Verisign backlash gathers force

All your Web typos aren't belong to us

  • alert
  • submit to reddit

Security for virtualized datacentres

The backlash against Verisign's controversial decision to direct users who get lost on the Web to a search engine site run by the company is gaining momentum.

Net users have set up an online petition to protest the move, which critics say is an abuse of Verisign's role as steward of the .com and .net top level domains and a violation of established technical procedures.

The signatories to the petition are calling on Net governing body ICANN to put pressure on Verisign to drop the practice which breaks technical standards affecting email services, and other Internet systems. In particular, there's concern the move will make it harder to identify spam that originates from non-existent domains. So Verisign is (inadvertently) assisting spammers bypass some filtering techniques.

(There were 12,360 signatories to the petition early this afternoon but this figure has since been reset, amid security concerns email address on the petition v1.0 were been harvested by ne'er do wells.)

Breaking standards, hijacking users

Protestors also believe Versign's move is anti-competitive. As does Florida-based 'search services' company Popular Enterprises which has filed a law suit which seeks to compel Verisign to drop its controversial Site Finder service, Reuters reports. Popular Enterprises has a history of purchasing expired domain names and directing them to its Netster search site, a practice not dissimilar to what it is complaining about.

Still the law suit has been broadly welcomed in the Net community as another means to bring pressure to bear on Verisign.

The controversy kicked off on Monday, when Verisign added wildcard DNS records to all .com and .net domains - redirecting surfers who get lost on the Net to a search page, called Site Finder, run by the company. Those who type in non-existent addresses will also be served up Site Finder, instead of an error message. Verisign isn't saying how much it expects to make from selling advertising on this site. According to Verisign, 20 million users a day mistype the name of the domain they wish to visit - so the commercial potential of Site Finder is considerable.

Techies BIND Verisign up

In response to Verisign's audacious land grab, the developer of the technology used to direct most surfers on the Web has released a workaround designed to stop users who mistype URLs ending up at Verisign's new search site.

The Internet Software Consortium, the non-profit body that develops the ubiquitous BIND domain name server, has adapted its software so that those users who enter mistyped domain names are served up with old-style error messages instead of Site Finder.

The patch (BIND 9.2.3rc2), which limits .com and .net zones to be "delegation-only" (i.e. wildcard entries a la Verisign will not resolve to anything), is explained here. ®

Related stories

All your Web typos are belong to us
Verisign DNS change broke my HP printer (letters)
BIND developer blocks Verisign Net grab move
Verisign's SiteFinder finds privacy hullabaloo

Beginner's guide to SSL certificates

More from The Register

next story
Bono apologises for iTunes album dump
Megalomania, generosity and FEAR of irrelevance drove group to Apple deal
HBO shocks US pay TV world: We're down with OTT. Netflix says, 'Gee'
This affects every broadcaster, every cable guy
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
French 'terror law' declares WAR on the INTERNET itself, say digi-rights folks
Liberté, Égalité, Fraternité: Two out of three ain't bad
SCREW YOU, EU: BBC rolls out Right To Remember as Google deletes links
Not even Google can withstand the power of Auntie
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Zippy one-liners, broken promises: Doctor Who on the Orient Express
Series finally hits stride, but Clara's U-turn is baffling
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story


Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.