An Open Letter of corrections to Mark McLaughlin's Innovation and the Internet

While I realize that your Perspectives area is a place where various people
are allowed to submit editorials, your publication of this particular
very skewed piece without checking some of the stated facts within it
does not meet CNet's usual standard of journalism.

In addition to Mr. McLaughlin's errors or omissions of fact, he makes a number
of misleading statements and outright incorrect implications. As such, I
will simply address the article paragraph by paragraph, beginning with the
bold paragraph being considered paragraph 1.

Paragraph 1:
  It's not about whether innovation should be encouraged. I think if
  you were to survey the opponents of Verisign's maneuver, you would
  find that each and every one of them would say they are in strong
  support of innovation on the internet. What Verisign did was not
  innovation. It was a move to line their pockets with significant
  additional revenue while simultaneously abusing their monopoly
  position in control of a resource contracted to them to manage
  in the public trust. They do not OWN the domains that they modified,
  instead, they are entrusted with the management of said domains
  (namely .NET and .COM). None of Verisigns competitors is in a
  position to place wildcard records in these zones, so, Verisign also
  was abusing it's position of public trust to gain unfair advantage
  over competitors.

Paragraph 2:
  The error page simply indicates that they URL they typed involved
  the name of a host which did not exist. Verisign ignored the fact
  that DNS does not only effect web services. While it is true that
  some may say that this is an improvement for web browsers, it creates
  significant problems for other applications. More on this below.

Paragraph 3:
  Site finder is not about improving the user experience. If it were,
  Verisign would have solicited public input prior to inflicting this
  change on a critical are of internet infrastructure. Verisign is
  now launching this PR campaign to try and make ICANN look like the
  bad guys for finally saying no to Verisign's repeated abuses of their
  position. Site finder is about profits for Verisign. In fact,
  substantial profits on the order of Millions of dollars per day.
  This is why they were so reluctant to take it down in spite of a
  polite request from ICANN. ICANN had to point out that Verisign
  was in violation of several clauses of their contract and threaten
  them with legal action to get them to comply.

Paragraph 4:
  Similar services were tested in a manner which did not break existing
  infrastructure for non-web oriented applications which were well known
  on the internet. Verisign didn't do any testing, they simply unleashed
  this on the two most popular top level domains without review, notice,
  or even a heads up to the operational community. In fact, the first
  notification to the NANOG (North American Network Operators Group)
  mailing list by Verisign came several hours after the debate had
  already started. Verisign's site finder service didn't trigger debate
  because they hadn't been tried for .com and .net, it triggered debate
  because it disrupted services, constituted a change which was not
  subjected to appropriate public review beforehand, and, represented
  a cavalier and mistaken attitude by Verisign that these top level
  domains were theirs to manage however they saw fit. These domains
  have a long history on the internet, and, they have always been
  considered a public-trust type of resource. The contract to Verisign
  to manage these domains clearly calls for Verisign to manage them
  in the public interest. This was Verisign managing the domain in
  their own interest, the public be damned.

  While it is true that during the three weeks it took to get Verisign
  to fix their abomination, DNS continued to function for most visible
  levels, the internet continued to route packets, and, most things
  functioned as before, that does not mean that their change did not
  break things. As an example, prior to Verisign's change, if I sent
  an email to intending to send it to,
  I would get an answer back immediately saying "" does not
  exist. After Verisign's change, their mail rejector would either
  simply drop my mail in a black hole, or, when it was too busy,
  fail to respond for long periods of time. Either way, since I don't
  get an error message, I don't know that my mail didn't get through.
  Another problem comes from anti-spam utilities which depend on
  being able to determine if a domain name being used in mail exists
  or not. Verisign rendered it virtually impossible, because, under
  their proposed system, all domains exist in DNS. They essentially
  eliminated a vital and useful error message from the internet, instead
  choosing to make everyone use their error handler. Without going
  through the IETF and RFC processes, this is an unacceptable move
  on their part. Of course, IETF would never approve such an action
  and Verisign knows it. Further, if a domain expired or was accidentally
  removed, most software is designed to deal with NXDOMAIN responses
  (the error code returned prior to Verisign's actions) in a manner
  that allows this to be resolved without serious consequences.
  With Verisign's change, however, it becomes fatal. Imagine if you
  are looking for CNET.COM, but, due to a clerical error, CNET.COM
  has been removed from the DNS. Now, instead of getting an error
  saying that the site could not be located, you get Verisign.
  All your mail for CNET.COM, instead of getting queued and waiting
  for it to reappear for several days now instantly disappears into
  a black hole. I would think, if you were CNET.COM, in this case,
  you would be upset.

Paragraph 5:
  ICANN bought into the claims that very specific things were broken
  by Verisign's actions. Those claims are true. The effort of Verisign
  to deceive the public into believing that this is not true and that
  ICANN caved under pressure from zealots and purists is a grossly
  inaccurate characterization of what happened. The pressure came from
  the operational community, the research community, and, end users.
  Sure, for some, technical purity and religion may be an issue. For
  most, we were far more upset that real applications in real use for
  real economic purposes were being interrupted or hampered by this
  unannounced, unprecedented, and, unacceptable change.

