Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
The Internet Businesses

Verisign's SiteFinder - An Engineer's View 159

ixs writes "CircleID has an interesting article by David Monosov about Verisign's plans to reintroduce Sitefinder. The article presents the thesis that the Internet engineering community is partly to blame for Verisign's ability to mess with the .com and .net root zones. According to the author we spend too much time with our systems and not enough with politics. The writeup was previously posted to NANOG and received a favorable response from Paul Vixie."
This discussion has been archived. No new comments can be posted.

Verisign's SiteFinder - An Engineer's View

Comments Filter:
  • It's not easy (Score:3, Insightful)

    by superhoe ( 736800 ) on Thursday February 12, 2004 @02:38AM (#8256159) Homepage
    It's not easy for someone sophisticated in technology just 'step into' these politics. These are still big companies, and those who make the decisions just consult geeks if they want to - and believe them - if they want to.
    • Re:It's not easy (Score:1, Interesting)

      by Anonymous Coward
      Much more useful in the event of an unregistered domain (previously registered) would be a link to the domain as it was last known on internetarchive or some other internet backup site.

      Not whatever it is Verisigns dodgey search routines are going to return.
  • ICANN? (Score:5, Interesting)

    by autopr0n ( 534291 ) on Thursday February 12, 2004 @02:40AM (#8256165) Homepage Journal
    ICANN threatened to sue them, and 'revoke' their registry status last time, and they relented. Is there any indication that ICANN intends to do the same thing again? My guess is that Verisign isn't as stupid as SCO and wouldn't go forward with this if they thought they would lose out on what's basically a huge free money engine over this. Have they made a deal with ICANN? Do they think they can win, and own the entire domain system for .COM and .NET, ICANN be damned?

    I mean, if they can get away with this, what's to stop them from doing things like shutting out other registrars, etc?
    • Re:ICANN? (Score:4, Interesting)

      by superhoe ( 736800 ) on Thursday February 12, 2004 @02:42AM (#8256175) Homepage
      I still keep on wondering how much these certain companies like SCO and Verisign will win in the long run (via their corporate image) by introducing this new 'corporate world bully'-type to the general public.
      • Re:ICANN? (Score:3, Insightful)

        I would guess that the vast mobs of AOLers and their ilk have never even heard of Verisign or SCO, nor care particularly. As long as they can fumble their way to whatever site they like, it doesn't matter to them.
      • Re:ICANN? (Score:2, Interesting)

        by mikedsmith ( 751364 )
        Well, IMHO they will lose a lot of respect and good image in some communities (i.e. SCO with the Open Source movement), but in other communities, almost none at all. For example stock traders love it, they earn bucket loads of money from it. The average Joe doesn't care and doesn't know that Verisign is ruining DNS for everyone and making money out of it.

        Unfortunately companies doing bad things, often get noticed only by small pockets of people. If they don't stand up and talk, no one even bats an eyeli
      • I still keep on wondering how much these certain companies like SCO and Verisign will win in the long run (via their corporate image) by introducing this new 'corporate world bully'-type to the general public.

        This is nothing new. Many corporations have been adopting this sort of approach to dealing with various issues throughout time. But we have just started to notice now, because it is in the tech sector (traditionally a fairly ethical bunch), and the media likes to pick up on this kind of stuff more
    • Re:ICANN? (Score:5, Insightful)

      by 1s44c ( 552956 ) on Thursday February 12, 2004 @02:58AM (#8256220)
      I mean, if they can get away with this, what's to stop them from doing things like shutting out other registrars, etc?

      We are. There is only a minor edit to resolv.conf between having a monopoly and having nothing.

      ICANN could be forced to revoke verisigns status if an alternate .com and .net registry was setup and honoured all existing third level domains.
      • Most people would probably want to edit their named.ca hint file, not the resolv.conf.

        I was trying to think of the further ramifications of recommending this change: increased load on the remaining servers (which we can do little about... except maybe by creating a commercial service where we hijack users enquiries and... no wait), increased latency for some users querying some domains, and marginally increased vulnerability to DDoS attacks.

