Slashdot Mirror

← Back to Stories (view on slashdot.org)

Verisign Recommended to Keep .com & .net

Posted by samzenpus on from the it's-mine-now dept.

An Anonymous SAIC Employee writes "The 'independent' company hired by ICANN to advise them on who should run the .com and .net registry has recommended that Verisign (fact sheet) should be chosen to continue to run the registry. Is it any surprise? Telcordia was owned by SAIC (Fact Sheet) during the time the study was conducted. SAIC bought Telcordia (fact sheet) (then Bellcore) in Nov. 1997 and sold it March 15, 2005. Network Solutions was bought by SAIC in 1995 and sold in 2000. Also, Telcordia worked with Verisign on the ENUM project. Is the fox guarding the hen house?"

20 of 147 comments (clear)

  1. Oh no! by SteelV · · Score: 5, Interesting

    "VeriSign's clumsy, unilateral attempt to hijack the DNS space through its SiteFinder wildcard service (and its goofy FUD-filled management statements since) proves that profiteering decisions can -- and do -- endanger the Internet more than any hacker or computer attack. It also proves once again that the Internet community -- ISPs, developers, engineers, and other experts -- can come together to effectively and quickly counter corporate, not just criminal, attacks on the network infrastructure - and we owe them our thanks."

    http://padawan.info/web/verisign_bad_citizen_of_th e_net.html

    Why don't they get that diversity is a *Good* thing? Switch it up every few years, to keep these guys on their toes and not let them get too comfortable/corrupt.

  2. heh by DiscoOnTheSide · · Score: 5, Funny

    something tells me the guy who wrote that is a champ at "5 Degrees from Kevin Bacon" :P

    --
    Viva La Revolucion! Buy a Mac!
  3. Exactly... by ral315 · · Score: 4, Insightful

    Why would we honestly expect any different? Anyone who actually read into the situation expected VeriSign to get the contract, and it looks as if that's what's going to happen now.

  4. Whats all the fuss about? by FiReaNGeL · · Score: 3, Interesting

    Last time I checked, .com and .net domains costed a whole 10 bucks to register.

    Why all the fuss about who should administer these? Is it doing any difference if it's Big Corporation A or B?

    --
    Eureka Science News - automatically updated
    1. Re:Whats all the fuss about? by Wesley+Felter · · Score: 3, Insightful

      Why all the fuss about who should administer these? Is it doing any difference if it's Big Corporation A or B?

      Yes, because some people would drop the price to $2/year if they were in charge. It's a small difference in absolute dollars, but the relative difference is huge and exposes how much VeriSign is overcharging.

      Also, VeriSign has a bad habit of implementing evil stuff like SiteFinder, although other companies would be likely to try the same thing if they were handed a monopoly.

    2. Re:Whats all the fuss about? by Electroly · · Score: 4, Informative

      Correction: VeriSign directed NXDOMAIN ("domain does not exist") DNS errors to their own search engines.

    3. Re:Whats all the fuss about? by RollingThunder · · Score: 5, Informative

      This is NOT a trivial correction, either.

      The GP makes it sound like it affected only web access. This was certainly not the case.

      As an example, all sorts of DNS based tests around if a sending domain really existed started failing, removing one of the spam-blocker's methods of determining if a message is legit (IE: reject from unknown domains).

      NXDOMAIN is in the spec for a reason, and Verisign hardly even got their hand slapped for breaking it.

  5. Depends on what their contract says by dmoen · · Score: 5, Insightful

    I wouldn't mind this, if Verisign's contract was amended to prohibit domain-typo hijacking, and more generally, to require them to remain compatible and RFC compliant. And I would want those same contract provisions regardless of who runs .com and .net.

    Doug Moen

    --
    I have written a truly remarkable program which this sig is too small to contain.
    1. Re:Depends on what their contract says by toddbu · · Score: 3, Insightful

      Yeah, but the problem here is they serve both as a registrar and keeper of the registry. The only way to get rid of this problem is to split the two functions and prohibit one single company from doing both job functions. Kind of like the U.S. Mint - if you don't know how to make the paper *AND* the ink then you can't print your own money (unless you own a laser printer :-)

      --
      If you don't want crime to pay, let the government run it.
  6. Sitefinder by Uber+Banker · · Score: 5, Insightful

    Isn't hijacking every and any unclaimed URL for company profit while providing no public service in an organisation whose very objective is a public service reason enough?

  7. What am I missing? by The+Amazing+Fish+Boy · · Score: 3, Funny

    Is SAIC the 'independent company'? Who's the fox? What henhouse? I'm not sure who's doing what, here.

  8. Not surprising by Jailbrekr · · Score: 3, Insightful

    Virtually every company in the IT world is connected to each other. Its like a big stupid beowulf cluster of beaurocracy that uses IPX instead of IP for its communciation protocol.

