Verisign's public opinion play

I think this list may be a very good choice of where to construct
such a response.

Are you being paid by Verisign?
A "constructed" response is the worst thing we could
do. Everyone should write their own responses in their
own words based on their own experiences or their own
skills and knowledge. That's the only way to demonstrate
that Verisign was wrong, wrong, wrong.

A "constructed" response is pure politics and only
demonstrates that a certain opinion is shared by
a bunch of people with no basis in fact. We don't
need to trumpet our opinions; we need to document and
publish the facts of the matter.

And this list is definitely not the place to
discuss writing a letter of protest. If political
activity is your bag, then try http://www.meetup.com

--Michael Dillon

I have to disagree. Verisign is playing this game with considerable political savvy. Disparate responses of varying quality do not get the media's attention, and they play right into Verisign's hands, because they have characterized this as a dispute between a respectable, secure and reliable company against a bunch of scattered techies. I don't think that sending those letters and writing those articles does any harm per se, however I think the focus should be in providing technical *and marketing* ammunition to ICANN and focusing our defense there. A single organization pushing a message over and over is more likely to get press attention. Note also that we are at a considerable disadvantage in that our discussions of what approach to take our taking place in public forums ("Hi, Verisign"). Nothing like advance warning.

The other thing I think would help is to paint the picture in terms that the general public can understand. Verisign can do this because the "benefit" is something that web users understand. Type something wrong--get a search page. Most of the drawbacks are much more technical. I have an idea in this space, I'll post it later today. The other thing we should focus on is process. Verisign is claiming that we fight innovation and commercialization of the internet (pretty wacko, given the business we are in). The fact of the matter is that there are established procedures for innovating the core technology of the internet, and they didn't follow them. We need to push the fact that they didn't just break the internet, they broke the rules, and this "innocent company being held back by techies" ploy is a bunch of garbage.

I'm not sure if it helps in this argument to rehash all the other problems with Verisign (like, how they managed to take the guaranteed cash cow of domain registration and manage it so insecurely and with such poor customer service that we all ran quickly to other registrars). Certainly it would be good to counter their public image, but it probably should be done separately from this issue.

>I think this list may be a very good choice of where to construct

such a response.

Are you being paid by Verisign?

A disclaimer seems appropriate -- right now, I'm being only occasionally paid for consulting by clients not having anything to do with Verisign.

A "constructed" response is the worst thing we could
do. Everyone should write their own responses in their
own words based on their own experiences or their own
skills and knowledge. That's the only way to demonstrate
that Verisign was wrong, wrong, wrong.

A "constructed" response is pure politics and only
demonstrates that a certain opinion is shared by
a bunch of people with no basis in fact. We don't
need to trumpet our opinions; we need to document and
publish the facts of the matter.

And this list is definitely not the place to
discuss writing a letter of protest. If political
activity is your bag, then try http://www.meetup.com

Writing a "constructed" response, I would agree, should either come through an already existing group (e.g., IETF/IAB), or from an ad hoc organization, which, in this context, MUST have a truly open process.

That being said, writing something, even as an individual, which strikes the interest of news media is not necessarily a skill everyone here has. I do have some background in this, and would be happy to work with a team, and with individuals to the extent my time permits. It's important to get this out of a perspective of "regulator versus poor persecuted Verisign". versus technically perfect analyses, a product of an open process, that are incomprehensible or at least uninteresting to a nonspecialist reporter, Congressional staffer, etc.

When you start to write anything, may I suggest one of the things you have to keep at the front of your mind is that many of your audience, outside the engineering community, equate the Web and the Internet. This isn't stupidity, it's lack of knowledge. They have to realize that an ISP can be the point of access to non-public yet critical services, such as being the entry point for VPNs for anything from credit authorization to secure medical reporting.

I hope to get to at least part of the ICANN meeting -- unfortunately, I had an uncomfortable night -- both a cat circus on the bed and using some unfamiliar muscles yesterday and resulting in a painful back -- so I'm now running on 3-4 hours of sleep. Ah, for the days when the Internet was young and I could get by with that much sleep...

>I think this list may be a very good choice of where to construct

such a response.

Are you being paid by Verisign?
A "constructed" response is the worst thing we could
do. Everyone should write their own responses in their
own words based on their own experiences or their own
skills and knowledge. That's the only way to demonstrate
that Verisign was wrong, wrong, wrong.

I have to disagree. Verisign is playing this game with considerable political savvy. Disparate responses of varying quality do not get the media's attention, and they play right into Verisign's hands, because they have characterized this as a dispute between a respectable, secure and reliable company against a bunch of scattered techies. I don't think that sending those letters and writing those articles does any harm per se, however I think the focus should be in providing technical *and marketing* ammunition to ICANN and focusing our defense there. A single organization pushing a message over and over is more likely to get press attention. Note also that we are at a considerable disadvantage in that our discussions of what approach to take our taking place in public forums ("Hi, Verisign"). Nothing like advance warning.

True. But even if it gives some warning to Verisign, the very openness of the process contrasts with the way they did things -- and, if made clear, could be newsworthy. Individuals speaking to the press, Congress, Homeland Security, etc., need not give early warning.

The other thing I think would help is to paint the picture in terms that the general public can understand. Verisign can do this because the "benefit" is something that web users understand. Type something wrong--get a search page. Most of the drawbacks are much more technical. I have an idea in this space, I'll post it later today. The other thing we should focus on is process. Verisign is claiming that we fight innovation and commercialization of the internet (pretty wacko, given the business we are in). The fact of the matter is that there are established procedures for innovating the core technology of the internet, and they didn't follow them. We need to push the fact that they didn't just break the internet, they broke the rules, and this "innocent company being held back by techies" ploy is a bunch of garbage.