        It brings to mind the famous quote:
        "The Internet interprets ce

    • Re:ICANN? (Score:2, Interesting)

      by qewl ( 671495 )
      Hehe, I think I'm alone, but I liked Sitefinder because it tripled traffic to my site for a while- www.humans.com. So many people were looking for domains with humans and were directed to my page which has nothing even to do with science.. I just wish they would take the ads off.
    • Speaking of SCO, I'd love for them to bring sitefinder up right now, mydoom.a will have a new home.

      Sitefinder will simply become the internet's new blackhole ('cus /dev/null is full).
    • Competition (Score:2, Interesting)

      by wonkavader ( 605434 )
      The problem with Verisign is that they're a monopoly.

      They can hold us over a barrell and all we can do is sue them. We've seen how long lawsuits take. A week of we're-screwed-time is too long.

      While it would take forever to get every incompetant sysadmin to change root DNS servers, the bulk of us could be changed over in days.

      We just need

      A. someone to do it (set up new root servers and maintain them)

      B. a massive insult and pain in the ass like the reinstitution of site-finder to prod sysadmin

  • What? (Score:4, Funny)

    by MarsCtrl ( 255543 ) on Thursday February 12, 2004 @02:41AM (#8256169) Homepage Journal
    According to the author we spend too much time with our systems and not enough with politics.

    What? I don't have to listen to this! I'm going back to my desk!
  • enough time (Score:5, Funny)

    by abhisarda ( 638576 ) on Thursday February 12, 2004 @02:42AM (#8256172) Journal
    According to the author we spend too much time with our systems and not enough with politics.

    Ok. Who watches CPAN here? Time to throw out our congressmen(and women) and take their places on capitol hill.
    And make our congressmen code monkeys. Don't be surprised if you frag down your senator on CS then.
  • by Anonymous Coward on Thursday February 12, 2004 @02:43AM (#8256178)
    The tone of the summary makes it seem like Monosov is advocating leaving Verisign alone and letting them do whatever they want.

    In fact, the article is exactly the opposite and states that we should wrest control of .com,.net, and .org registration from capitalist companies, and give it to a more global entity. Then, use those funds to help the Internet infrastructure further instead of lining the pockets of the already-rich.

  • politics (Score:5, Funny)

    by pizza_milkshake ( 580452 ) on Thursday February 12, 2004 @02:45AM (#8256183)
    the problem with politics is that you need to get political in order to make sure people don't get political
  • On who should be controlling these, the article says:
    ISC [isc.org] (previously mentioned in this context) would indeed be a fine choice as it has proven itself to be reliable and politically independent over time.
    Right, I'm an ignorant user who doesn't pay much attention to this politics stuff. Before I write any letters supporting ISC, what's Slashdot's general oppinion of the group?
    • by 0x0d0a ( 568518 ) on Thursday February 12, 2004 @03:57AM (#8256382) Journal
      I'd also be interested in the opinion of NANOG and of certain USENET groups. They'd probably have at *least* as much weight as Slashdot.
    • by Anonymous Coward on Thursday February 12, 2004 @05:18AM (#8256578)
      Definitely NO on this guy Paul Vixie and ISC if we want transparency and an up front way of running things. This guy has wrapped himself in the flag of RFC's, DNS and "the Internet" but his actions are otherwise:
      This site [dotcomeon.com] is a little conspiratorial, but at the time many of the people in the know agreed that Abovenet and MAPS blackholed ORBS by using dirty tricks little advertising low cost (hop count) routes to ORBS and then blackholing the traffic. See here [google.com] among others.
      He seems fond of making everything two tiered, pay for BIND support, pay for access to the MAPS *BLs now. There was the situation where the patches for BIND were only available to those who paid. This was a huge deal at the time.
      There also seems to be denials of the connections between ISC and the other money making businesses that Paul and his employees are involved with.
      This is not a guy who want to share power and take the opinions of others into account, he and his companies also have a history of attacking overtly (DJB) and covertly (ORBS) people or groups who cross them. They scare me more than a bumbling giant corporation... Paul has companies/domains like Men in Black Hats and New World Order, these guys have very high opinions of themselves. I and many others would never speak out publicly against him, his employees/"volunteers" or companies because of the power they wield and their willingness to exact revenge on people who speak out against them. Those who do speak out are immediately branded as spammers or worse.
      Some Paul quotes:
      I am also getting ready to start work on my company's next commercial product, and it looks like a spam filtering SMTP gateway is going to be it even though I've got this drop-dead idea for optimal HTTP redirects that I've been wanting to implement for about the last 14 months. Oh well, "follow the money."
      Concentration of power into a single individual: It's very true that power has corrupted every individual in whom it has ever been concentrated in the history of mankind. I do not feel that I am necessarily above whatever elements of human nature give rise to that. I worry about it. Probably other people worry about it more than I do.


