems are so prevalent because they are so useful. It makes it very easy to control a given block, to determine what a given string really means by its component parts, and to whom it belongs, and even sometimes where they are (.uk). See also: Linux/Unix file system.
--GrouchoMarx
--GrouchoMarx
Card-carrying member of the EFF, FSF, and ACLU. Are you?
You're kidding, right?
.org, and that's where the .com will point you anyway, so, I suggest looking at your URL bar.
Slashdot started as a
--
--
#nohup cat
(from the article) In the much-awaited decision, the Internet Corporation for Assigned Names and Numbers (ICANN) limited the term of VeriSign rights to the .org name to the end of 2002, and the .net name to the start of 2006.
.org, invest at least $200 million in research and development, pay its full share of ICANN expenses, to charge equal fees for registering names and eliminate the one-time $10,000 new registrar and other fees.
And they will only make $XXX million in that time frame. Remember that there's tons of names going every day, and eventually the selection will be extremely limited to anything but the most unique names, so the potential for profit of the future owners would be greatly limited.
Under the new agreements, VeriSign would provide $5 million to the nonprofit group that takes over
And I bet companies like Network Solutions will still be charging $70 per year. Personally, I use gandi.net, which charges about 12 Euros (about $10-11 USD, along with the best ownership agreement) per year, and have yet to find a better deal. The dropping of the $10,000 "new registrar" fee will not bring the prices for end users down any lower than maybe $10, or else how will the registrars turn a worthwhile profit?
--
--
#nohup cat
...why don't those hackers get it over with already and create .sux?
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
> and .net tendered to interested companies, the > ICANN said in a statement.
;)
Well...I wonder..._which_ company _could_ be interested in a ".net" domain name.
Oh...I get it now
For your family example: That's exactly what .name is intended for. (disclaimer: I'm co-founder of the company that was awarded it) You'll be able to register your-firstname.your-lastname.name, and optionally get e-mail forwarding for your-firstname@your-lastname.name. This scheme also has the advantage that if you have a common lastname, and want an address on the format mentioned, you won't block others with the same lastname from also getting that kind of address.
.name will be the only TLD that require that a name that's registered is the name of a person or a fictional character, and not a company or product name etc.
Nope, that won't work. Here's an easy example, from family history, but luckily I have a unique name variant myself.
Let's say that my grandfather is William Jefferson Clinton. Called Bill. And my other grandfather is William Marcus Rodham. And I was named after my grandfather, so I'm William Jefferson Clinton (a totally legal name). Called Will. My other grandpa was called Willy.
My grandfather, the president, registered both bill@clinton.name and william@clinton.name and william.jefferson@clinton.name - since he's famous he gets it (trust me on this one). I try to register my name, on my birth certificate, as william@clinton.name - rejected, cause he has as much (if not more) right to it, since I'm a green party member and I'll send email and cause scandals.
But it's my name!
Flawed, flawed, flawed, flawed. Names are not unique.
Luckily for me, I have a unique hyphenated name myself, and only two people in the world have that name - my son and myself, and he has a different first name.
But if you're Tom Jones, forget it.
--- Will in Seattle - What are you doing to fight the War?
The problem is that some of the ICANN proposals have them charging higher fees and requiring national or international registration for .org - .com was pretty much a done deal, due to the amount of money the corporations spent to have their control enforced.
.org myself, with a national registration. But think about the effect on anarchist organizations, zine publishers, radicals, organizations opposed to their national government. Hint - Afghanistan, Iraq, Israel, and the Palestinian Authority will just refuse to recognize contrary groups.
.net for a family, since one of your relatives snapped up .com since he's a star, and another got .org for his fan club, and the rest of you are frozen out. I didn't choose the name I was born with, and it's way easier to do something like bill@gates.net than it would be to william.zander.michael@gatesinseattle.net - fits on the business cards too.
Not that this affects me, I run a legit
And what if you want to do
--- Will in Seattle - What are you doing to fight the War?
Yeah, take that! It's a good thing verisign is in charge otherwise we might have half-assed companies in place that would grant a certificate to anyone who claimed to be a Microsoft employee...
With all this discussion about the control of top-level domains, I notice it is still based on the monopoly model where one company will "own" a domain. Surely we can do better these days?
Why not a search system based on Google's engine so you can chose whatever arbitrary name you want and serve the IP address back quickly? For example, http://i.want.chocolate. It's just a string to look up. Each top level DNS company has the same database of namesIPaddress mappings. New ones are bulletins that are circulated to all the top-level companies.
The point I'm trying to make here is we've spent so many years building this intricate DNS infrastructure based on nearly 20 year old assumptions about computing hardware and network bandwidth, but has anyone stopped to ask, "Isn't there a better way by now?"
The bitter lessons of a veteran coder: http://bitterprogrammer.blogspot.com
No, the CC TLDs are only owned by ICANN in its imagination. ICANN may own the dot (whatever that is) but if they try to close down country codes they will find the ISPs switching to another root very quickly.
In fact ICANN does not own the dot, the Department of Commerce does, ICANN has temporary control of the dot - for details see Michael Froomkin's icannwatch.org.
This situation is known to the ICANN board which is why it is not going to do anything really stupid. In fact I doubt that the .org proposal is going to go anywhere. Checking for 'non-profit status' would increase the cost of registration significantly.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
If you've registered a domain name recently you know how hard it is to get a good .com name. The scarcity is already and will continue to drive people to alternative tld's. My feeling is that in another 7 years (or less) you won't care at all who controls registration for .com. I would imagine that i would rather be a registrar that controlled access to an appealing alternative TLD. There are many great names left to sell. Verisign will end up selling less and less .com registrations as every possible reasonable one will have been taken.
Competition among registrars and many TLD's will also likely drive the average price of a domain name way down. I wouldn't be surprised if VeriSign's revenues get driven down by this.
Honestly, there are plenty of businesses i'd rather be able to get a crack at than baby sitting some root servers.
Personaly I think we should scrap the whole DNS idea and resort to typing dotted quads instead, or even better IPv6 addresses!
~www.devnull.co.uk