Slashdot Mirror
Verisign Sues ICANN Over SiteFinder
camusflage writes "Yahoo's running a story about VeriSign suing ICANN for holding up Sitefinder. Choice quote from VeriSign: 'This brazen attempt by ICANN to assume 'regulatory power' over VeriSign's business is a serious abuse of ICANN's technical coordination function.'"
In Corporate America, Verisign sues ICANN!
Nice and misleading explanation right there. We're talking about a 'search engine' that impacts any internet application querying a non-existent domain. Once again, the "THE INTERNET IS ONLY THE WEB" mindset that low-grade tech journalism seems to be stuck in is preventing people from realizing the destructive nature of something as profound as adding a wildcard to major TLDs.
Errmm... Last I checked, regulating internet infrastructure with regards to assigned names and numbers is ICANN's job. Anything less than a "brazen attempt" and they would be failing at enforcing the RFCs and other regulations they've been entrusted to enforce. Since when do Verisign's business interests trump this?
At least they respond to complains with action, instead of stonewalling anyone who disagrees with them, as Verisign so eagerly did when the SiteFinder controversy first broke.
Screw Verisign. I've seen plenty of companies with brazen, my-way-or-the-highway attitudes, but this one is entrusted with managing a major international public resource, and have been caught with their pants down abusing that trust. To whine like this is a sign of just how out of step Verisign really is. Frankly, they deserve to have all authority over the root servers taken away from them before they do more harm in their quest for profits.
That Verisign's site finder is a brazen abuse of their power as a service provider.
It's a cheap ploy to get billions of hits to a VeriSign controlled page.
I have 0 respect for Verisign...they have long established they will discard customer concern for any perceived increase in money.
clifgriffin > blog
ICANN has made numerous unpopular decisions throughout its corporate life. So has VeriSign. This is truly a battle of two evils. Which one is the lesser evil, in your opinion?
i gn.complaint .p1of2.022604.pdf
i nt .p2of2.022604.pdf
In my own personal view, I do hope ICANN emerges from this lawsuit as the "victor". If VeriSign were to win its request for an injunction against ICANN, and on the broader claim that ICANN "unlawfully transformed itself from a technical coordination body to the de-facto Internet regulator," I feel it would have far-reaching implications for all of us. It would effectively muzzle ICANN and give VeriSign free reign to do as it pleases with the Internet -- at least until a legislative change was made, such as making ICANN into a government regulatory agency similar to the FCC. Mind you, that might be a good thing. It might force the Bush administration's conservative laissez-faire approach to Internet governance to get a dramatic overhaul and become more regulatory. Another plus to ICANN becoming a taxpayer-funded government regulatory body, it could keep its acronym and be enshrined into law as the Internet Commission for Assigned Names and Numbers. Or, it could become the Internet Naming and Numbering Agency -- or INNA.
Nonetheless, this will be a bitter battle.
It also has high stakes for VeriSign. If VeriSign is unsuccessful, it will almost certainly ensure that the dot-net gTLD is redelegated to a new operator later this year.
My take,
Doug
P.S. Copies of the complaint:
http://www.politechbot.com/docs/veris
and
http://www.politechbot.com/docs/verisign.compla
Doug Mehus http://doug.mehus.info/
because you are preventing us from being a monopoly! And that is sooooo unfair to us!
We have the big ugly viscous Microsoft-like villains vs. the slothlike, inefficient quasi-government organization...
:-/
My bets are on the lawyers...with 100 to 1 against the people...
...in bed
From the article:
"Working the ICANN process is like being nibbled to death by ducks," said Tom Galvin, VeriSign's vice president for government relations. "It takes forever, it doesn't make sense, and in the end we're still dead in the water."
Yeah. Nibbled to death by ducks. That sounds good.
Mallard Ducks.
Well, we can dream, at least...
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
What most people see is that this is just an extended version of IE's built in search that throws you to MicroSoft's search engine (which sucks), so they don't see the implications for all the REAL internet applications that don't run through a web browser.
"Straddling the sword of technology..."
I think this whole Verisign/ICANN thing, perhaps better than most recent examples of high-profile disputes in the tech industry, illustrates what a fundamental disconnection there is between the computer sophisticates and average, well-educated newspaper readers.