      There are people whose judgment I trust -- folks that have been in the industry longer than I have or maybe just as long as I have, but have done different things -- where I've learned that when they argue with me, they're usually right. And I have run what I'm doing by these people, and I'll continue to do that whenever I want any change in the way that I approach it. And if I get back some horrified stare that says, `Paul you're going to be the next Hitler; you're going to take over the universe,' I'm pretty much expecting that I'm not going to tell them that their concerns aren't justified. I am as worried about this as I think is healthy, but I'm not willing, once again, to say, `Well, because concentrating power in the hands of one person has always been dangerous, we should not attempt what we're doing.'
      [here, Paul, with more WWII references, refers to the fact that he is willing to block popular ISPs or sites and how it is similar to the way that people were willing to firebomb Dresden (even though the German's thought they wouldn't), as clear a reference to "acceptable collateral damage" as possible without using the phrase] ... I think I've told the story of the firebombing of Dresden to at least a half dozen popular host resource owners in the last two years.
      * [cctec.com]
    • i like Vixie - but mostly from an engineering perspective .. the whole issue is way too political - picture a younger Richard Stallman fighting against a Gates-wanna-be and I think you get the rough picture on the battlelines.

      If these are the choices, I don't think there is a good choice either way .. what you really need is a messiah to organize nanog, strip out the key underpaid engineers from Verisign Registry, and provide a valid and fair compensation model to maintain, grow, and implement the appropri
  • Really? (Score:5, Funny)

    by Anonymous Coward on Thursday February 12, 2004 @02:47AM (#8256189)
    According to the author we spend too much time with our systems and not enough with politics.

    No shit, Sherlock. That's why we're engineers.

    Mike
  • One free metaphor (Score:4, Insightful)

    by autopr0n ( 534291 ) on Thursday February 12, 2004 @02:47AM (#8256191) Homepage Journal
    People often use metaphors to describe things like this, which sometimes bugs me because people then get into arguments about the metaphor, which is totally pointless. We are all smart enough to discuss this directly, I should hope.

    In any event, I did think of one, and I thought I'd share it with y'all because I have nothing better to do.

    It would be like the government contracting out road work to a private company, and then having that company put huge advertising over the signs, or printed right on the road. And then having the CEO going out and saying "It's time someone started making money off infrastructure." When in fact what they are doing is making things worse for everyone else to benefit themselves, and doing it with something that they have only by coincidence, rather then any real work.
    • To extend the stupid analogy =)
      It's more like they diverted the road by several hundred feet every couple of miles to bring it closer to property they own, thus lowering the effectiveness of the road to line their own pockets and causing the majority of users of the road unnecessarily long commutes to get to their destination.
  • by Capt'n Hector ( 650760 ) on Thursday February 12, 2004 @02:47AM (#8256192)
    What Verisign doesn't understand is that the public will put up with it's monopoly if we can use the internet day to day without seeing the verisign logo. This company has somehow cheated the system to become the overlord of the internet. As long as everyday consumers aren't aware where their meat comes from, they'll eat it. But if the harsh truth faced them every day, nobody would touch a big mac. In the same way, Verisign can get away with it's monopoly because nobody cares where the internet comes from. I hope sitefinder changes this. Let sitefinder be the 21st century "The Jungle."
    • by Clinoti ( 696723 ) on Thursday February 12, 2004 @02:59AM (#8256221)
      No, what Verisign does understand is (sorry) the Microsoft model of monopoly, where a broad presence pillows the muffled cries of an infant industry. (I digress, I know the age of the net.)

