VeriSign Capitulates

http://www.washingtonpost.com/wp-dyn/articles/A40241-2003Oct3.html

And they act like they're the victims. Amazing.

"Without so much as a hearing, ICANN today formally asked us to shut down
the Site Finder service," said VeriSign spokesman Tom Galvin. "We will
accede to their request while we explore all of our options."

How about a public outcry? Did you miss that part? You don't deserve a
hearing.

Of course, they haven't removed the wildcard yet:

dig is-it-gone-yet.com. @a.gtld-servers.net. +short
64.94.110.11

http://www.washingtonpost.com/wp-dyn/articles/A40241-2003Oct3.html

And they act like they're the victims. Amazing.

Yep, I told you so I said that before this was over, Verisign would
claim they were the victims and a bunch of hooligans on the West Coast
"attacked" their honest and decent plans to help Internet users.

"Without so much as a hearing, ICANN today formally asked us to shut down
the Site Finder service," said VeriSign spokesman Tom Galvin. "We will
accede to their request while we explore all of our options."

Uhm, was that the same hearing Verisign didn't have prior to instigating
their actions?

In the immortal words of Tim Wilde (twilde@dyndns.org):

And they act like they're the victims. Amazing.

"Without so much as a hearing, ICANN today formally asked us to shut down
the Site Finder service," said VeriSign spokesman Tom Galvin. "We will
accede to their request while we explore all of our options."

What's that bit about the definiton of `chutzpah?' The parricide who
throws himself on the court's mercy as an orphan?

Oddly enough, ICANN gave them exactly as much of a hearing as they
gave ICANN, the IETF and pretty much everyone else in the world before
they foisted this abomination on us. My heart bleeds for them,
really.

-n

------------------------------------------------------<memory@blank.org>
"Kids today only have to click a few buttons to get their porn, not go
out there and shoplift porn like I did, and my father did before me,
and his father before him." (--Dan Savage)
<http://blank.org/memory/&gt;\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-

: "Without so much as a hearing, ICANN today formally asked us to shut down
: the Site Finder service," said VeriSign spokesman Tom Galvin. "We will
: accede to their request while we explore all of our options."
:
: How about a public outcry? Did you miss that part? You don't deserve a
: hearing.

The public are just critics:
   "Critics say that VeriSign abused its monopoly power over the
    registries"

And we're a "close-knit group" who're spouting overblown claims. Yeah,
right...

   VeriSign also angered the close-knit group of engineers and scientists
   who are familiar with the technology underpinning the Internet. They
   say that Site Finder undermines the worldwide Domain Name System,
   causing e-mail systems, spam-blocking technology and other applications
   to malfunction.

   VeriSign said the claims are overblown.

   "There is no data to indicate the core operation of the domain name
   system or the stability of the Internet has been adversely affected,"
   VeriSign's Galvin said.

watta bunch of goobers!

scott

   VeriSign also angered the close-knit group of engineers and scientists
   who are familiar with the technology underpinning the Internet. They
   say that Site Finder undermines the worldwide Domain Name System,
   causing e-mail systems, spam-blocking technology and other applications
   to malfunction.

   VeriSign said the claims are overblown.

   "There is no data to indicate the core operation of the domain name
   system or the stability of the Internet has been adversely affected,"
   VeriSign's Galvin said.

watta bunch of goobers!

Would those goobers be Versign, or the "close-knit group of engineers and
scientists"?

g

I wonder if they will still present at Nanog?

http://www.nanog.org/mtg-0310/dns.html

  - Jared

OK, so was ANYONE on NANOG happy with
a) Verisign's site finder
b) How they launched it

Speak up on or off list.

         ---Mike

Outside of one other person on this list, I know no one else personally, so
where do they come up with the "close-knit" stuff? I thought that most of
the traffic I have monitored, re: this topic, has come from a very diverse
and rather large group of people from all around the world who have been
trying to say is that what VeriSign has done has caused problems in their
area of expertise, in their businesses, and for the public in general. Also
seen a lot of proof posted along with the comments.....

I might also mention, I understand the technology "underpinning" the
internet.... it's the attempted abuse of power by individuals and
organizations like VeriSign that I can't go along with....

