Slashdot Mirror

← Back to Stories (view on slashdot.org)

Verisign Recommended to Keep .com & .net

Posted by samzenpus on from the it's-mine-now dept.

An Anonymous SAIC Employee writes "The 'independent' company hired by ICANN to advise them on who should run the .com and .net registry has recommended that Verisign (fact sheet) should be chosen to continue to run the registry. Is it any surprise? Telcordia was owned by SAIC (Fact Sheet) during the time the study was conducted. SAIC bought Telcordia (fact sheet) (then Bellcore) in Nov. 1997 and sold it March 15, 2005. Network Solutions was bought by SAIC in 1995 and sold in 2000. Also, Telcordia worked with Verisign on the ENUM project. Is the fox guarding the hen house?"

7 of 147 comments (clear)

  1. Oh no! by SteelV · · Score: 5, Interesting

    "VeriSign's clumsy, unilateral attempt to hijack the DNS space through its SiteFinder wildcard service (and its goofy FUD-filled management statements since) proves that profiteering decisions can -- and do -- endanger the Internet more than any hacker or computer attack. It also proves once again that the Internet community -- ISPs, developers, engineers, and other experts -- can come together to effectively and quickly counter corporate, not just criminal, attacks on the network infrastructure - and we owe them our thanks."

    http://padawan.info/web/verisign_bad_citizen_of_th e_net.html

    Why don't they get that diversity is a *Good* thing? Switch it up every few years, to keep these guys on their toes and not let them get too comfortable/corrupt.

  2. heh by DiscoOnTheSide · · Score: 5, Funny

    something tells me the guy who wrote that is a champ at "5 Degrees from Kevin Bacon" :P

    --
    Viva La Revolucion! Buy a Mac!
  3. Depends on what their contract says by dmoen · · Score: 5, Insightful

    I wouldn't mind this, if Verisign's contract was amended to prohibit domain-typo hijacking, and more generally, to require them to remain compatible and RFC compliant. And I would want those same contract provisions regardless of who runs .com and .net.

    Doug Moen

    --
    I have written a truly remarkable program which this sig is too small to contain.
  4. Sitefinder by Uber+Banker · · Score: 5, Insightful

    Isn't hijacking every and any unclaimed URL for company profit while providing no public service in an organisation whose very objective is a public service reason enough?

  5. Why is this still centralized? by MrDomino · · Score: 5, Insightful

    I honestly find it hard to believe that a single entity can maintain control over such a large part of the Internet for so long a time; in the net's early days, a centralized domain registry might have been acceptable, being that it was a small thing and the overhead to implement anything more advanced would've outweighed the benefits. Now, though, with the Internet the size it is, I honestly think that something better needs to be in place: get rid of this central-domain-registry crap. Whoever's in charge of it--Verisign, Microsoft, even Google--is going to profiteer to some extent, simply because that is what companies do.

    If you ask my opinion, a decentralized system would make much more sense here. Store addresses in a Kademlia network or something; allow anybody to register a domain name, and it'll propagate as it's accessed. With a PGP-like trust system implemented, there need not be a central registry anywhere. The only way to prevent abuse of such a large monopoly is to prevent any single entity from controlling it, and the only way to do that is to decentralize the process.

  6. Re:Whats all the fuss about? by RollingThunder · · Score: 5, Informative

    This is NOT a trivial correction, either.

    The GP makes it sound like it affected only web access. This was certainly not the case.

    As an example, all sorts of DNS based tests around if a sending domain really existed started failing, removing one of the spam-blocker's methods of determining if a message is legit (IE: reject from unknown domains).

    NXDOMAIN is in the spec for a reason, and Verisign hardly even got their hand slapped for breaking it.

  7. I don't get it by Flibberdijibbit · · Score: 5, Interesting

    Why would ICANN, the org that flogged Verisign over the Sitefinder fiasco, hire a company with ties to Verisign? I don't get it. The biggest problem getting anyone to notice is that the vast majority of the Internet population simply saw Sitefinder as a page that came up when a domain was typed in wrong. What most people don't know is that *every* unknown request for a domain was forwarded to Verisign's servers. Most disturbing in my mind (maybe because I'm an email admin) is SMTP connections went through to their servers. And if I remember correct, they accepted the entire conversation. Headers and message body. They then returned a 5xx level NDR back to the sender. They 'say' they weren't collecting data, but come on, at the very least, they had access to know good sender addresses. What corp wouldn't keep track of that goldmine of information??