Verisign To Sell DNS Root Server Lookup Data?

An anonymous reader writes "According to an editorial at Domain Name News, Verisign is considering selling partial access to DNS root server lookup data. The data would be made available to registrars, who in turn could use it for 'traffic-tasting' non-existent domains entered by any internet user. This would give them a better idea about what bogus domains to put up sites on to capture eyeballs." Haven't seen this story elsewhere and it's based on an anonymous source; YMMV.

I'm rather doubtful about how useful that would be

[xSquaredAdmin]

Most residential and business users will be behind a local DNS server, which probably caches the nameservers for individual TLDs. Since those NS entries on the root servers generally have a 48-hour cache time (and many ISPs DNS servers are probably (mis)configured to hold the data for longer), it doesn't seem like many requests would actually be getting through to Verizon's root servers, especially not enough to make a service like this viable.

This seems odd

[Anon-Admin]

I remember when registration of domains was free, all you had to do was figure out how to fill out the paperwork.

So they sell the data, new domains are registered, and the sites that go up on these domains will be loaded with pop-ups, pop-unders, pop-offs, and pop-up-ur-as* windows.

Sounds like enabling spam to me!

I bet they've been doing this for years

[sqrammi]

I personally am very against something like this. I've heard of several people just typing a domain name into Internet Explorer, seeing that it didn't exist, and then moments later trying to register the domain only to find that it was just barely registered by some registrar. Of course in these cases, Microsoft or possibly some spyware company was the culprit, but I'd hate for this information to be more quickly and widely available. I can't see how anyone would be OK with this.

Fun with typosquatters

[base3]

$ dig a.com
$ dig b.com
. . .
$ dig aaaaaaaaa.com
$ dig aaaaaaaab.com
. . .
$ dig zzzzzzzzz.com

Re:Fun with typosquatters

[zappepcs]

This is in fact the correct way to change this situation. When the squatters have to work hard to figure out whether to squat or not...
1 - A few lines of script
2 - p2p dispersal
3 - happiness all around

It should only take about a week before the squatting cycle got so out of hand that domain registration becomes impossible...

ok, script is done... ready?

3... 2.... 1...

Re:I'm rather doubtful about how useful that would

[jours]

> it doesn't seem like many requests would actually be getting through

When the caching server misses on a request, it forwards the request upstream...ultimately ending up at one of the root servers.

Re:Verisign

[Chyeld]

I'm guessing you don't know much of the history of Network Solutions/Verisign if you can phrase the question using the word "anymore".

Squatspecting Abounds

[HTH+NE1]

Great. Not only are whois queries bugged by domain prospectors, a.k.a. squatspecting (don't check for the availability of a domain unless you intend to buy it immediately, because someone else is watching and will do so instead), but now just trying them in your browser will tip off others who will buy your ideas for domains out from under you.

Now after you try a URL in your browser and get an error saying the domain doesn't exist, you can just wait one minute and try again and someone will have it up and ready to serve you porn.

This is "Do More Evil".

This is done already

[hansamurai]

This is basically done already. Squatters can buy a domain, and due to the rules that ICANN setup (I think it's ICANN), they can return the domain for free within something like five days. During those five days, they put up a squatting page and keep track of all the hits their site gets, if it gets X number of hits, they keep the domain, otherwise they drop it. All for free.

I recently did a search for a domain on GoDaddy, the domain was available. Three days later when I went to buy it, it was not available and had been recently bought by a squatter or reseller or something. This is a whole different problem altogether and another flaw in the system. Anyways, I made it a point not to go to that site to make sure I didn't give them any hits that would encourage them to keep it.

Either way, I just bought another available domain and use that. Can't be too picky these days.

Re:Mod parent up ^2

[Kalriath]

Doesn't matter. Verisign is the authority for .com and .net, any request for domains ending in one of those suffixes needs to be queried against Verisign at some point.

Re:Remove ability to "taste" domains?

[trolltalk.com]

It was probably this one:

Domain Name: BANKOFARNERICA.COM
Registrar: MONIKER ONLINE SERVICES, INC.
Whois Server: whois.moniker.com
Referral URL: http://www.moniker.com/whois.html
Name Server: PNS1.TRELLIAN.COM
Name Server: PNS2.TRELLIAN.COM
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 06-sep-2007
Creation Date: 06-sep-2007
Expiration Date: 06-sep-2008

Putting the lower-case 'r' and 'n' side by side looks just like an m.

http://bankofarnerica.com/ A-R-N-erica == evil phishing site!
http://bankofamerica.com/ A-M-erica == real bank site.

mouse over them both, and see how easy it is to misread the url in the status bar.