After attending the afternoon ICANN Security & Stability Committee meeting, I realized that the issues involved fall into several related but independent dimensions. Shy person that I am *Cough*, I have opinions in all, but I think it's worthwhile simply to be able to explain the Big Picture to media and other folks that aren't immersed in our field. In these notes, I'm trying to maintain neutrality about the issues. I do have strong opinions about most, but I'll post those separately, often dealing with one issue at a time. more
After roughly 19 days of its introduction, VeriSign's Site Finder service was finally shutdown on October 4, 2003 following a "Formal Deadline" issued by ICANN (previously reported here). With the plug pulled, the Internet appears to be returning to its regular status ending a historic event that can be best described as a 'Hurricane' -- a Cyber-Hurricane. What follows is a collection of commentaries and questions raised around the Net in response to this event during and after the final hours of VeriSign's deadline... more
ICANN today has made a formal demand stating: "Given the magnitude of the issues that have been raised, and their potential impact on the security and stability of the Internet, the DNS and the .com and .net top level domains, VeriSign must suspend the changes to the .com and .net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4 October 2003. Failure to comply with this demand by that time will leave ICANN with no choice but to seek promptly to enforce VeriSign's contractual obligations." What follows is a collection of commentaries made around the net and by experts in response to today's announcement...
more
I have been thinking a lot about stewardship lately in my role as CEO of Tucows and how that relates to employees, a board of directors and investors. Where I've got to, which is not necessarily relevant for this post, is that stewardship needs to exist at EVERY level of a company and a life. With the recent dustup created by Verisign's new Sitefinder service it has crystallized for me what has always bothered me about the .com/.net registry and the way Verisign has approached it.
more
We Internet users, who either own domain names or have an interest in the domain name system, wish to object to the VeriSign's Site Finder system. We believe that the system: 1) Breaks technical standards, by rewriting the expected error codes to instead point to VeriSign's pay-per-click web directory, and threatens the security and stability of the Internet; 2) Breaks technical standards affecting email services, and other Internet systems... more
The ICANN At-Large Advisory Committee would like to bring to ICANN's attention concerns about VeriSign's surprising roll-out of the "SiteFinder" service for .com and .net. This practice raises grave technical concerns, as it de facto removes error diagnostics from the DNS protocol, and replaces them by an error handling method that is tailored for HTTP, which is just one of the many Internet protocols that make use of the DNS.
more
Applications and devices like cell phones, email, search engines, and automated programs handle the error messages differently; it would be naive for VeriSign to think only humans with browsers rely on DNS. When a user enters a non-exist domain name on their cell phone the DNS error message would prevent downloading. Now cell phones download VeriSign's SiteFinder webpage and Service Providers bill the cell phone user for that extra usage. SPAM prevention programs also rely on this error message to check to see if the domain is real. more
The Internet Corporation for Assigned Names and Numbers (ICANN) and the United States Department of Commerce (DoC) today announced that they agreed to extend their joint Memorandum of Understanding (MoU) for three additional years until September 30, 2006. more
The Internet, ultimately, is a fragile thing, as an entity. It depends upon the consensus of those responsible for its infrastructure to operate on a daily basis. Because of the inherent robustness as a technical architecture, there is no entity that can "break the Internet" in the sense of stopping the flow of traffic, but there are several entities that can create a variety of inconveniences, some minor and some serious, for the millions who use the Internet. more
Public Interest Registry, the .ORG registry operator, sent a letter today to ICANN President and CEO Paul Twomey concerning VeriSign's implementation of a DNS wildcard redirection service commonly known as SiteFinder. The letter says that it supports ICANN's call for VeriSign to voluntarily suspend SiteFinder and the Internet Architecture Board (IAB) preliminary position paper. It goes on to say that PIR will not be implementing any DNS wildcard to the .ORG zone... more
The Internet Corporation for Assigned Names and Numbers (ICANN) has released an "Advisory" concerning VeriSign's deployment of DNS wildcard (Site Finder) service: "Since the deployment, ICANN has been monitoring community reaction, including analysis of the technical effects of the wildcard, and is carefully reviewing the terms of the .com and .net Registry Agreements. In response to widespread expressions of concern from the Internet community about the effects of the introduction of the wildcard..." more
On September 3, 2003, United States federal law enforcement officers arrested the notorious John Zuccarini accused of allegedly creating misleading domain names to deceive children and direct them to pornographic websites. Zuccarini's arrest is the first to be made under the Truth in Domain Names Act, which took effect earlier this year prohibiting people from creating misleading domain names as a means to deceive children into viewing content that's harmful to minors, or tricking adults into clicking on obscene websites. What follows is a collection of commentaries made by experts in response to this event...
more
A harmful, highly unilateral and capricious action. Tons of software out there depended on the ability to tell the difference between a domain name which exists and does not. They use that to give a meaningful, locally defined error to the user, or to identify if an E-mail address will work or not before sending the mail. Many used it as a way to tag spam (which came from domains that did not exist). It is the local software that best knows how to deal with the error. more
Professionals can extend their online identities and direct traffic using .pro - the last of seven new top-level domain names approved by the International Corporation for Assigned Names and Numbers (ICANN). Individuals and entities in the accounting, legal and medical professions became eligible to apply to defensively register as of April 23, 2003. In July, .pro domain names will go live. more
The purpose of the Uniform Dispute Resolution Policy, known as the UDRP (hereafter the Policy), is to determine disputes relating to the registration or acquisition of domain names in bad faith. Under the Policy, the complainant must establish that (i) the disputed domain name is identical with or confusingly similar to a trademark or service mark in which the complainant has rights; (ii) the domain name registrant has no right or legitimate interest in respect of the domain name; and (iii) the domain name was registered and is being used in bad faith.
Whilst requirements (i) and (ii), at first glance, do not appear difficult to meet, it is not the same with requirement (iii). In fact, a serious problem arises for the complainant when a registrant has registered domain names in bulk, but has not used them i.e. they have not been resolved to any active website. more