Allen

   VeriSign said the claims are overblown.

   "There is no data to indicate the core operation of the domain name
   system or the stability of the Internet has been adversely affected,"
   VeriSign's Galvin said.

LOL.

VeriSign, woudl you like a copy of all the spams I got b/c your RevenueFinder (sitefinder) broke my spam filters?

-hc

OK, so was ANYONE on NANOG happy with
a) Verisign's site finder

Unfair competition, more confusions, broke a lot of stuff, etc, etc , beneficial to nobody

b) How they launched it

Here... let's change the way DNS works.. That's right, overnight.

-hc

## On 2003-10-03 15:56 -0400 Sean Donelan typed:

> "Without so much as a hearing, ICANN today formally asked us to shut down
> the Site Finder service," said VeriSign spokesman Tom Galvin. "We will
> accede to their request while we explore all of our options."

Uhm, was that the same hearing Verisign didn't have prior to instigating
their actions?

Why should they need a hearing ?

IMHO the ICANN demand is only to remove the wildcard DNS pointers to the
"Site Finder" service and they're completely free to point say "*.verisign.com"
to their "Site Finder" (Which they're free to leave running as long as
they want

"... in an attempt to assert a dubious right to regulate non-registry services."

This explains everything. They don't believe the stability of
com and net are in any way related to their registry duties.

That quote alone should be sufficient to deny them custody of
com and net.

It may not be a hearing but they can still appeal.

   If, during this period, further technical and operational evaluations
   of the changes made by VeriSign on 15 September indicate that those
   measures can be reinstated, or reinstated with modifications, without
   adverse effects, I will initiate the process to modify the .com and
   .net agreements to allow those changes to take place. We will use best
   efforts to complete these evaluations in a timely manner.

   If, on the other hand, these ongoing evaluations confirm the claimed
   adverse effects on the Internet, the DNS or the .com and .net domains
   that have been publicized to date, or raise new concerns of that type,
   those concerns will have to be resolved prior to any reintroduction of
   these changes. If any such concerns cannot be resolved, and VeriSign
   continues to seek to implement the service, it will be necessary to
   make recourse to the dispute resolution provisions of the two
   agreements.

This doesn't say it WILL reappear, only that it MAY. Then again, there
aren't a whole lot of modifications that can be made to
"* IN A 64.94.110.11" so we'll see..

It also imtimates that they do not believe that ICANN has any right
under current legislation to monitor what actually goes into the zone
file; only the way verisign behaves as a registry. The fact of the
matter is that yes, there is a seperation between those two items but
ICANN most deffinitely has a say in how the technical aspects can be
managed. Also, once verisign made a change to the root file for it's
own commercial benefit, they themselves crossed the line between
registry and maintainer.

:: OK, so was ANYONE on NANOG happy with
:: a) Verisign's site finder
:: b) How they launched it
::

Disregarding their "implementation issues", the product is pretty good.
I've actually used it to fix a few typos, etc... From an end user
perspective, it's certainly better than a squid error page.

-jba

Scott Weeks wrote:

   VeriSign also angered the close-knit group of engineers and scientists
   who are familiar with the technology underpinning the Internet. They
   say that Site Finder undermines the worldwide Domain Name System,
   causing e-mail systems, spam-blocking technology and other applications
   to malfunction.

   VeriSign said the claims are overblown.

   "There is no data to indicate the core operation of the domain name
   system or the stability of the Internet has been adversely affected,"
   VeriSign's Galvin said.

: http://www.washingtonpost.com/wp-dyn/articles/A40241-2003Oct3.html
:

Let's see, a "malfunction" is not a "core operation" or "stability".

One of the nice things about lawsuits is something called discovery.
Gives a chance to get some "data".

We spent thousands of dollars (probably 10s of thousands), had to
handle 10 times the mail load, had our upstream links completely fill,
had our mail servers completely fill, lost mail, and lost customers.

Then, thanks to the yeoman BIND effort, were able to mitigate the
damage, and gradually bring the mail servers back to their usual state
of 30% free space.