      What Verisign will learn is that the kid has already gone outside into the world and cannot be kept under thumb.

      Also, does anyone remember, speak of the devil, Microsoft's viewpoint on this? They essentially do the same thing on the lower level with default browsers for their search engine. Any insight?

      • by Pxtl ( 151020 ) on Thursday February 12, 2004 @03:04AM (#8256244) Homepage
        Actually, I think Microsoft's feature is much more amicable. After all, any other browser could do the same - hell, the moz project could raise funds by makign the default search engine and the host-not-found search engine a contract to the highest bidder. Not that we'd like that, but they could.

        The big thing is that the MS search-integration features don't break anything. They might interfere with their users seeing certain errors, but nothing's busted. SiteFinder breaks shite left right and center.
        • by G. W. Bush Junior ( 606245 ) on Thursday February 12, 2004 @03:23AM (#8256298) Journal
          hell, the moz project could raise funds by makign the default search engine and the host-not-found search engine a contract to the highest bidder. Not that we'd like that, but they could.

          You said it yourself...
          If people didn't like it the moz project would fork, so in reallity they can't.

          That's the nice thing about it...
        • More than that, IE is configurable - Tools, Internet Options, Advanced, "Do not search from the address bar" (IE 6, similar in other versions). Bingo - no more searching. Also, registry hacks allow you to change the search engine used.

          What Verisign is doing is *not* end-user configurable, and as you say messes up a whole lot more than just typoing web site addresses.
      • by steve_l ( 109732 ) on Thursday February 12, 2004 @06:22AM (#8256746) Homepage
        I wrote an article on this not so long ago, The impact of sitefinder on Web Services [xml.com].

        All verisign are trying to do is steal the revenue that MS get with their 90+ share of the browser world. But MS wont like, and will come up with a workaround, like a 'critical' IE patch.

        but in the meantime, everyone whose app uses DNS suffers, not just web browsers. Web Services -programs hitting servers for their own posts and gets- really suffer, because any configuration failure now results in really obscure messages (bad mime type), (307: not supported), instead of ones that users are vaguely familiar with ('not found), and that makes diagnostics and support worse. Once people start patching their DNS, a lot worse, as replication gets harder.

        That is what irritates me: Verisign are screwing up every network application other than a web browser to get advertising $.
    • As long as everyday consumers aren't aware where their meat comes from, they'll eat it. But if the harsh truth faced them every day, nobody would touch a big mac.

      If you've ever lived on a farm, you get used to it very quickly. It isn't a petting zoo.

  • A Solution (Score:5, Insightful)

    by 1s44c ( 552956 ) on Thursday February 12, 2004 @02:48AM (#8256193)
    Verisign put a DNS wildcard in to sell their search service and generally piss off the world.

    We put in a bind patch to prevent DNS wildcarding on top level domains.

    We don't need to play brain-dead political games with these losers. It's our internet, not theirs. We have the right to totally ignore any and all of ICANN's setup and use our own DNS servers without notice and without asking for their permission.

    • Re:A Solution (Score:2, Interesting)

      by Anonymous Coward
      How about it, folks? Shall we set up some high-quality donation-supported DNS servers and ignore everyone else? OpenNIC seems to be doing pretty well with a half-assed setup. If enough people got exceiting about this, it could entirely replace the existing infrastructure. It seems like a moderate redesign of the DNS system should happen first, though, to prevent future abuses like this.

      I'd pay $10/year for good no-nonsense DNS service, and I think I could talk my company into $10/year/workstation if there
      • Re:A Solution (Score:2, Insightful)

        by 1s44c ( 552956 )
        We could redesign it, but we dont need to.
        The existing problems are caused by who is running the technology, not the technology itself.

        It's all ready to go, All we need is a few zone transfers and a few huge servers with insane bandwidth. And I guess a few people to keep the thing updated.

