Verisign should be taken to task
- 23 September, 2003 22:00
If Verisign's new Site Finder service isn't a breach of its contract terms then the rules should be changed to make it so, says a Kiwi ICANN representative, Alick Wilson.
Site Finder is a web service that appears when users attempt to reach a website whose domain name does not exist. This mostly happens as a result of mistyping. To enable the service, Verisign has had to create a wildcard address record so that all attempts to reach sites in the .com and .net address space, except those with valid domain names, results in redirection to Site Finder.
Wilson, who was selected to be a non-partisan "advisor" to ICANN (Kiwi takes place at ICANN) says Verisign should be called to task if it's in breach.
"If it is not, and there's no evidence either way yet, then they are required to comply with certain rulings from ICANN and ICANN could move to introduce such a ruling."
Wilson says any change to ICANN's contract with Verisign to halt the service is likely to take weeks if not months.
However local ICANN watcher, former InternetNZ councillor Steven Heath, says the contract with Verisign is quite clear on the matter and Verisign is in breach of its terms and conditions.
"It's a clear breach of the appendix to the contract. The issue is what can ICANN do about it?"
The ICANN Verisign contract is quite clear that Verisign must abide by certain standards, known in the contract's parlance as RFCs, or "requests for comment".
The appendix says Nameserver operations for the Registry TLD should comply with certain RFCs, including RFC 1035, which says:
"Name Error - Meaningful only for responses from an authoritative name server, this code signifies that the domain name referenced in the query does not exist."
Heath says by returning an "A record" instead of an "rcode" (short for error code) message, Verisign is in breach of its contract.
Wilson says this whole issue is simply the first of many as the governance of the internet moves to a more commercial footing.
"ICANN and the Department of Commerce have extended their 'memorandum of understanding' for another three years and that will mean the continued transition to a full commercial model. That will require a review of the way the internet is governed and the rules under which registrars, registrants and registries work."
Wilson says he finds the move alarming as it opens the door to a whole series of problems.
"If Verisign can do this what's to stop every ISP doing it? It could lead to all kinds of trouble."
ICANN's own security and stability advisory committee says the Verisign move is an unwelcome one.
"Verisign's change appears to have considerably weakened the stability of the internet, introduced ambiguous and inaccurate responses in the DNS, and has caused an escalating chain reaction of measures and countermeasures that contribute to further instability".
Verisign has rejected a request from ICANN (ICANN asks Verisign to suspend controversial service) to suspend its service.