Even in this article, which is reasonably technically sophisticated, Verisign's SiteFinder is almost invariably described in terms which suggest it was just a helpful service for lost souls (people who'd typed a wrong URL) instead of being recognized for what it is, an aggressive land grab and a ridiculous abuse of monopoly power.
It's not like newspapers are in VeriSign's pockets or anything. Why is that so few of them seem to understand how bad what VeriSign did is?
This may be a dumb question....but why do we need Verisign? I know they control some of the root servers, but why them? Couldn't the internet as a whole (if it could somehow come to an agreement), give those root servers to somebody else? The list of root servers is static. If everybody just changed the list all at once, their servers would suddenly become quiet and this would be a non-issue.
Of course, I realize that doing that would not be so straightforward, but such an effort would send a message...to Verisign and to anybody else that would try this kind of crap. Self-healing network, heal thyself!
teeker
Verisign: I can ICANN: U can't
Free XBox, PS2
ICANN: Turn of your Sitefinder, or we'll give .com to someone else. And you'll be left as nothing but a dead registrar...
Verisign: ICAAAAAAAAAAAAAAAAAAAAAANN!
There's absolutely nothing wrong with Verisign putting up their Sitefinder search engine. What ICANN had an issue with is the mismanagement of the DNS entries. If I want sitefinder, I'll go to www.sitefinder.com. If I go to www.stiefinder.com, I want a "host/domain not found" error, not a search engine.
Seriously. Why is Verisign still entrusted with the root servers for any top level domains.
They have abused their position, they are completely untrustworthy, and they are now suing the very body that (I would assume) allowed them to have this power in the first place.
I want Verisign's power of DNS revoked: Now. What is the inherent barrier? Why are they still allowed to intentionally fuck over the globe?
Does no one have the revoking power? Is inertia on their side? What is going on that gives them this power?
A better analogy would be NASDAQ creating default trades for stocks they'd picked when a broker/trader mistyped a stock symbol....instead of just returning a "uhm, you can't type" message.
Verisign is a dinosaur. Time to take them down. They're both incompetent and dishonest.
Unless you plan to back up that claim, it's both...
-- Any statement of the form "X is the one, true Y" is FALSE.
Having said that, I don't think making it a gov't institution would solve anything. There have been many situations where gov't regulation has helped us, but when has the gov't taken over a previously private role and done a better job?
Although the free market can't solve every problem, this seems like a case where elegant legislation might make the difference. Now, Verisign has a monopoly on .com domain registration. But why should they? Shouldn't that position be open for bidding? Or have term limits? If a company only has a short window of time in which it controls domain registration, or if there are repercussions for abusing its power, that company will likely be cautious about enacting drastic infrastructure changes of the type Verisign is implementing.
(By the way, people often use the $ as a derogatory marker for an entity they don't like, such as Micro$oft or the Church of $cientology, so why not Veri$ign as well?)
Si la vida me da palo, yo la voy a soportar Si la vida me da palo, yo la voy a espabilar
> Since when does ICANN have the power to tell a business or person what they can or can't put on their page?
Since it's NOT their page. foobar4575368389.com is NO more verisign's page that it is anyone else's since the domain is not registered.
sitefinder is not the problem. The problem is the default DNS entries which redirect connections to sitefinder.
VeriSign used their access to the DNS they host *on behalf of ICANN*, to gain visibility for their sitefinder crap.
Appart from being highly unfair to search engine competition, and ethically wrong, it also brings lot of technical issues for any protocol (which HTTP is only one of them) used on the Internet.
"We have prepared a response to verisign."
"*ahem* Fuck you."
"You may direct your questions towards the wall behind me."
Mr. Sclavos,
I was dismayed to hear that Verisign has launched a lawsuit against ICANN over the termination of the Sitefinder service.
I realise that I am only one person, but hopefully you will receive sufficient numbers of messages in similar vein that you will reconsider this action. It can have only one outcome, and this will not be good for Verisign or its shareholders.
ICANN is a regulatory body specifically tasked with ensuring that the cooperative standards which embody the Internet are administered for the common good.
