Feeds

ICANN urges VeriSign to suspend SiteFinder

Violates 'Principle Of Least Astonishment'

  • alert
  • submit to reddit

Security for virtualized datacentres

Net governing body ICANN has called on VeriSign to "voluntarily suspend" Site Finder amid renewed concerns that the web typo replacement service could undermine key Net standards.

Last week VeriSign deployed a "wildcard" service into the .com and .net Top Level Domain zones. This VeriSign wildcard redirects traffic that would otherwise have resulted in a "no domain" response to a VeriSign-operated website, called Site Finder, the features, search results and links to paid advertisements.

"Since the deployment, ICANN has been monitoring community reaction, including analysis of the technical effects of the wildcard, and is carefully reviewing the terms of the .com and .net Registry Agreements," the Net governing body said in a statement.

"Recognizing the concerns about the wildcard service, ICANN has called upon VeriSign to voluntarily suspend the service until the various reviews now underway are completed," it added.

ICANN has requested advice from its Security and Stability Advisory Committee, and from the Internet Architecture Board, on the impact of the changes implemented by VeriSign.

A report from the Internet Architecture Board (IAB), released last weekend, says the VeriSign's changes have had "undesirable and unintended consequences", imposing a overhead on users, and affecting the robustness of the Internet.

The document suggests VeriSign's "wildcard" service goes against "two basic principles of architectural design which have served the Internet well for many years": the Robustness Principle and the (splendidly named) Principle Of Least Astonishment, which says a program should always respond in the way that is least likely to astonish the user.

The IAB's highly critical report on DNS Wildcards can be found here.

VeriSign has yet to respond to ICANN's call to drop Site Finder. ®

Related stories

All your Web typos are belong to us
VeriSign DNS change broke my HP printer (letters)
BIND developer blocks VeriSign Net grab move
VeriSign's SiteFinder finds privacy hullabaloo
VeriSign backlash gathers force

Choosing a cloud hosting partner with confidence

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Yes, yes, Steve Jobs. Look what I'VE done for you lately – Tim Cook
New iPhone biz baron points to Apple's (his) greatest successes
Lords take revenge on REVENGE PORN publishers
Jilted Johns and Jennies with busy fingers face two years inside
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.