      • Re:A Solution (Score:3, Interesting)

        by j-pimp ( 177072 )
        I'd pay $10/year for good no-nonsense DNS service, and I think I could talk my company into $10/year/workstation if there was a good public image for it. Being the current DNS service is run on the registration fees of domain name owners, why would you need $10 a year from ever workstation on the internet. Also, how does one regulate this? By IP address? You can do some NAT Voodo and make a whole class A's DNS queries appear to be coming from one IP. Auctually, if you had a DNS server on your network that w
    • Re:A Solution (Score:5, Insightful)

      by burns210 ( 572621 ) <maburns@gmail.com> on Thursday February 12, 2004 @03:37AM (#8256329) Homepage Journal
      there was mention of creating a .alt TLD... Now i am of the personal belief that an owner of a .com should prove they are a for-profit company, a .org a nonprofit organization, etc. could we create a .alt where things are independent of verisign? By not giving them ownership over the TLD, we don't give them power.... Maybe an open source-run TLD?

      Or better yet, a decetralized, p2p like DNS. one where there aren't A-M servers, but just peers with their DNS caches. It would become what the internet was meant for: a network of computer systems that can communicate with one another even after a significant portion of them are taken offline(due to attack or otherwise).
      • How do you prevent cache poisoning? The system you propose would have to work something like BitTorrent. How do you determine who's authoritative? With BitTorrent, no one is "authoritative" on a single torrent. There still has to be a trusted "seed" (the root servers). DNS has to remain centralized in SOME sense in order to work. It is already largely decentralized in the sense that you can use any ISPs nameservers and get the same generally reliable data.
        • Cryptographic public keys could take the place of authoritative NS entries for a zone, and sign all keys within said zone. Only problem is if some host consistently responds with an old but valid entry long after it should have been replaced.
      • Re:A Solution (Score:1, Informative)

        by Anonymous Coward
        You mean like http://www.opennic.unrated.net or http://www.open-rsc.org?
    • by 0x0d0a ( 568518 ) on Thursday February 12, 2004 @03:51AM (#8256371) Journal
      We don't need to play brain-dead political games with these losers. It's our internet, not theirs. We have the right to totally ignore any and all of ICANN's setup and use our own DNS servers without notice and without asking for their permission.

      While a shift is not as trivial as you make it, I do agree with on major point.

      Paul Vixie has been running around trying to ensure that nobody acts "immaturely" or engages in name-calling with Verisign. He's desperate to be taken seriously.

      That's ridiculous. Verisign, not the engineers criticising them, is the side lacking respectability. The engineers run and design the networks and control the systems that Verisign uses. Verisign is a comparatively tiny collection of a few people who have buddies in politics, scientists, and engineers.

      Nobody should feel constrained in their online conversation for fear of "sounding respectable". The engineers who run the networks need prove nothing. They are running things. The only organization that has to worry about image at all is Verisign, which must seem at least impartial and benevolent enough to keep ICANN from axing their monopoly, which could be done.

      Verisign was granted a special, unique opportunity to get money for doing almost no work (some bandwidth and adding an entry to a database). Yes, they *can* be expected not to play hardball, as would be accepted in a general business arena, as they are not operating as a regular business. They have a monopoly that was granted to them that they do very well off of. If they want to continuously test their limits and see how much additional money they can soak people for, ICANN and other engineers are under no requirement to keep granting Verisign the right to continue making vast amounts of money for almost no effort.

      Verisign has clearly indicated that it is not currently willing to operate a public trust in good faith. They have continued to spout what most engineers consider to be bullshit, and have ignored frusterated feedback. Unfortunately, we have only one remedy, aside from formal complaints from ICANN (which have already been tried), and that is threats against and ultimately termination of Verisign's special privileges. Doing so will mean work for a lot of systems around the world, temporary service interruptions, bad blood at Verisign (and with political buddies of Verisign) and the risk that nobody else will be willing to step up after Verisign (given that their role might be terminated). Verisign is gambling that the Internet's collection of network engineers do not have the balls to actually terminate their role with a certain amount of bad behavior on their part. I am increasingly wanting to see Verisign's gamble proven wrong.

      Shifting to OpenNIC or similar has its own set of problems -- can the same level of service be provided? What happens when an name schisms start appearing?

