Feeds

.Net report slammed again

Chairman of key committee demands investigation

  • alert
  • submit to reddit

Security for virtualized datacentres

The report that decided ownership of the .net registry has come under heavy criticism for a second time this week.

The chair of the committee that actually decided the report's methodology and criteria, Philip Sheppard, has demanded an investigation into what he has called "a fundamental contradiction between the dot net evaluator's methodology and the GNSO dot net report".

"I am concerned that there is a serious flaw in the methodology of the Telcordia report," Sheppard stated on an ICANN mailing list. According to Sheppard, the company commissioned to carry out the evaluation (Telcordia) had "used a scoring system which was biased towards multiple technical criteria even though the central message of the GNSO report was that competition was the most important factor".

He concluded that the "methodology of the evaluator's report directly contradicts the essence of the GNSO report" and proposed a resolution to be put forward at an ICANN meeting in Argentina on Monday that the ICANN Board delay its negotiations with VeriSign (or any other bidder) until an investigation had taken place.

The stark criticism comes just a day after one of the bidders, Denic, said a key part of the report that had ruled it out of the running was incorrect and that the correct information had been given in the official documentation. It called the report "sloppy" and said it contained "serious factual errors". It also questioned the ranking system used by Telcordia.

Other bidders have also expressed their anxiety over the report. Afilias said in a statement that it was "disappointed" and Sentan that it was "not pleased".

ICANN has used the report as the sole basis for its decision to start immediate discussions with winner VeriSign over renewal of the .net contract, which runs out on 30 June this year.

But while some have sought to paint Denic's complaint as sour grapes, Sheppard's intervention has spun the spotlight onto the company commissioned to carry out the evaluation - US technology company Telcordia, which has a number of ties with VeriSign, raising conflict of interest questions.

And while VeriSign has sought to assure us that William Roper - a director of both SAIC (until very recently Telcordia's parent company) and VeriSign - was not on the evaluation team as we reported earlier, until ICANN or Telcordia releases the names of those on the team, it will be difficult for Telcordia to effectively argue its independence when so many apparent errors have been found in its report.

Sheppard is concerned about the overabudance of technical criteria as deciding issues (the winner was the company with the largest number of "blues", meaning "exceeds requirements", making some relatively unimportant criteria of equal weighting to fundamentals). And he is unhappy with the downgrading to "medium" importance of issues that his committee had flagged as highly important.

There is also concern about the introduction of criteria such as "Provision for Business Failure" - which seem pointless. "Describe in detail what advance arrangement you will implement to ensure that, if your operation of .Net registry becomes financially non-viable, the registry operation will be quickly, smoothly and efficiently transferred to another operator." The likelihood of the .net registry becoming financially non-viable, when it has five million domains and a good percentage of the world's servers run through it, is so remote that you have to question its introduction as a criteria.

Nevertheless, VeriSign achieves a "blue" in this category by dint of the fact that is the only one of the bidders to have already moved a registry, raising the question: where's the logic in awarding a registry to a company on the basis that they are the best at giving it away?

There is also another question over Telcordia's scoring system when it marks down both Denic and Sentan in the "Provision for Registry Failure" criteria for having primary and backup servers too close together, giving VeriSign alone a "blue". However, earlier on in the report it marked VeriSign down for precisely the same issue - having both primary and alternative primary within the same electricity region.

Earlier still, the fact that Denic and Sentan sites were 275 and 400 miles apart was not considered of sufficient enough concern to mark them down. The inconsistency without explanation, especially when the resulting decision literally makes the difference between one company winning the .net registry or another is troublesome.

With Telcordia stating clearly at the beginning of its report that all candidates are more than capable of running the .net registry, the decision has been made on subjective criteria. But with the chairman of the committee that decided on the methodology pointing out a "fundamental contradiction" in this subjectivity and with one of the bidders stating that the report contains a major factual error, the continued use of the report as the foundation for such an important decision is open to question.

Related story

Denic damns 'errors' in .net report

Internet Security Threat Report 2014

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Special pleading against mass surveillance won't help anyone
Protecting journalists alone won't protect their sources
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Apple's iPhone 6 first-day sales are MEANINGLESS, mutters analyst
Big weekend queues only represent fruity firm's supply
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Bill Gates, drugs and the internet: Top 10 Larry Ellison quotes
'I certainly never expected to become rich ... this is surreal'
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
EMC, HP blockbuster 'merger' shocker comes a cropper
Stand down, FTC... you can put your feet up for a bit
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.