Verisign, being in a unique position of trust, introduced a service that rendered the entire domain name mechanism broken.
Although the service provided may possibly have been useful for web users, the Internet is most emphatically not just the web. By ensuring that nonexistent domain name lookups succeeded, Verisign circumvented the error handling provisions of a large number of IP-based software products.
You will have noticed at the time that the immediate response from many ISPs was to immediately place local detection and blocking of Sitefinder, in order to restore correct functionality to these applications in accordance with accepted practice. This caused a considerable amount of effort and cost to the businesses concerned, and is therefore a legitimate target for regulation, and the regulatory body in question was the ICANN.
To attempt to sue a regulatory body for doing its job correctly and effectively is, I am afraid, unlikely to show Verisign in a good light.
Again, I urge you to reconsider this action.
Yours,
Sean Ellis
Software Developer
--------
Sean Ellis
Follow OfQuack's antics on Twitter.
I'm just shocked, I had to read this again because it is truly stunning, I feel like I've fallen into a parallel universe where Verisign has an innate right to the monopoly they've been granted by the organization they're suing. Heaven forbid that the body created to regulate internet domain name serving actually regulates it! This has to be the most spectacular example of biting the hand that feeds you that I've ever seen. They'd have no business interest if ICANN hadn't handed it to them on a silver platter.
Verisign should lose all control & responsibility of any TLDs for this, it's just amazing that they could attempt to undermine internet infrastructure like this and then brazenly turn around and sue the regulators.
They have no shame, it's time to farm TLD administration out to people who are at least slightly rational.
Very often, when anyone tries to access a now non-existant web page, the ISP owning the relevant server will forward you to one of their home pages.
They still return a 404 error, or at least, they're supposed to. Get Mozilla Firefox, download the Live HTTP headers extension, and you can verify this for yourself. Also, this is typically within a domain that does exist - it's just the page doesn't.
Or maybe a web domain speculator will buy up a domain name, and use that to forward you to their search engine. Verisign could argue they're doing something similar.
Ahh, but SiteFinder works even for domains that have NEVER existed. This means that Verisign is squatting on an almost-infinite number of domain combinations, which they haven't paid a cent for. As scummy and dispicable as webspammers are, this is scum and villany on a grand scale. Worse, it's scum and villany at a very low level - it doesn't just break HTTP, it breaks FTP, SMTP, and a host of other DNS-dependent protocols, AND it affects everyone running a DNS server by loading their cache tables with garbage.
This is a classic mismatch. This is basically a fixed administrative contract that they acquired, where they sell names and administer a database. These idiots don't understand this and want to "grow the business". Well they can't do that by abusing the monopoly granted them by fucking with their administrative responsibilities. Just do the damned job, if you have ideas for other businesses fine, but don't dick with the core function that it's your DUTY to administer in the public interest as permitted by congress.
.com domains. That's their mandate, to administer what is basically a public service. They don't seem to understand that congress & everyone else just wants them to perform this fixed funtion and if they dick with it someone else will be found to do it better without the B.S.
They don't seem to understand that they're only supposed to sell and administed a bunch of
I still can't figure out why they're so spectacularly misguided as to think that this service responsibility gives them the unilateral right to screw with the World's internet infrastructure, and sue the only regulatory body in place to stop their shenanigans.
Can't ICANN just "pull the plug" and tell VeriSign to go take a hike while they find someone more competent to take care of the root DNS servers?
Yes, they can. And that's why when ICANN threatened them--back when Sitefinder was first turned on--that Verisign listened. Because, yeah, ICANN controls the root, and all authority flows from the root. (the root servers, that is)
As for your p2p root idea, well... To be blunt, it's a bit naive. First off, where does this p2p network get it's data? Remember, one of the critical ideas behind DNS is that the view is always consistent, there are no conflicting records. As in, www.exmple.com ALWAYS points to the same place, no matter who you ask. There is only one correct answer. (misconfigurations can prevent this, obviously, but that's the design of DNS). So you have to be worried about poisoning, authenticity, you have to trust this network. No current p2p network has my trust.
