[IP] VeriSign prepares to relaunch "Site Finder" -- calls

nanog@riva.net (Randall Pigott) writes:

> I am curious what the operational impact would be to network operators
> if, instead of Verisign using SiteFinder over all com and net, Verisign
> or their technology partner for SiteFinder began coercing a large number
> of independent ISPs and network operators to install their form of DNS
> redirection at the ISP-level, until all or most of the end-users out
> there were getting redirected.

It would be no worse than NEW.NET or any other form of DNS pollution/piracy
(like the alternate root whackos), as long as it was clearly labelled. As
an occasional operator of infrastructure, I wouldn't like the complaint load
I'd see if the customers of such ISP's thought that *I* was inserting the
garbage they were seeing. So I guess my hope is, it'll be "opt-in" with an
explicitly held permission for every affected IP address (perhaps using some
kind of service discount or enhancement as the carrot.)

Yup. This is the form I saw in the PRC, both with the CNNIC provisioned
means for resolving names using Big5 and/or GB encodings, and the Microsoft
and RealNames provisioned means for resolving names not in ASCII (with the
added benefit of a bug in MS's IE navagator's handling of Unicode).

There was a visible operational impact of the second service -- ever n2a
for n not in (ASCII or Big5 or GB) resulted in overseas b/w use, first to
Redmond, then to Redwood City, and finally to Reston. My hosts complained
of the cost of every browser in the PRC generating trans-pacific packet

North Americans on fat pipes may not care, but where the meter is running,
and ASCII is awkward, there will be operational measureables.