Home / Blogs

The Value of Trust in 2007

Dear Fellow Internet users,

On September 15th VeriSign unexpectedly and with no warning started resolving every non-existent domain name ending in .COM or .NET to a pay-per-click search program called SiteFinder. VeriSign estimates that this will make itself over 150 Million dollars per year in typographical errors made everyday by Internet users such as you and I. Some Industry experts predict that this program will actually generate over 1 million dollars a day for VeriSign.

For those of you that don’t know the history of the .COM database; it was started by the Department of Commerce (DOC) under the name Internic. The domain ending with .COM was short for Commerce. The contract to run Internic was awarded to VeriSign (Network Solutions) to operate the .COM zone. In 1999 the US congress appointed ICANN as the governing body of the Internet. Since then ICANN has made deals with VeriSign to allow them to continue operating the .COM database, and granted them rights to do so until 2007. VeriSign is not the owner of the .COM database but merely the database custodian.

VeriSign is not allowed to purchase more then 5000 .COM domain names under the registry agreement. The registry agreement states that a domain is considered registered under the agreement if the registry generates a DNS resource record that is published authoritatively. VeriSign does just that when they generate DNS records for all non-existent domains. They resolve all these all non-existent domains to an actual website for those domains then redirect it back to their own SiteFinder pay-per-placement search program.

VeriSign justifies SiteFinder by calling it a “service” and says it helps users by giving them a friendly search page instead of a non-existent domain message. Some modern Internet browsers such as Internet Explorer see this non-existent error message and instead return their own similar search page. If an Internet Explorer user doesn’t want to see Microsoft’s default search page they could install different plug-ins to handle the DNS error, or the user could choose a different browser. But in either case, the user has an option. Internet users world wide don’t have any choice because VeriSign is the sole authoritative root server which operates the .COM database.

Applications and devices like cell phones, email, search engines, and automated programs handle the error messages differently; it would be naive for VeriSign to think only humans with browsers rely on DNS. When a user enters a non-exist domain name on their cell phone the DNS error message would prevent downloading. Now cell phones download VeriSign’s SiteFinder webpage and Service Providers bill the cell phone user for that extra usage. SPAM prevention programs also rely on this error message to check to see if the domain is real. Automated programs just don’t appreciate SiteFinder in the same way VeriSign intended for Humans to enjoy it. Not that many humans appreciate being monetized for typographical errors.

Makers of DNS software such as BIND have released patches that hack around VeriSign’s program. However, VeriSign can alter their approach and make such patches null and void. If there were an arms race between the Authoritative Root for .COM and software makers, the winners would always be VeriSign.

We as the Internet community should insist ICANN enforce their contract with VeriSign and that VeriSign stop registering all non-existent domain names. US citizens should contact their representatives in Congress and ask their Senators to leverage their influence on ICANN.

With VeriSign making over 1 million dollars a day on this program, they can afford to hire the best attorneys thus prolonging their fight until a judge orders them to comply. VeriSign has said they will not comply without a fight.

I urge you and any of your customers to sign the petition located at http://www.whois.sc/verisign-dns/

A custodian of a World asset should be held to higher standard. It is all about the value of Trust.

By Jay Westerdal, President

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API