      However, it may be better to be safe than sorry. Every day, Verisign makes it harder and harder to extricate them from a position where they can feed on vast amounts of technology money. This is acceptable, as long as they operate in good faith, which they have not done. Verisign's management has tried deceptive renewal forms sent to Verisign competitors. They have tried mucking about with fundamental components of the Internet. They may not be at a point where they must immediately be replaced, but I think that they are at a point where they must be made to modify their behavor or be terminated.
      • You think it will be hard to find a replacement? Heck, I will do it. I do not mind getting rich for doing next to nothing. In all Seriousness, maybe someone can back me up on this, but I believe that Verisign does not even own the servers, they are supplied by the US government which owned them first. I could be wrong, but I believe I heard that from a reliable source.
        • Not true. It could be that back in the DAY the US gov gave Verisign some servers to use, to get them started. But since then, verisign has upgraded immensely. They run their own software systems, server hardware, the whole thing. As they should, really. In fact, from a technical perspective, verisign is doing a good job (the .com domain has always worked). It's their political decisions that are causing grief.
  • Should slashdot march on Washington DC?
  • by BitwizeGHC ( 145393 ) on Thursday February 12, 2004 @02:54AM (#8256212) Homepage
    Countries and corporations are both run by people whose primary job is politics. It is extremely difficult to go up against these people without becoming one of them.

    Not many engineers want to become politicians, even if it means fighting for something they value. They want to do their job, which is designing stuff.
  • by Anonymous Coward on Thursday February 12, 2004 @02:54AM (#8256213)
    Postel's priorities:
    http://web.archive.org/web/20000818212505/www.iiia .org/lists/newdom/current/0233.html [archive.org]

    "There will be up to one-hundred-fifty (150) new iTLDs allocated to as many as fifty (50) new registries, with no more than one half (1/2) in the same country, created in 1996, and chartered to operate for up to five years.":
    http://web.archive.org/web/20000818221119/www.iiia .org/lists/newdom/current/0518.html [archive.org]

    Tell me what was wrong with this again?

  • by joelparker ( 586428 ) <joel@school.net> on Thursday February 12, 2004 @03:04AM (#8256241) Homepage
    There's an interesting proposal & implementation
    for a distributed decentralized DNS using JXTA,
    which is the Java peer-to-peer framework.

    The basic idea is to trust your peers,
    rather than the centralized system now.

    Of course that raises all kinds of questions;
    still it's compelling to consider the approach.

    The O'Reilly introduction is HERE [onjava.com]

    Cheers, Joel

    • I have yet to see a peer-to-peer framework that solves one problem, though:

      Spam bad. What happens when the spammers stop selling email and start selling hits to websites? ie, they set up hundreds of computers which report DNS entries back incorrectly, so that maybe www.linux.org goes to www.someotherplace.com. Then there is the issue of all of the zombie viruses, instead of opening relays they could instead edit DNS listings on computers they infected that were responding to peer-to-peer requests.

      The curr
      • Maybe we should give management of those TLDs back to Network Solutions...

        Verisign swallowed Network Solutions whole four years ago, so Verisign is Network Solutions. This is the same bunch of crackheads that fought the idea of competing registrars. TLD management needs to be managed by a big, wasteful, government funded and/or non-profit entity. I can stand a little inefficiency when it's not a big fat corporate monopoly doing it.

  • by Willbur ( 196916 ) on Thursday February 12, 2004 @03:34AM (#8256320) Homepage
    Just throwing out an idea... There has been a lot of talk about whose laws should apply in cyberspace. One thought is that maybe it should be made explicit whose laws are applying by making the country explicit in the domain name. Ditch all .com, .org, .net, etc domains and just keep the country top level domains.

    As an ease of use measure you could make .com redirect to .com.us in the US, .com.au in Australia, etc. Those names would only be useful as shorthand for people to type and would be deprecated as published URLs (because they would no longer mean the same thing everywhere).

    When I access a .us site from Canada, the same laws apply as if I poked a stick over the border while standing in Canada.

    Moreover, it removes the problem of VeriSign playing with the TLDs (at least for the rest of the world, I don't know who administers .us).

    Pity it'll never happen.
    • Many multinational organizations and companies wouldn't be happy to be forced to use ccTLDs. Heck, even some individuals would be upset, because they see themselves as world citizens, rather than belonging to a country (and I'm not even talking about people with multiple nationalities). Forcing ccTLDs as IMHO a Bad Thing(tm).

