Slashdot Mirror
3rd Lawsuit Against VeriSign Seeks Class Action
dmehus writes "A third lawsuit has been filed late Friday in a federal district court in California against VeriSign, Inc. over its controversial DNS wildcard redirection service known as SiteFinder. According to the article, it was filed by longtime Internet litigator Ira Rothken. In addition, while two other lawsuits have been filed by Go Daddy Software, Inc. and Popular Enterprises, LLC. in Arizona and Florida, this is the first lawsuit to seek class-action status."
Can one get in trouble for launching a DOS attack on an unassigned web address? Do they all by default belong to Veri$ign (OK, I couldn't resist porting the obligitory $, generally reserved for M$), or are they fair game to hit with reckless abandon?
The big difference as I see it can be broken down to 2 big points:
1. Verisign is NOT the only company through which you can register a com or net domain. Many of these other smaller domains (small islands in the south Pacific, .museum, etc) usually have one government sanctioned registrar. Leading to the registration site in those cases is in many cases helpful. Although there are no links to their registration forms, what's to stop them from doing that later?
2. Verisign is running a search engine on SiteFinder, which they control. I don't believe they do it now, but they could very easily commercialize this search engine: ads, charging for high results in the search.
3. com and net are much larger than other obscure domains that have already done this. Just because other TLDs have done it does not make it right! There are apparently some standards laid down by ICANN that have been broken by doing this.
Bottom line though: just because they manage the TLDs, does not give them the right to break things for their own commercial gain.
IANAL of course and most of you probably aren't either, but if you really detest VeriSign then don't just rant about it on Slashdot, join the lawsuit. It doesn't take much of your time, is a learning experience, will make a real difference by strengthening the case against VeriSign, and there's a slight cance it will actually net you some cash.
The catch, of course, is that you have to fit the description of the proposed class, and this story is short on details regarding what that proposed class is. I can only speculate that it would be anyone who has typed a URL lately and ended up at SiteFinder when they expected to find something else.
Register.com simply put up a test patern page by default when somebody registered a domain but failed to come up with with valid nameservers. That was annoying to those who paid for domains they weren't using, but then again its also their fault for not having one of the reqirements it takes to operate a domain.
.net and .com that hasn't been registered, which is something only VeriSign could possibly do.
.com or .net query is supposed to return "NXDOMAIN", an indication that the domain doesn't exist and therefore the request is no good. That was an error that used to be handled by the user's software, now Verisign has overtaken that.
This is different because Verisign isn't limiting their actions to domains registered through them. In fact, SiteFinder replaces every domain in
Basically, SiteFinder's IP address is being returned any time a
This breaks any application that depended on "NXDOMAIN" accurately being reported. One key application was an important spam defense... if the domain in the from field returns an "NXDOMAIN" when somebody tries to look it up, trash the message because the from line must be bogus. Now, nothing returns "NXDOMAIN" when queried, so that test always returns a negative.
ICANN hired VeriSign to run the DNS system according to the protocols. This is something that's not in the protocols, and VeriSign is just doing with a "You can't stop us!" attitude. ICANN nicely asked VeriSign to suspend the service, and got a defensive reply. It's time for either ICANN to fire VeriSign, or for the US Dept. of Commerce to fire ICANN...