Home / Blogs

A Perspective on Verisign’s Patent Application on Domain Name Transfers

DisclaimerThis view does not represent the views of any of my affiliations nor associations such as the At Large Advisory Committee (ALAC), Asian Australasian Pacific Regional At Large Organization (APRALO) nor the Civil Society Internet Governance Caucus (IGC) nor the Pacific Chapter of the Internet Society (PICISOC) and is solely my view. Prior to publishing this, I had also sent it to the relevant stakeholders to comment and at the time this was published, I had not received a response.

Threats to an Open and Free Internet

As the battle rages over threats to the Internet architecture, a recent publication over the Patent Application for Domain Name Transfers by Verisign is disturbing for those who advocate an open and free Internet. The Application is based on an immediate and direct threat towards an open and free Internet. Just in case people are tempted to think that this was a prank given that they filed it on the 1 April 2011, searches at the United States Patents and Trademark Office
(USPTO) reveals that this is a legitimate application .

Patenting the Internet

It was not all that long ago that the Director General of the World Intellectual Property Gurry had during a Forum suggested that the Internet would have been better off if it was patented .

Possible Grounds for Objection

There are three possible grounds for objections to be raised in this Patent Application:

  1. Existence of prior Art;
  2. Non-functionality of the Invention;
  3. Antithesis to the Affirmation of Commitment between the United States Department of Commerce and the Internet Corporation for Assigned Names and Numbers.

There are also the antitrust and competition issues that unfold were the Patent to be granted to Verisign. At this juncture, it is important to raise that the United States Department of Commerce (USDoC) oversees both the United States Patents and Trademarks Organization (USPTO) and the Internet Corporation for Assigned Names and Numbers (ICANN). As such, the Affirmation of Commitments (AoC) between the USDoC and ICANN is critical in this regard.

See excerpt from the AoC below:

“2. The Internet is a transformative technology that will continue to empower people around the globe, spur innovation, facilitate trade and commerce, and enable the free and unfettered flow of information. One of the elements of the Internet’s success is a highly decentralized network that enables and encourages decision-making at a local level. Notwithstanding this decentralization, global technical coordination of the Internet’s underlying infrastructure—the DNS—is required to ensure interoperability.

3. This document affirms key commitments by DOC and ICANN, including commitments to: (a) ensure that decisions made related to the global technical coordination of the DNS are made in the public interest and are accountable and transparent; (b) preserve the security, stability and resiliency of the DNS; (c) promote competition, consumer trust, and consumer choice in the DNS marketplace; and (d) facilitate international participation in DNS technical coordination.

4. DOC affirms its commitment to a multi-stakeholder, private sector led, bottom-up policy development model for DNS technical coordination that acts for the benefit of global Internet users. A private coordinating process, the outcomes of which reflect the public interest, is best able to flexibly meet the changing needs of the Internet and of Internet users. ICANN and DOC recognize that there is a group of participants that engage in ICANN’s processes to a greater extent than Internet users generally. To ensure that its decisions are in the public interest, and not just the interests of a particular set of stakeholders, ICANN commits to perform and publish analyses of the positive and negative effects of its decisions on the public, including any financial impact on the public, and the positive or negative impact (if any) on the systemic security, stability and resiliency of the DNS.”

It is clear that the Internet being a highly decentralized network, global technical coordination of the DNS to ensure interoperability and to ensure that decisions made in this regard are made in the public interest should be accountable and transparent and are to preserve the security, stability and resiliency of the DNS and promote competition, consumer trust, and consumer choice in the DNS marketplace aside from facilitating international participation in DNS Technical coordination.

ICANN should initiate an Expedited Study and Analysis

It would follow that we can examine Verisign’s Patent Application in light of the AoC. It follows that ICANN should commit to perform and publish analysis of both the positive and negative effects of Verisign’s Patent Application on Domain Name Transfers.

