Slashdot Mirror
Verisign Sues ICANN Over SiteFinder
camusflage writes "Yahoo's running a story about VeriSign suing ICANN for holding up Sitefinder. Choice quote from VeriSign: 'This brazen attempt by ICANN to assume 'regulatory power' over VeriSign's business is a serious abuse of ICANN's technical coordination function.'"
Nice and misleading explanation right there. We're talking about a 'search engine' that impacts any internet application querying a non-existent domain. Once again, the "THE INTERNET IS ONLY THE WEB" mindset that low-grade tech journalism seems to be stuck in is preventing people from realizing the destructive nature of something as profound as adding a wildcard to major TLDs.
Errmm... Last I checked, regulating internet infrastructure with regards to assigned names and numbers is ICANN's job. Anything less than a "brazen attempt" and they would be failing at enforcing the RFCs and other regulations they've been entrusted to enforce. Since when do Verisign's business interests trump this?
At least they respond to complains with action, instead of stonewalling anyone who disagrees with them, as Verisign so eagerly did when the SiteFinder controversy first broke.
Screw Verisign. I've seen plenty of companies with brazen, my-way-or-the-highway attitudes, but this one is entrusted with managing a major international public resource, and have been caught with their pants down abusing that trust. To whine like this is a sign of just how out of step Verisign really is. Frankly, they deserve to have all authority over the root servers taken away from them before they do more harm in their quest for profits.
We have the big ugly viscous Microsoft-like villains vs. the slothlike, inefficient quasi-government organization...
:-/
My bets are on the lawyers...with 100 to 1 against the people...
...in bed
I think this whole Verisign/ICANN thing, perhaps better than most recent examples of high-profile disputes in the tech industry, illustrates what a fundamental disconnection there is between the computer sophisticates and average, well-educated newspaper readers.
Even in this article, which is reasonably technically sophisticated, Verisign's SiteFinder is almost invariably described in terms which suggest it was just a helpful service for lost souls (people who'd typed a wrong URL) instead of being recognized for what it is, an aggressive land grab and a ridiculous abuse of monopoly power.
It's not like newspapers are in VeriSign's pockets or anything. Why is that so few of them seem to understand how bad what VeriSign did is?
There's absolutely nothing wrong with Verisign putting up their Sitefinder search engine. What ICANN had an issue with is the mismanagement of the DNS entries. If I want sitefinder, I'll go to www.sitefinder.com. If I go to www.stiefinder.com, I want a "host/domain not found" error, not a search engine.
Seriously. Why is Verisign still entrusted with the root servers for any top level domains.
They have abused their position, they are completely untrustworthy, and they are now suing the very body that (I would assume) allowed them to have this power in the first place.
I want Verisign's power of DNS revoked: Now. What is the inherent barrier? Why are they still allowed to intentionally fuck over the globe?
Does no one have the revoking power? Is inertia on their side? What is going on that gives them this power?
A better analogy would be NASDAQ creating default trades for stocks they'd picked when a broker/trader mistyped a stock symbol....instead of just returning a "uhm, you can't type" message.
Verisign is a dinosaur. Time to take them down. They're both incompetent and dishonest.
Unless you plan to back up that claim, it's both...
-- Any statement of the form "X is the one, true Y" is FALSE.
Having said that, I don't think making it a gov't institution would solve anything. There have been many situations where gov't regulation has helped us, but when has the gov't taken over a previously private role and done a better job?
Although the free market can't solve every problem, this seems like a case where elegant legislation might make the difference. Now, Verisign has a monopoly on .com domain registration. But why should they? Shouldn't that position be open for bidding? Or have term limits? If a company only has a short window of time in which it controls domain registration, or if there are repercussions for abusing its power, that company will likely be cautious about enacting drastic infrastructure changes of the type Verisign is implementing.
(By the way, people often use the $ as a derogatory marker for an entity they don't like, such as Micro$oft or the Church of $cientology, so why not Veri$ign as well?)
Si la vida me da palo, yo la voy a soportar Si la vida me da palo, yo la voy a espabilar
Mr. Sclavos,
I was dismayed to hear that Verisign has launched a lawsuit against ICANN over the termination of the Sitefinder service.
I realise that I am only one person, but hopefully you will receive sufficient numbers of messages in similar vein that you will reconsider this action. It can have only one outcome, and this will not be good for Verisign or its shareholders.
ICANN is a regulatory body specifically tasked with ensuring that the cooperative standards which embody the Internet are administered for the common good.
Verisign, being in a unique position of trust, introduced a service that rendered the entire domain name mechanism broken.
Although the service provided may possibly have been useful for web users, the Internet is most emphatically not just the web. By ensuring that nonexistent domain name lookups succeeded, Verisign circumvented the error handling provisions of a large number of IP-based software products.
You will have noticed at the time that the immediate response from many ISPs was to immediately place local detection and blocking of Sitefinder, in order to restore correct functionality to these applications in accordance with accepted practice. This caused a considerable amount of effort and cost to the businesses concerned, and is therefore a legitimate target for regulation, and the regulatory body in question was the ICANN.
To attempt to sue a regulatory body for doing its job correctly and effectively is, I am afraid, unlikely to show Verisign in a good light.
Again, I urge you to reconsider this action.
Yours,
Sean Ellis
Software Developer
--------
Sean Ellis
Follow OfQuack's antics on Twitter.
I'm just shocked, I had to read this again because it is truly stunning, I feel like I've fallen into a parallel universe where Verisign has an innate right to the monopoly they've been granted by the organization they're suing. Heaven forbid that the body created to regulate internet domain name serving actually regulates it! This has to be the most spectacular example of biting the hand that feeds you that I've ever seen. They'd have no business interest if ICANN hadn't handed it to them on a silver platter.