I give more reasons, but basically, the DNS system is set up right now with 46 root servers (count 'em). These are generally a cluster of professionally managed servers, dedicated to a single, pretty simple task: Serving the 2000-odd records in the root zone, or returning a failure. That's it. Any suggestion of a p2p network, for it to be accepted, would have to show that this proposed ad-hoc network could provide the same performance and reliability that the current system does. Not to mention re-writing all this software that assumes DNS functions in it's current state.
To summarize, sure it SOUNDS like a good plan, but for it to actually be considered, it probably has to have actual technical details. And it wouldn't hurt if it came from someone more qualified than Armchair Internet Architect, such as you or I.
Article 1, Section 1 of the ICANN bylaws:
The mission of The Internet Corporation for Assigned Names and Numbers ("ICANN") is to coordinate, at the overall level, the global Internet's systems of unique identifiers, and in particular to ensure the stable and secure operation of the Internet's unique identifier systems. In particular, ICANN:
1. Coordinates the allocation and assignment of the three sets of unique identifiers for the Internet, which are
a. Domain names (forming a system referred to as "DNS");
b. Internet protocol ("IP") addresses and autonomous system ("AS") numbers; and
c. Protocol port and parameter numbers.
2. Coordinates the operation and evolution of the DNS root name server system.
3. Coordinates policy development reasonably and appropriately related to these technical functions.
From the Memorandum of Understanding with the U.S. Govt. establishing ICANN, Section II (Purpose), Part B (Purpose):
a. Establishment of policy for and direction of the allocation of IP number blocks;
b. Oversight of the operation of the authoritative root server system;
'nuff said.
I will then sue them under the The Anticybersquatting Consumer Protection Act for every possible instance of a domain name that is "confusingly similar" to any trademark I hold. This should work out to several thousand combinations per Mark. (i.e. d0main.com, doma1n.com etc...) Damages are between $1,000 and $100,000 per domain name plus attorney fees. Between myself and anyone else doign this Verisign will be Bankrupt in no time.
Nothing in the DNS RFCs suggests that a compliant DNS server can return arbitrarily chosen answers in response to a DNS question regarding an unknown domain. In fact, doing so clearly violates RFC 1035 section 4.1.1, which specifies that the response code 3 ("name error", also known as NXDOMAIN) should be returned for that case.
How can Verisign personnel seriously claim that there is nothing wrong with SiteFinder?
In my opinion, Verisign already breached their contract to operate the registry when they instituted SiteFinder the first time, and ICANN and the Commerce Department should have started a process to award a new contract to a different registry operator. The wholesale fee of $6/domain/year that Verisign gets is ridiculously large to begin with, which makes it seem even more unprofessional that they deliberately sabotage the registry operation to try to make even more money.
Effectively Verisign has pointed an infinite number of url's at their ip block ... therefore they should owe someone an infinite amount of money for those url's. If I have to pay for mine, then they should have to pay for theirs.
.com and .net - just my $0.02
Since we have just bankrupted Verisign, then a legitamate company can take over their job of controlling the GTLD servers for
- If a customer's Port 80 web application sends Verisign a DNS request for a missing site, and Verisign responds with a pointer to Sitefinder, and the customer's application sends an HTTP:80 request to Sitefinder, and Sitefinder responds with a web search page, it's greedy and not correct, but mostly harmless and sometimes helpful.
- If a customer's Port 443 Secure Web application sends Verisign a DNS request for a missing site, and Verisign responds with a pointer to Sitefinder, and the customer's application sends Sitefinder a request, it's potentially a serious security breach (though not usually, because usually the connection fails before anything important gets sent.)
- If a customer's email application sends Verisign a DNS request for a missing site, and Verisign responds with a pointer to Sitefinder, and Sitefinder's email application rejects the connection, it's broken in ways that are mildly to seriously annoying.
- And if some other application (even HTTP on port!=80) that Sitefinder doesn't support sends Verisign a DNS request, and Verisign responds with a pointer to Sitefinder, that's badly broken.
If Verisign can't tell the difference between the applications which it helps and the applications it breaks, which they can't, they'd better not go breaking things, and if they break them they should be fired.Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Oops, here's the actual link.
Forbes CEO Approval Ratings