September 24th, 2003


Verisign's abuses

Verisign has recently started abusing their control over the .com and .net domain-name registries. (read more here and here, for example).

Here's what they're doing: if you type in a web address that doesn't exist, they (in violation of RFC) return a valid IP (instead of returning domain-not-found, which is the correct and socially-responsible value). For example:

mystique:~$ host has address
mystique:~$ host has address
But note that .org doesn't do this:
mystique:~$ host
Host not found: 3(NXDOMAIN)

This may not seem like a big deal, but here are some considerations:

  • non-existent domains now resolve, which breaks spam blockers, ping, traceroute
  • If you or your friends are running a website, now Verisign gets to find out all the people who mistyped it by one letter and offer them competitors' bids and their own "search" tools -- which don't agree with (e.g.) AltaVista or Google.

Don't let them get away with this abuse of their monopoly. Take action:

  • Sign this petition
  • send ICANN a complaint (comments (at) icann (dot) org), or use the web complaint form); they need some reinforcements here, and a demonstration that the users of the internet shouldn't have to put up with this.
  • Don't forget to cc Verisign (spambots, feel free to send mail to Verisign too).
  • If you have business with Verisign (or their subsidiary, Thawte), tell them how pissed you are. Tell them you'll be taking your business elsewhere.
  • Encourage your ISP to install the BIND or tinyDNS patch which blocks the Verisign "oops" page, or, if you are an ISP, do it.

  • Current Mood