Exactly. The most fundamental problem of education here is that the Internet is more than the Web, even for nontechnical users. I'm certainly not privy to Verisign's business plans, but Sitefinder seems to have an inherent assumption that Web browsing is all anyone wants to do.

Even staying with the Web, there may well be ways the Verisign-style TLD wildcard could carry supplemental information that doesn't break existing software but could carry optional redirection information that could work with such things as content distribution or failover, yet not break anything. I freely admit that I am not a DNS designer but have an operational-level understanding; if I do make design claims, it's in routing and closely related management. I do have a few thoughts.

Perhaps a lifetime supply of "Be conservative in what you send, be liberal in what you accept" T-shirts might be commissioned by Verisign.

I'm not sure if it helps in this argument to rehash all the other problems with Verisign (like, how they managed to take the guaranteed cash cow of domain registration and manage it so insecurely and with such poor customer service that we all ran quickly to other registrars). Certainly it would be good to counter their public image, but it probably should be done separately from this issue.
--

there WAS a "cash cow" in an old Nortel commercial; maybe we should see if, like myself, she's an ex-Nortel employee that could join the effort. Ah, corporate speak...I wasn't laid off, or even downsized or rightsized. My boss (a great person) sadly call me to tell me, in Approved Nortelspeak, that I had been "optimized". Great flashback to George Orwell.

"Howard C. Berkowitz" wrote:

>And this list is definitely not the place to
>discuss writing a letter of protest. If political
>activity is your bag, then try http://www.meetup.com

Mr. Dillon forgets that all inter-human activity, including operational
coordination, is a "political" activity.

Individual responses are less likely to garner attention than organized
responses. It's a fact of life. And the central theme of many
pamphlets on organizing.

Writing a "constructed" response, I would agree, should either come
through an already existing group (e.g., IETF/IAB), or from an ad hoc
organization, which, in this context, MUST have a truly open process.

The IETF and NANOG were both originally designed as "ad hoc", "come
and participate", organizations. The Internet itself could be
considered an "ad hoc" organization. I don't see the need for another
such organization at this time and place.

That being said, writing something, even as an individual, which
strikes the interest of news media is not necessarily a skill
everyone here has. I do have some background in this, and would be
happy to work with a team, and with individuals to the extent my time
permits.

I have some background in this as well, going back to organizing for
the original NSFnet funding, and would be willing to assist Mr.
Berkowitz in this endeavor.

I hope to get to at least part of the ICANN meeting
...

We need a raporteur to inform us how the ICANN meeting goes. Please?

I think I'll have myself organized enough to get there for the afternoon part of the meeting. Wish they had said if there was a working lunch.

In the interest of good sleep for the members of NANOG, if you buy Sears' otherwise very nice 6-gallon 2" hose shop-vac, be aware that a cat jumping on top of it will turn it on. Said cat and his/her associates immediately conclude it is a dangerous carnivore, and rush at high speed across my occupied bed.

Thinking about Verisign, while dealing, in the middle of the night, with both a tongue bath from a cat seeking reassurance, as well as a backache from an overly aggressive attack on my lawn, does not make for being well rested.

Has anyone been able to get the RealVideo stream from the meeting? I can't seem to connect.

I think this list may be a very good choice of where to construct
such a response.

Are you being paid by Verisign?

Absolutely not. In fact, I would be almost as glad to see Verisign disappear
as Micr0$0ft. Lately, I'm beginning to wonder which of the two is worse.

A "constructed" response is the worst thing we could
do. Everyone should write their own responses in their
own words based on their own experiences or their own
skills and knowledge. That's the only way to demonstrate
that Verisign was wrong, wrong, wrong.

We have different meanings of that term. I think that there is value in
everyone writing their own response, too. However, I do think that if
we could generate a joint statement of position and get that into the
right channels, it would carry some additional weight. In order to do
that, it would need to explain the issues and the facts in a way that
Joe and Mary household user could understand. Right now, there is a
fair amount of perception that we are reactionary whiners and that
we're only upset because Verisign makes money off of this.

A "constructed" response is pure politics and only
demonstrates that a certain opinion is shared by
a bunch of people with no basis in fact. We don't
need to trumpet our opinions; we need to document and
publish the facts of the matter.

A joint position statement is partially politics. However, right now, this
is a political game with operational ramifications. Serious operational
ramifications far beyond the effects of the wildcards. We need to document
and publish the facts and show that those facts justify our opinions.
We need to do it in such a way that others come to share those opinions.

And this list is definitely not the place to
discuss writing a letter of protest. If political
activity is your bag, then try http://www.meetup.com

On this we must agree to disagree. It's not the first time, Michael.
I agree that this list is generally not the place to discuss writing a
letter of protest. However, I'm not talking about writing a letter of
protest. While this activity is partly political, it is politics with
operational impact. I'm not opposed to taking it to another list for
development, but, I think whatever comes out should be brought back here
for review before being launched at the press as a statement of community
position. I think it should also be taken to other similar lists and
probably reviewed by the relevant working group within IETF.

Owen

I worked for Network Solutions in the era that Mr. Berkowitz is talking about.
My tenure 1984 - 1988 (or so, the memory grows dim). In this era NSI was just
beyond a four man startup. It was a beltway bandit, or for the non Washington DC
folk, a government contracting company. Its speciality was IBM mainframe data
center management. The road from there to scourge of the internet is not worth
traveling. Non of the principals, and few of the workers made that journey.

The recently posted "LINX Letter to ICANN regarding Verisign" was an excellent example of the kind of thing that might be done.