An Antithesis to Competition and Consumer Trust

There have been preliminary analysis and views rendered that give credence to the need for an expedited analysis and report on the matter given the fact that Verisign’s Patent Application was published on October 4, 2012. There are some who feel that were Verisign to be granted the Patent, that Verisign would have the monopoly on signing the Digital Certificates. This would indicate that this would be the antithesis of the principles of competition, consumer trust and consumer choice that are espoused within the AoC.

Prior Art

This Patent Application also appears to be an assault on the Internet Draft on Changing DNS Operators under DNSSEC in the first version was published on March 7, 2011. By extension, this could be viewed as an assault on the IETF’s mechanisms if not solely on the Internet Draft in question. In fairness to Verisign, they had disclosed the Internet Draft to the USPTO during their Application under the Non Patent Literature Documents. The Patent Application was filed with the USPTO on April 1, 2011. There is prior art as shown by the existence of the Internet Draft and subsequent amendments with the latest revision being March 11, 2012.

Another example of prior art is joint initiative by Packet Clearing House (PCH) and ICANN had released in terms of how to and fro the PCH Signer Platform in 2011. The approach that they were taking was one where “share secure signing platform with knowledge transfer that leverages existing operational expertise with ICANN and PCH and where best practice implementation is held to the highest standards where there is no cost and no restrictions: free – as – in – beer and free – as – in – speech.”

Non-Functionality of the Patent Application

Critics of the Patent Application have pointed to the non-functionality of the Application. A comparative analysis of the existing Internet Draft and Verisign’s Patent Application by Alexander Gurvitz points to non-functionality aspects of the invention, see excerpt below:

“The problem with Verisign ‘invention’ is that after we change the NS records (step S1060) and some resolver have an old RRSIG in its cache and the DNSKEY is already expired from the cache, what will happen is that the recursive resolver will query the new authoritative servers for the DNSKEY records and will get the new DNSKEY RRset without the old ZSK (that is the invention). What we end up with is an RRSIG signed with the old DNSKEY, and the new DNSKEY RRset (which have no old DNSKEY—that is the invention). Recursive resolver will not be able to validate the RSSIG, and DNSSEC validation will fail. The domain will not validate and therefore it will not be accessible. The same story repeats itself for a case where only the DNS hosting provider is switched (and not the registrar)—paragraphs [0070]...[0075], adding another mistake at [0075] c. - Verisign suggests to change the nameservers and then immediately “Remove losing hosting provider DS record”. But what if some recursive resolvers have RRSIG and DNSKEY in its cache, while the DS record is already expired ?—The resolver will receive the new DS only and the domain will fail to validate again.”

Upon further discussion with Gurvitz, he suggests that whilst there are issues with the current Application, that there is the possibility that in some cases that these issues would not show up. In fairness to Verisign, their alleged invention could work.

However the deeper issue is not the efficiency of the invention but the impact on governance systems of an open and free Internet.

The Danger of Patenting

The danger of patenting any aspect of the Internet architecture and in this instance Domain Name Transfers is that it opens a precedent for patenting the Internet and would be an immediate threat to an open and free Internet which is necessary to enable innovation and access.

What are the implications on the patenting the Internet Draft?

It is unclear whether precedent has been set in days past on whether individuals and/or companies have taken to filing patent claims at the USPTO on aspects of the Internet Architecture after it is published as an Internet Draft through the IETF. Whilst it is possible that Verisign does not intend to enforce the Patent if by some probability they were to be awarded the Patent but applied for it so that they would not be subjected to lawsuits for domain name transfers, it sends mixed messages to the global community. The issue is about how open and free should the Internet be?

It would be incumbent on ICANN to conduct a study to look into the advantages and disadvantages and the impact on the DNSSEC given the preliminary issues that have already been raised.

Global End Users Must Have Their Say

The USPTO should not grant Verisign this Patent because there is already an Internet Draft that exists in this regard. End Users can have their say through the US Patent and Trademark Office (USPTO) along with the Stack Exchange and Google have designed a mechanism to enable objectors to send their views and comments.

Filed Under

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.




Sponsored byVerisign

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API