Slashdot Mirror
3rd Lawsuit Against VeriSign Seeks Class Action
dmehus writes "A third lawsuit has been filed late Friday in a federal district court in California against VeriSign, Inc. over its controversial DNS wildcard redirection service known as SiteFinder. According to the article, it was filed by longtime Internet litigator Ira Rothken. In addition, while two other lawsuits have been filed by Go Daddy Software, Inc. and Popular Enterprises, LLC. in Arizona and Florida, this is the first lawsuit to seek class-action status."
will be happy to see VeriSign blasted on this one. This is one of the stupidest ideas I've ever seen, and is a pain in the ass. I also wouldn't mind seeing someone else have control over the TLDs VeriSign currently controls.
Register.com might be the next one to file suit, given their strongly-worded letter which was sent to VeriSign and ICANN.
The Stop Verisign DNS Abuse Petition is still going strong, with 15,000 signatures. ICANN still hasn't had the sense to post it on their website, though. They have a public forum at the very bottom of the page here at least, with 64 comments (many from the petition site, as we're giving folks the option to forward those along to ICANN too).
I'm not happy with sitefinder, but I have seen some referrals from misspelled names to our main site. Not a lot, but enough to get noticed. What I also notice is that several domain names that I previously owned, but not owned by anyone at the moment, are all coming up as a sitefinder page. I just wonder if they are doing this to all expired, previously registered domain names. And for the record, the domain names were originally registered on Network Solutions/Verisign.
Pete Carr Owner Chatmag.com
Yes, the difference between what verisign has started doing and what the domain name purveyors do is this: instead of just redirecting purchased domain names which have yet to be "pointed to" an IP#, they are redirecting any request for any domain name, in realtime that isn't already registered by use of a wildcard redirect, and furthermore, they are tracking the number of occurrances and origin of these requests with Overture web-bugs. This is a major privacy concern in addition to taking advantage of anyone who places trust in the the domain name architecture to look for a destination site.
http://tinyurl.com/4ny52
Data mining! They set up a fake SMTP server that dosn't drop the connection until AFTER they have the 'FROM' address. There partners in this sitefinder are overture, how is this FUD?
Second, and far more important, you forget that DNS is used for more than just web browsing. As someone pointed out above, what about protocols that do not support that search page? How do you present a search page to IRC users? Sure, you could just redirect them, but then you'd have all sorts of mistaken redirections. It would suck.
Far better to leave it to the surfer's choice. As is, many browsers redirect to a search page if the host-name lookup fails. Thats the best method; it avoids issues with other protocols, with DNS caching of false replacements, or any of the other issues, while giving the surfer's browser full control over how to implement it, what search engine to use, etc. There is no real loss by leaving it to the browser, but many gains. Think. Then speak.
Mensa member, eh? Beware of arrogance and stupidity.
Well, blast away . . .
ICANN is accepting comments on Sitefinder. This page also has links to various official letters they've received.
Also, Lauren Weinstein 's People for Internet Responsibility is looking for data on the effects of sitefinder<sig>Guvf vf abg n frperg zrffntr
Second, VeriSign is handling the .com/.net domain on good faith really. No one has the power to remove them from handling these domains. There is no true law up to this point on who owns them and what guidelines they HAVE to follow. Even the RFC's don't contain any insight on how something like this should be handeled. .com and .net are really properties of the US Dept. of Commerce. DoC has a contract with ICANN to provide this service, and ICANN has a contract that makes VeriSign the authoritative servers for .com and .net. VeriSign once upon a time had control of .edu, but they lost that. The same thing can happen to .com and .net if they act too stupid.
As Paul Vixie said, the major problem here is one of broken expectations. The .com and .net domains have behaved in the non-wildcard manner since day dot. There is a reasonable expectation that a DNS query on a non-existent .com or .net domain will return a "no such domain" response. VeriSign unilaterally broke this without warning. I believe that ".museum" has implemented the wildcard since day dot, so there are no broken expectations there. As the IAB said, it's reasonable to implement wildcards with the informed consent of everyone who is delegated a name in that zone (but it's still a bad idea, technically, for various reasons).
proof, n. A demonstration that a conclusion is implied by certain premises and axioms.
Do we really want the gov (at any level) to start getting their hands in this? Do we want another self appointed body saying what can and cannot go?
.com and .net under a contract with the U.S. Department of Commerce. Similarly, ICANN is *not* self-appointed; it was appointed by the U.S. Department of Commerce. The government is already in this up to its elbows.
VeriSign runs
Who set up the contract with Verisign? The "gov" did. Who kept the contract with Verisign? ICANN, but who set up ICANN? The Department of Commerce -- the "gov".
Do I want to see the government directly administrate this? No. Do I want a for profit company to be granted the monopoly that Verisign has? HELL, no. I think the second option is actually worse in the long run.
Personally I think that a non-profit organization should be doing what Verisign has been doing. It's a monopoly position and as such can't be trusted to a "for profit" entity (IMHO for whatever it's worth). There's no danger of them being beaten by "competition" so there's no incentive for them to do a good job and follow the rules. If they screw everyone else over, "so what? It's our playground."
But to question whether we want the government "involved" seems a little naive. The government has always been involved, is still involved, and frankly will probably always need to be involved.
The government was heavily involved up until well after the Internet went into wide use. The the Clinton folks decided to try to turn it into just a cash cow. Unlike some people, I tend to like a great deal of what the two Clinton administrations accomplished... but this whole business of trying to turn the Internet into nothing but a commercial space was foolish. The Internet isn't a street market.
Then again, I suppose the government had a lot of help from all the profiteers until the bust.
The Internet is a community. Every community has a place and need for businesses. Every community also has a place and need for government.
Business' interest is in making profit. It isn't interested in handling bad actors. The market will to some extent correct for bad actors but will also encourage bad actors to some extent. Just look at the business headlines of the past couple of years.
And in some cases bad actors pop up who the market could care less about because their actions don't involve money. Government is the third party that has the job of stepping in and controlling the bad actors (in or out of business) and imposing ethics on business.
This particular situation with Verisign involves a monopoly. Sometimes a monopoly is unavoidable. Like with power companies, this is one of those situations. Also, like with power companies, there's a necessity for a governing body that is NOT (at least not entirely) made up of commercial interests.
ICANN should be filling that role but it's track record is abysmal and it's causing all of us to reap what they've sown.
When you've got a monopoly resource you can either have government manage it, a business handle it, or a non-governmental non-profit organization handle it. It can certainly be argued that government isn't always the best way to go. Alternately, giving a business a monopoly removes the only check on bad behavior -- competition. If there's no competition, sooner or later government will have to step in and either reign in the business or take over because the business will abuse the privilege of it's position.
How soon it happens depends on the ethics of those initially in charge, but sooner or later there'll either be overt abuse of power or simply really shitty customer service and bad management of the resource. There's no incentive to avoid it.
Unfortunately, to some extent, no matter who "manages" the monopoly community resource, there's going to have to be a level of governmental oversight, or there will be Verisigns all over the place saying, "You don't like it? Then don't use our service. Oh, you can't avoid our service if you use the Internet? Well, there's your answer, bub."
Quoth he
"It's all academic anyway..."