VeriSign Responds To ICANN's SiteFinder Advisory

dmehus writes "VeriSign's Naming and Directory Services division has written to ICANN President and CEO Paul Twomey regarding the recent advisory concerning VeriSign's DNS wildcard redirection service. In the letter, VeriSign's Rusty Lewis says that they are open to independent and objective technical concerns expressed by various Internet bodies; they have formed their own "independent" panel of industry leading experts to produce its own, separate report; and they will not voluntarily suspend SiteFinder. It's a very terse response, and frankly, I'd have expected more from them. Slashdot readers are encouraged to visit ICANNWatch for in-depth, expert discussion on this and other issues."

This is the last straw

[ikewillis]

I think it's time for ICANN to look for someone else to run the NET and COM TLDs. Not only are they unwilling to suspend SiteFinder after an enormous public outcry and a direct request from ICANN, but they didn't even bother telling anyone they were going to do this in the first place ahead of time. This is absolutely terrible, and I hope ICANN finds someone else to manage these TLDs

Perhaps the biggest concern...

[ikewillis]

of SiteFinder is the fact that non-English speakers no longer receive an error message in their own language, but are confounded with some bizarre English language site which certainly wasn't where they were trying to get to.

Re:The real danger in Verisign's practices

[ADRA]

ICANN can revoke their authorization last I heard. They are pretty much push-overs for corporations so I don't see any top down remedies to this blatent miss-representation of their powers.

On second thought, here is my idea: Have Verisign pay ICANN for every bogus returned DNS request, since technically Verisign has registered billions of domains, I'd say that ICANN is entitled to a mightly large chunk of Verisign revenues. More than the service is worth? One can only hope.

Re:Check out the TOS

[gregmac]

Check out point 14. If you spell a domain incorrectly, your accept the terms:
14. AGREEMENT TO BE BOUND.
By using the service(s) provided by VeriSign under these Terms of Use, you acknowledge that you have read and agree to be bound by all terms and conditions here in and documents incorporated by reference.

IANAL, but is there any legal precidence about this type of licence? Isn't this the same sort of thing as having to open a sealed box to be able to read the licence, which then states that by unsealing the box you've agreed to the licence?

I have a feeling that their licence would totally fall over in court - since there is no consent - which means that nothing in the licence would be enforcable, and despite what section 12 says (they're not liable for damages/whatever resulting from their 'service'), you could probably do something like.. sue them for any spam (provided your jurisdiction has laws against spam) that got past your spam filters because it failed the valid domain name check.

Re:Check out the TOS

[delta407]

Is there anyway I can turn this service off? I disagree with the terms.

I've been discussing this with Verisign for a week now, and Verisign legal is supposed to get back to me on that exact question.

From the Terms of Service:

10. Sole Remedy.
YOUR USE OF THE VERISIGN SERVICES IS AT YOUR OWN RISK. IF YOU ARE DISSATISFIED ... YOUR SOLE REMEDY IS TO DISCONTINUE USE OF THE VERISIGN SERVICES OR OUR SITE.

My question to Verisign was "I'm dissatisfied. What does 'to discontinue use of the Verisign services' mean? I can move many domains to other TLDs, pull the Verisign root certificates from a few hundred workstations, cancel a PayFlow account that handles a few hundred thousand dollars per month, and have my clients cancel several thousand dollars worth of SSL certificates. Is that what you want me to do?"

Again, no response as yet. :-)