Verisign should lose all control & responsibility of any TLDs for this, it's just amazing that they could attempt to undermine internet infrastructure like this and then brazenly turn around and sue the regulators.
They have no shame, it's time to farm TLD administration out to people who are at least slightly rational.
Very often, when anyone tries to access a now non-existant web page, the ISP owning the relevant server will forward you to one of their home pages.
They still return a 404 error, or at least, they're supposed to. Get Mozilla Firefox, download the Live HTTP headers extension, and you can verify this for yourself. Also, this is typically within a domain that does exist - it's just the page doesn't.
Or maybe a web domain speculator will buy up a domain name, and use that to forward you to their search engine. Verisign could argue they're doing something similar.
Ahh, but SiteFinder works even for domains that have NEVER existed. This means that Verisign is squatting on an almost-infinite number of domain combinations, which they haven't paid a cent for. As scummy and dispicable as webspammers are, this is scum and villany on a grand scale. Worse, it's scum and villany at a very low level - it doesn't just break HTTP, it breaks FTP, SMTP, and a host of other DNS-dependent protocols, AND it affects everyone running a DNS server by loading their cache tables with garbage.
This is a classic mismatch. This is basically a fixed administrative contract that they acquired, where they sell names and administer a database. These idiots don't understand this and want to "grow the business". Well they can't do that by abusing the monopoly granted them by fucking with their administrative responsibilities. Just do the damned job, if you have ideas for other businesses fine, but don't dick with the core function that it's your DUTY to administer in the public interest as permitted by congress.
.com domains. That's their mandate, to administer what is basically a public service. They don't seem to understand that congress & everyone else just wants them to perform this fixed funtion and if they dick with it someone else will be found to do it better without the B.S.
They don't seem to understand that they're only supposed to sell and administed a bunch of
I still can't figure out why they're so spectacularly misguided as to think that this service responsibility gives them the unilateral right to screw with the World's internet infrastructure, and sue the only regulatory body in place to stop their shenanigans.
Article 1, Section 1 of the ICANN bylaws:
The mission of The Internet Corporation for Assigned Names and Numbers ("ICANN") is to coordinate, at the overall level, the global Internet's systems of unique identifiers, and in particular to ensure the stable and secure operation of the Internet's unique identifier systems. In particular, ICANN:
1. Coordinates the allocation and assignment of the three sets of unique identifiers for the Internet, which are
a. Domain names (forming a system referred to as "DNS");
b. Internet protocol ("IP") addresses and autonomous system ("AS") numbers; and
c. Protocol port and parameter numbers.
2. Coordinates the operation and evolution of the DNS root name server system.
3. Coordinates policy development reasonably and appropriately related to these technical functions.
From the Memorandum of Understanding with the U.S. Govt. establishing ICANN, Section II (Purpose), Part B (Purpose):
a. Establishment of policy for and direction of the allocation of IP number blocks;
b. Oversight of the operation of the authoritative root server system;
'nuff said.
I will then sue them under the The Anticybersquatting Consumer Protection Act for every possible instance of a domain name that is "confusingly similar" to any trademark I hold. This should work out to several thousand combinations per Mark. (i.e. d0main.com, doma1n.com etc...) Damages are between $1,000 and $100,000 per domain name plus attorney fees. Between myself and anyone else doign this Verisign will be Bankrupt in no time.
Nothing in the DNS RFCs suggests that a compliant DNS server can return arbitrarily chosen answers in response to a DNS question regarding an unknown domain. In fact, doing so clearly violates RFC 1035 section 4.1.1, which specifies that the response code 3 ("name error", also known as NXDOMAIN) should be returned for that case.
How can Verisign personnel seriously claim that there is nothing wrong with SiteFinder?
In my opinion, Verisign already breached their contract to operate the registry when they instituted SiteFinder the first time, and ICANN and the Commerce Department should have started a process to award a new contract to a different registry operator. The wholesale fee of $6/domain/year that Verisign gets is ridiculously large to begin with, which makes it seem even more unprofessional that they deliberately sabotage the registry operation to try to make even more money.
Effectively Verisign has pointed an infinite number of url's at their ip block ... therefore they should owe someone an infinite amount of money for those url's. If I have to pay for mine, then they should have to pay for theirs.
.com and .net - just my $0.02
Since we have just bankrupted Verisign, then a legitamate company can take over their job of controlling the GTLD servers for
- If a customer's Port 80 web application sends Verisign a DNS request for a missing site, and Verisign responds with a pointer to Sitefinder, and the customer's application sends an HTTP:80 request to Sitefinder, and Sitefinder responds with a web search page, it's greedy and not correct, but mostly harmless and sometimes helpful.
- If a customer's Port 443 Secure Web application sends Verisign a DNS request for a missing site, and Verisign responds with a pointer to Sitefinder, and the customer's application sends Sitefinder a request, it's potentially a serious security breach (though not usually, because usually the connection fails before anything important gets sent.)
- If a customer's email application sends Verisign a DNS request for a missing site, and Verisign responds with a pointer to Sitefinder, and Sitefinder's email application rejects the connection, it's broken in ways that are mildly to seriously annoying.
- And if some other application (even HTTP on port!=80) that Sitefinder doesn't support sends Verisign a DNS request, and Verisign responds with a pointer to Sitefinder, that's badly broken.
If Verisign can't tell the difference between the applications which it helps and the applications it breaks, which they can't, they'd better not go breaking things, and if they break them they should be fired.Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks