Verisign's DNS Wildcard Intrusion
- To: <forum@xxxxxxxxxxxxxx>
- Subject: Verisign's DNS Wildcard Intrusion
- From: "Brian F. Angus" <brian.angus@xxxxxxxxxx>
- Date: Wed, 24 Sep 2003 07:42:04 -0400
- Thread-index: AcOCkOBuqYRBf+73TwGivXol0CV51w==
- Thread-topic: Verisign's DNS Wildcard Intrusion
I am hopeful that some progress is being made to have the Verisign's DNS
Wildcard implementation reversed for all of the valid reasons outlined in the
various ICANN committtee reports, IAB reports and NANOG forum discussions. The
degree of concensus from all over the the Internet on the serious issue is
remarkable.
Verisign fairly obviously implemented this without notice or peer review
because they knew it could not pass objective scrutiny.
My feeling is that ICANN should be hitting them on additional parallel paths
involving more distinct parts ot the organization. So far, ICANN has twice
asked for the service to be shutdown. Two committees (SSAC and ALAC) have
issues negative reports also calling for the calling for the removal of the
wildcards.
I think a strong case can be made for involving the Committee on Conflicts of
Interest as well. Verisign has injected istelf into the infrastructure of the
Internet in multiple conflicting roles including:
* .com & .net TLD Operator
* advisor to various steering committees (technical and non-technical)
* registrar
* search engine operator
* certificate issuing body
* etc.
Some of these roles are overtly commercial (the Sitefinder search engine and
registration businesses) relying, leveraging and benefiting from roles that are
designed to support what is effectively a "Public Trust". This is prime
information for the Committee on Conflicts of Interest.
I read yesterday that due to this "forced" wildcard redirection, the volume of
Internet traffic reaching Verisign has gone up by more than 500 percent. This
will directly translate into higher referal placement and advertising revenues.
Further detailed analyses of the change in Versign's traffic patterns are
available at the links below:
http://www.circleid.com/article/272_0_1_0_C/
http://www.alexa.com/data/details/traffic_details?q=&url=verisign.com
An excellent commentary is also available in this O'Reilly interview with Paul
Vixie:
http://www.onlamp.com/pub/a/onlamp/2003/09/22/vixie.html
If the Committee on Conflicts of Interest is not curently looking into this
matter may I request that they be notified and hopefully they will conduct
their own detailed investigation. I have no contacts there, so perhaps as a
start, this message could be forwarded.
Brian Angus