Feeds

VeriSign responds to .net report criticisms

Plus a brief rundown of what happens next

  • alert
  • submit to reddit

3 Big data security analytics techniques

VeriSign has posted its response to the ongoing dispute over Telcordia's report into .net ownership, but surprised observers by launching into a rant against a rival bidder.

The report, released last Tuesday, has attracted an enormous amount of criticism, both from the losing bidders and the chairman of the committee that helped decide its evaluation criteria. All have called the report seriously flawed and asked for an investigation to be held.

Three of the losing bidders - CORE++, Denic and Sentan - have posted lengthy and precise critiques of the report, the evaluators and the evaluation process, sparking ICANN into giving a public statement on the process in an effort to calm the situation. The fourth losing bidder, Afilias, has yet to respond.

VeriSign, as winner of the Telcordia initial report and so the .net registry, was not expected to criticise the report, but the letter sent by its general manager Mark McLaughlin to ICANN head Paul Twomey has amazed many with its virulence, all directed at second-place bidder Sentan.

"I wanted to take this opportunity to give you the benefit of our comments and concerns regarding the letter of April 4, 2005 to you from Mr. Richard Tindal, CEO of Sentan Registry Services," it begins.

"It is most unfortunate that Sentan, in an attempt to overcome the deficiencies of its own proposal, has found it necessary to launch a baseless, unsubstantiated attack on the findings of ICANN’s designated independent evaluator, Telcordia Technologies."

It continues in the same vein throughout the letter and goes on to accuse Sentan of being self-serving, distorted, biased and "nothing more than a disgruntled bidder attempting to manipulate the process".

The accusations levelled at just Sentan are out of keeping with the other responses from bidders who have listed their concerns with the report and Telcordia and provided detailed reasons as to why they hold those concerns.

But since Sentan is the only company likely to surpass VeriSign when Telcordia produces its revised report, it would appear the VeriSign has decided the best policy is provoke Sentan into a public fight. Sentan has so far avoided the temptation.

Nevertheless, substantial question marks remain over large parts of the report. Telcordia has apparently admitted it wrongly marked Denic down by saying it had an in-house built database when the opposite was true. It has yet to reply to an equally damning accusation by CORE++ that Telcordia completely misunderstood its measurement methodology.

On top of that, Telcordia wrongly marked VeriSign up and Denic and Sentan down over the distance between primary and backup servers. Telcordia also copy/pasted a summary of one criteria into another, apparently forgetting to change the wording, adding to Denic's accusation that the whole report was "sloppy" and full of "serious factual errors".

There are further criticisms over wrongly applied criteria, false marking and incompetent evaluation. And on top of that, Telcordia faces several questions over its independence thanks to previous financial and professional connections with VeriSign (with whom it had a joint alliance) and Sentan (whose majority partner, NeuLevel, has been a bitter rival for years).

Telcordia also continues to refuse to release the list of its staff that were on the evaluation panel.

So where are we up to?

Such has been the fuss that ICANN yesterday acknowledged at its public forum the depth of anger and outlined how it intended to deal with the situation, in an effort to calm tempers.

ICANN lawyer John Jeffrey sought to pull the debate out of the public eye by stating the public forum set up precisely to discuss the .net report was "inappropriate" for public comments on the .net report. Instead, he asked all bidders and interested parties not to post any more comments on the forum and instead send them direct to ICANN in the form of a letter.

It is hardly surprising that ICANN doesn't want the argument in public, especially considering the matter is of such importance - ownership of the second most-important registry on the Internet. In an effort not to appear secretive though, it has promised to publish all correspondence once the issue had been decided.

However, the situation is far from settled. Because of tight time constraints - the .net contract ends on 30 June - ICANN is trying to push the process through as quickly as possible. After all, it has still to decide contract details with the new owner of .net.

ICANN is sending all correspondence on the report to Telcordia and expects Telcordia to respond by early next week with a revised report. It is extremely unlikely that Telcordia will accept some of the criticisms of its work and it will not want to alter the overall positions of the bidders if at all possible in order to save face.

An ICANN spokesman also confirmed that due to time constraints, the revised report will be taken to be the final version and it will not accept any further responses from the bidders. As such, Telcordia has very little reason to change its report.

Despite all the criticisms, ICANN continues contract talks with VeriSign solely on the basis of the report, which suggests it too expects Telcordia to arrive at the same result in the revised report. If that does happen, ICANN will then most likely rush the decision through for Board approval, again citing time constraints.

That may solve the problem from the decision-making aspect but unless Telcordia manages to answers the other bidders' concerns, it seems very unlikely the Afilias, CORE++, Denic and Sentan will let the matter drop.

ICANN is desperate to avoid another series of punishing lawsuits, so rushing the decision through may therefore appear to be the best solution.

However, it would do well to consider granting a temporary extension to VeriSign's existing .net contract in order to give sufficient time and consideration to this very significant decision. Brushing aside legitimate concerns by repeating the same line about time constraints will appear very artificial when a significant amount of the Internet is handed over on the basis of a hotly disputed report with acknowledged, significant errors.®

Related link

VeriSign's response

Related stories

More criticism piled on .Net report .Net report speared a third time
.Net report was fudged
.Net report slammed again
Denic damns 'errors' in .net report

High performance access to file storage

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
Number crunching suggests Yahoo! US is worth less than nothing
China and Japan holdings worth more than entire company
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.