[IP] Beyond the Verisign vs. ICANN Battle (BusinessWeek.Com)
Delivered-To: dfarber+@xxxxxxxxxxxxxxxxxx
Date: Tue, 21 Oct 2003 07:20:32 -0400 (EDT)
From: GLIGOR1@xxxxxxx
Subject: Beyond the Verisign vs. ICANN Battle (BusinessWeek.Com)
OCTOBER 20, 2003
NOTHING BUT NET
By Alex Salkever
Beyond the Verisign vs. ICANN Battle
Their conflict over Verisign's now-suspended Site Finder service points to
a bigger problem: The Net's archaic infrastructure
Stratton Sclavos wants the Internet to grow up. The CEO of Verisign
(<javascript: void showTicker('VRSN')>VRSN ), Sclavos has built a business
designed to provide some of the basic plumbing for the Information Age by
providing computer security services, issuing digital certificates needed
for safe e-commerce, and operating the database that keeps track of all
.com and .net domain names. To listen to Sclavos and other Verisign execs
talk, the Net's plumbing is all stopped up.
What's the clog? A bunch of grumpy technical experts who, Sclavos & Co.
claim, are holding the infrastructure that powers the Internet hostage by
refusing to allow it to evolve and become more technologically stable and
sophisticated as well as more commercially viable. These experts, also
known as the Internet Committee on Assigned Names & Numbers, are the force
majeure in the field of Net regulation. More than any other body, ICANN
makes key decisions that affect the way the Internet works.
It comprises a formidable group of distinguished names. And it was ICANN
that sent Verisign a cease-and-desist letter earlier in October seeking to
stop the Net plumber from plumbing the millions of mistyped Web-page
requests per day for ad dollars by directing surfers to a Verisign-operated
paid-search engine called Site Finder (see BW Online, 10/7/03,
<http://www.businessweek.com:/technology/content/oct2003/tc2003107_3789_tc047.htm>"Verisign
Didn't Deserve This Spanking"). Verisign used its monopoly hold on the .com
and .net database to identify incoming queries destined for nonexistent Web
pages and sending them to Site Finder rather than returning a standard
error message.
UNFAIR SHAKE? Sclavos and his executives claim Site Finder was an
innovation that served customer needs. To back this point up, Verisign
points to surveys it recently conducted finding that out of 1,000
Internet-savvy people, two-thirds preferred some type of search capability
or related links a la Site Finder with a returned error message. Verisign
officials says they're not getting a fair shake from ICANN. "The biggest
problem is the lack of a consistent and fair process by which registries
understand how they can introduce services," says Verisign spokesperson Tom
Galvin.
For its part, ICANN called Site Finder, essentially, a selfish, poorly
thought-out move that threatened the stability of the Internet due to
Verisign's unilateral and rapid roll out of Site Finder. Further, ICANN and
other critics stated that Site Finder hurt efforts to control spam and
impaired a key part of the Internet, namely, the domain name system (DNS),
which acts as a global traffic cop for the Net. It did this by eliminating
the error-message system around which network operators had built
complicated response mechanisms to optimize and monitor their systems.
In a letter to Verisign dated Sept. 22, ICANN President Paul Twomey and
other key ICANN committee members wrote: "VeriSign's change has
substantially interfered with some number of existing services which depend
on the accurate, stable, and reliable operation of the domain name system."
TWO WRONGS. In the end, Verisign bowed to ICANN's lawyers and shut down
the Site Finder service indefinitely. But the fight still simmers in the
Internet community, with the majority of voices saying Versign is clearly
in the wrong here. On the other side, a handful of large commercial
entities -- such as e-mail outsourcing company Brightmail, which handles
about 10% of all e-mail, according to International Data Corp. -- have come
out in support of Verisign and claimed that Site Finder was, in reality,
nothing more than a minor annoyance.
This case is a rare one where two wrongs may both be right. Site Finder was
a distasteful abuse of the spirit, if not the letter, of Verisign's
contract to maintain the stewardship of the .net and .com domain-name
database. But its claims that the Net's pipes are stopped up and leaking is
also on the money.
What I really didn't like about Site Finder was its premise. Sclavos and
his executives said it would provide a key customer-assistance tool. That
may be. Mistyped or incorrectly remembered Web-site addresses are a royal
pain. But so is the constant barrage of advertisements erupting from every
part of the Internet. Site Finder will add to that barrage with yet another
search engine overstocked with paid listings.
It's sort of like taking a wrong turn and finding yourself in the midst of
a flea market when all you want is directions. If that's Verisign's idea of
innovation, count me out.
STUCK IN THE PAST. Then again, Verisign's claims that the Internet is
paralyzed by an old guard who dominate the governance bodies such as ICANN
has more than a hint of truth to it. For example, Verisign charges that
ICANN's continued reliance on nonprofit and largely academic entities to
maintain the DNS "root servers" that are the ultimate arbiter of Internet
traffic opens the whole Net to the possibility of catastrophic failure.
These entities don't have the resources of a dedicated organization focused
on servicing DNS, Sclavos has claimed in several recent interviews.
Verisign and others have also expressed rising concern that the Net's basic
syntax is far too rooted in a different era, when just a few people could
log onto the precursor to the Net. Today, the language mail servers speak
to each other in passing messages back and forth and the way Web browsers
request and send out information remain largely the same as when they were
first planned and implemented. Engineered for a time when everyone on
ArpaNet knew each other, these protocols and syntaxes seem frighteningly
naïve in today's world of malicious hackers, spewing spammers, and vile Net
fraudsters.
The protocol to exchange mail messages between machines, SMTP, has no
built-in mechanism to authenticate who a messages's sender is and verify
his or her identity. This is why spam is such a problem today -- because no
one has to worry about getting caught if they impersonate someone else or
make up their own identity in sending an e-mail. You can't catch anyone
because the SMTP protocol is designed to be flexible and allow for anominity.
DANGEROUS TURF. DNS is the basic service used to more or less direct
traffic around the Net. Like SMTP, it has no accepted and widely used
mechanism for authenticating requests for data. In fact, very few of the
prevailing syntaxes and protocols underpinning the Internet contain
provisions for effective protections against network attacks, cyber or
otherwise.
Gently nudging the Internet community into a more secure future is ICANN's
job. Yet ICANN itself and the Internet Engineering Task Force, another key
governing body, have had trouble deciding among themselves on how to
upgrade the Net.
Meanwhile, the tide of spam threatens to deluge everyone and significantly
increase costs of running networks (the ratio of spam to legitimate mail is
well over 50% at this point, according to Brightmail). And hackers wielding
nasty Internet worms have clearly illustrated this summer that chunks of
the Internet infrastructure -- partly, but not all, due to Microsoft's
(<javascript: void showTicker('MSFT')>MSFT ) difficulty in building secure
products -- remain wide open to cyber attacks that teenagers can easily
master and execute.
Instead of Verisign and ICANN slinging arrows at each other, they should be
working together, along with other responsible parties, to build a better,
safer, more efficient Internet.
----------
<mailto:alex_salkever@xxxxxxxxxxxxxxxx>Salkever is Technology editor for
BusinessWeek Online
Copyright 2000-2003, by The McGraw-Hill Companies Inc. All rights reserved.
<http://www.businessweek.com:/copyrt.htm>Terms of
Use <http://www.businessweek.com:/privacy.htm>Privacy Policy
[]
[]
[]
<http://www.mcgraw-hill.com/>
[]
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/