    Welcome to the techo-appalachians, where everyone is related to everyone else in some manner.

    --
    Feed the need: Digitaladdiction.net
  9. So What by pHatidic · · Score: 3, Insightful

    This is just a recommendation. I have full faith that Joi Ito and the rest of the board will make the best decision when the time comes.

  10. Re:Why change? by Desert+Raven · · Score: 4, Insightful

    because we know if someone else takes over, the internet will go down for at least a week

    You mean just like it did when .org was transferred?

    Oh, wait, nevermind....

  11. Simple question: If not them... by dark-br · · Score: 3, Insightful

    who else?

    If there's not another option that is *much* better then the current one why bother? Keep in mind that a change like this could result in a *real* mess.

    1. Re:Simple question: If not them... by Just+Some+Guy · · Score: 4, Insightful
      who else?

      Anyone.

      Keep in mind that a change like this could result in a *real* mess.

      Ahhh, so you've never personally dealt with them. OK, here's the short answer for people who've never experienced that dishonor:

      It would be darn nigh impossible to screw up anything worse than Verisign. They are absolutely, positively the worst "the problem must be on your end" pack of frickin' screwups ever to bungle network management. Network Solutions? Only if the problem is "I have too much money and time - please help me blow it on getting my domain back from the hijacker you gave it to without asking me first". I would give the job to Microsoft before I'd willingly let Verisign have another crack at it, and that's not something I'd say lightly. If they built cars, people would have died in the Verisign Pinto. They're the New Coke of networking, and I'd swear Terry Gilliam had a crystal ball and based "Brazil" around their bureaucracy.

      It. Can't. Get. Worse. This is it. You're looking at it. The lowest common denominator is carrying the treasure. People hate them so much that they built entire alternative DNS hierarchies to fix the theoretical disasters that Verisign somehow managed to drag to life. I'd buy a SCO Linux license before I'd pay Verisign to register another domain.

      --
      Dewey, what part of this looks like authorities should be involved?
  12. As I posted to this same topic on technocrat... by the_rajah · · Score: 3, Insightful

    yesterday.. "Verisign is right up there with MS and Intuit in my list of evil corporations. All the dealings I've had with Verisign / Network Solutions as a registrar have been nothing but a huge hassle. Please get someone who we can trust. I don't use them at all any more. Godaddy is a LOT less expensive and their telephone support is nothing short of wonderful. Disclaimer: I have no financial interest in Godaddy, but I do have some 90 domains happily registered with them.

    "Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain

    --


    "Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain
  13. Why is this still centralized? by MrDomino · · Score: 5, Insightful

    I honestly find it hard to believe that a single entity can maintain control over such a large part of the Internet for so long a time; in the net's early days, a centralized domain registry might have been acceptable, being that it was a small thing and the overhead to implement anything more advanced would've outweighed the benefits. Now, though, with the Internet the size it is, I honestly think that something better needs to be in place: get rid of this central-domain-registry crap. Whoever's in charge of it--Verisign, Microsoft, even Google--is going to profiteer to some extent, simply because that is what companies do.

    If you ask my opinion, a decentralized system would make much more sense here. Store addresses in a Kademlia network or something; allow anybody to register a domain name, and it'll propagate as it's accessed. With a PGP-like trust system implemented, there need not be a central registry anywhere. The only way to prevent abuse of such a large monopoly is to prevent any single entity from controlling it, and the only way to do that is to decentralize the process.

  14. Does it have to be one company? by mi · · Score: 4, Interesting
    It currently works on the hierarchical basis, right? So all .com must be under the same "roof".

    With little effort, the system can be modified to ask a different set of "root" servers based on some simple formula on the domain-name. Like, sum up all letters of the name and % by the number of competitors.

    Then we'll be able to measure the efficiency of each contender -- number of failures, average response time, &c. and compare them.

    Or am I totally wrong? Any DNS gurus here?

    --
    In Soviet Washington the swamp drains you.
  15. I don't get it by Flibberdijibbit · · Score: 5, Interesting

    Why would ICANN, the org that flogged Verisign over the Sitefinder fiasco, hire a company with ties to Verisign? I don't get it. The biggest problem getting anyone to notice is that the vast majority of the Internet population simply saw Sitefinder as a page that came up when a domain was typed in wrong. What most people don't know is that *every* unknown request for a domain was forwarded to Verisign's servers. Most disturbing in my mind (maybe because I'm an email admin) is SMTP connections went through to their servers. And if I remember correct, they accepted the entire conversation. Headers and message body. They then returned a 5xx level NDR back to the sender. They 'say' they weren't collecting data, but come on, at the very least, they had access to know good sender addresses. What corp wouldn't keep track of that goldmine of information??