Paragraph 6:
  This vocal minority is the MAJORITY of the people actually keeping
  bits flowing on the internet. It is, admittedly, not the majority
  of users of the internet, but, it does represent the majority of
  internet service providers. It represents the connectivity of
  the majority of users on the internet. Most end users don't even
  know what DNS is, let alone what happens when it is changed.
  It's not about resentment of use for commercial purpose. I'm sure
  there are people out there that think the internet shouldn't be
  used for commercial purposes. The majority of the outcry, however,
  came from people trying to make a living out of keeping the internet
  running for commercial purposes. Mr. McLaghlin and Verisign seem,
  instead, to have ignored the fact that there's more to the ineternet
  that matters to our economy than just Web Browsing.

Paragraph 7:
  They can disagree with purists all they want. The problem is that
  here they are disagreeing with the actual operators of the internet
  who are not trying to hold the internet back, but, keep it functioning.

Paragraph 8:
  Throughout that history, the debate has been held in public and
  actions and changes to standards on the internet have been based
  on a combination of rough consensus and running code through a
  public process known as the IETF (Internet Engineering Task Force).
  Verisign did not subject these changes to any form of review
  outside of Verisign. There was no community input or review.
  If there had been, the community would have rejected this before
  it started, because it had real operational impact, and, because
  it had Verisign abusing public trust to line their pockets.
  Fierce debate is good. Verisign tried to avoid debate all together
  by launching this without the required reviews beforehand. Verisign
  has a long history of doing this.

Paragraph 9:
  This is the one paragraph with significant truth in it. The
  result of this debate will have far reaching implications for
  the future of the internet. Do we send a clear message to
  Verisign that their role as agent of the public trust does not
  involve making whatever changes to critical infrastructure they
  feel are in their best interests? Do we allow Verisign to continue
  down the road that they have repeatedly attempted where it is
  as if they think they own all rights to these TLDs which were
  entrusted to them to manage by contract from ICANN. ICANN is
  a non-profit public benefit corporation charged with managing
  this part of the internet infrastructure. They contracted out
  this specific duty to Verisign with some reasonably strict rules
  about how they can do it. Verisign, in spite of this, has repeatedly
  ignored those rules in it's own interest. If ICANN allows this
  to continue, it will, indeed, change the face of the internet
  significantly. Mr. McLaughlin may think that's a good thing,
  as he will surely profit heavily from it. I doubt that it will
  improve things for internet users or operators, however.

Paragraph 10:
  The internet already has a process for doing that. It's called
  the IETF. If this didn't happen in IETF, we wouldn't have HTTP,
  IPSEC, or, even DNS. Almost every protocol in use today on the
  internet was developed through the IETF process. Many improvements
  to protocols (BGP is currently on version 4, for example) have
  also come through the IETF and the related RFC process. The significant
  test is not whether the internet can do this (it already has), but,
  whether the internet can control the contractors entrusted with
  the management of items in the interest of the public. If not,
  ICANN will need to find an alternative. That will be difficult
  and painful.

Paragraph 11:
  Noone is discouraged from exploring the bounds of the internet.
  Verisign is discouraged from BREAKING existing functionality
  in the name of lining their pockets. There are lots of places
  on the internet to experiment with new tools. The two most
  populated top level domains in the DNS tree are _NOT_ the right
  place to experiment. You wouldn't want a rocket scientist
  developing new fuels at your kid's elementary school, would you?
  Well, what Verisign has done is equivalent to that. They
  decided without warning to conduct their experiment in production
  instead of a laboratory.

Paragraph 12:
  This paragraph cannot stand without the lies from the previous

Paragraph 13:
  Verisign did not spend hundreds of millions of dollars to fortify
  the two root servers alone. Also, a number of other root servers
  withstood the attack as well. This whole paragraph is specious and
  misleading. In fact, Verisign has one of the worst track records
  for errors of any DNS provider in history. The technical community
  is less concerned about what will happen without Verisign than they
  are about what Verisign will do to the internet.

Paragraph 14:
  The decisions made in this debate will not be about innovation.
  They will be about theft and hijacking. Will Verisign be allowed
  to hijack non-existant domain names to their own purpose and profit?
  Will they be allowed to continue to make arbitrary changes to
  services which are considered critical infrastructure by a large
  portion of the Internet community? Will ICANN stand up and
  say "no more" to Verisign's abuse of their position under the
  ICAN and USDOC contracts? These are the decisions that will be
  made around this issue. Innovation is safe and secure in the
  IETF. I will agree that there are problems to be solved in the
  IETF process, but, Verisign's actions won't even touch those,
  let alone make any positive contribution.

Paragraph 15:
  The decisions made over the next months and years will determine
  whether the namespace remains a consistent and well-ordered
  hierarchy, or, whether the distaste for Verisign and the lack
  of action by ICANN to stop them becomes so distasteful to enough
  network operators that the authority of ICANN is usurped and
  the namespace becomes fragmented. That would be bad for everyone.

  Owen DeLong is a Network Architecht for a Mountain View based
  communications firm. He has held positions ranging from Systems
  Administrator to Senior Backbone Engineer at ISPs ranging from
  very small to very large. He has designed and built networks
  from dialup to OC-192. He has been an active participant in
  the Internet Operational Community and NANOG for more than a

Owen DeLong