Now, using news.google.com search, it seems there are a few lawsuits.
I want them to go to class action status. I want money damages! Any
other operators want the same?

  http://news.google.com/news?hl=en&edition=us&q=lawsuit+verisign&btnG=Search+News

3rd Lawsuit Against VeriSign; Seeks Class Action Status
  http://www.circleid.com/article/290_0_1_0_C/
  http://www.techfirm.com/v-complaint.pdf

Plaintiffs bring this action both on an individual and class basis, and
also on a representative basis as a private attorney general under the
provisions of Section 17200 et seq. of California's Business &
Professions Code, for monopolization under Section 2 of the Sherman Act,
15 U.S.C. � 2; for unfair competition and trademark dilution under
Section 43(a) of the Lanham Act, 15 U.S.C. � 1125(a); for cyberpiracy in
violation of the Anti- Cybersquatting Consumer Protection Act ("ACPA"),
15 U.S.C.A. � 1125(d); for illegal interception of electronic
communications in violation of Title I of the Electronic Communications
Privacy Act ("ECPA"), 18 U.S.C. � 2511 et seq.; for unfair, unlawful,
misleading, fraudulent and deceptive business practices in violation of
California Business & Professions Code Section 17200 et seq.; and for
unjust enrichment. Plaintiffs seek declaratory and injunctive relief to
halt VeriSign's illegal acts and practices before those acts and
practices further harm Plaintiffs, the class defined herein, and the
general public.

Verisign press releases have never been about the facts. Instead it's
about trying to manipulate public perception to their side. Verisign has
never expressed any actual concern or even care about how much damage
their actions do to the internet. Any expectation that this would change
in this circumstance is an act of optimism or stupidity.

I only hope that the press in question will be made aware of the truth
of these matters and publish that information. Otherwise, you may be
faced with a situation where the DOC asks ICANN why they caved to such
a small special interest group's pressure.

Owen

jeffrey.arnold wrote:

Date: Fri, 3 Oct 2003 16:16:29 -0400
From: Jared Mauch

  I wonder if they will still present at Nanog?

http://www.nanog.org/mtg-0310/dns.html

Perhaps they could give away limited-edition Snubby Mail Rejector
t-shirts; bonus points if the shirts include expect script or is
bugged. I just may attend NANOG after all...

Eddy

On Fri, Oct 03, 2003 at 05:34:05PM -0400, jeffrey.arnold quacked:

:: OK, so was ANYONE on NANOG happy with
:: a) Verisign's site finder
:: b) How they launched it
::

Disregarding their "implementation issues", the product is pretty good.
I've actually used it to fix a few typos, etc... From an end user
perspective, it's certainly better than a squid error page.

  Yeah, but this is easy for you to provide as a service to users
who want it.
patch your squids with the following change to src/errorpage.c:

@@ -414,6 +414,7 @@
  * T - UTC x
  * U - URL without password x
  * u - URL with password x
+ * V - URL without http method without password x
  * w - cachemgr email address x
  * z - dns server error message x
  */
@@ -546,6 +547,9 @@
     case 'u':
        p = r ? urlCanonical(r) : err->url ? err->url : "[no URL]";
        break;
+ case 'V':
+ p = r ? urlCanonicalStripped(r) : err->url ? err->url : "[no URL]";
+ break;
     case 'w':
        if (Config.adminEmail)
            memBufPrintf(&mb, "%s", Config.adminEmail);

And then modify errors/English/ERR_DNS_FAIL to say:

<H2>Alternatives</H2>
You can try to view this server through:
<ul>
<li> <a href="cache:%V - Google Search Cache</a>
<li> <a href="Wayback Machine Internet Archive</a>
<li> <a href="http://sitefinder.verisign.com/lpc?url=%V&quot;&gt;Use Sitefinder to search for typos for this domain</a>
</ul>

If you're creative, have it send them with a redirect to a local
CGI script that tries obvious typos. Very simple. My users like
the link to the internet archive (also modify the "could not connect"
error page and others). If you just want HTML, create a framed document
that auto-loads the sitefinder doc in the bottom half, and pops up
your own error page in the front. I leave that as an exercise to
the HTML-clued reader, but it's not very hard.

  -Dave