    • Almost all of the non-ISO country-code TLDs are country-specific. They are simply legacy from when the United States was the only player involved. .com is US commercial, .mil US military, .gov US government, and .net US network provider. (AFAIK, the only non-US non-ISO TLDs are the recent additions, like .int and .info). The TLDs have been abused (thanks in no small part to money-hungry registrars like Verisign, which encouraged you to abuse the TLD system -- "add foo.org and foo.net to your foo.com regi
    • This is going in the wrong direction. Currently, "cyberspace" is, at least in concept, a locationless realm that transcends national borders. By relabeling all sites by country code, the whole notion that what kind of organization you have is more important than where you have it would be lost. Reducing cyberspace to a loose confederation of balkanized nation-states would be a step away from worldwide egalite, fraternite, and, yes, liberte.

      It's a little like parceling up Antarctica or the moon merely fo
  • ...then my first goal would be to abandon money. :-)

    All this mess is caused by people that try to maximize their profit. Just imagine a world without money, nobody would need to send spam mails because there is no profit to make. Ok, sorry, was just kdding.

    But I hope you see the point. I guess the price we have to pay for globalisation and outsourcing important infrastructure things from governments to private companies is that those things might get abused by morons that want to get a maximum profit.

    B

  • by The Famous Brett Wat ( 12688 ) on Thursday February 12, 2004 @03:39AM (#8256337) Homepage Journal
    The suggestion that the generic TLDs should be administered by a non-profit organisation (with international representation, I would add) is entirely reasonable and seems like the Right Answer. The point that David Monosov seems to have missed, however, is that politics doesn't work on the basis of finding the Right Answer and applying it. If politics were like that, it would be a branch of engineering. The actual process of placing the management of the GTLDs under the control of an appropriate organisation would involve a reduction in control for those presently in charge, including the government of the USA. This is a showstopper of a problem, and it doesn't rank a mention in Monosov's analysis.

    Putting it simply, I think the present organisation works this way: people with power (government) and people with money (corporation) get together so that some of the power can be used to generate more money. The corporation is happy because of easy money; the government can use the threat of taking the money away to influence the behaviour of the corporation, which is happy to appease its master so long as the money is there. Both parties are happy. Everyone else doesn't really figure in on the equation unless the corporation does something to rile the general public, at which point the government may be obliged to take steps which make it look like it's doing its job.

    Suppose the government delegates control of the GTLDs to a non-profit organisation which has a mandate to ensure the smooth operation of DNS infrastructure, and can be relied upon to do a good job of that. What's in it for the government? They can't easily coerce the organisation into doing things in a manner which leaves them in control (governments thrive on control), since there's no greed to manipulate. Further, no filthy lucre means no pork for the politicians to direct back to their electorate. What's in it for the politicians?

    How do you sell a politician on an idea when the best you can come up with is, "this is obviously the Right Thing to do." What you really need is a P.R. headline which emphasises how it's good for employment, or the economy, or security, or will save the children, and a subtle undergirding of, "this will make you (politicians) more powerful and/or popular and/or provide economic benefits to your constituents."

    So what we need is some very creative P.R. spin, and I'm not very talented at it. Any suggestions?

    • by humankind ( 704050 ) on Thursday February 12, 2004 @03:48AM (#8256363) Journal
      The suggestion that the generic TLDs should be administered by a non-profit organisation (with international representation, I would add) is entirely reasonable and seems like the Right Answer.

      In theory it sounds good. However, in practice, I can't say I've ever come across a well-organized non-profit that wasn't constantly having to sacrifice its ideals to stay afloat, or wasn't teeming with epic ego-battles among the people involved.

      I hate to admit it, but I think government agencies are traditionally better run and organized than the vast majority of non-profits.
  • it goes both ways (Score:5, Insightful)

    by humankind ( 704050 ) on Thursday February 12, 2004 @03:44AM (#8256354) Journal
    I agree that the tech community has traditionally been averse to playing politics, and this is evidenced in many areas. Nowhere is this more poignant than in the issue of SPAM, which is now more of a political than a technical issue. The tech community needs to form a hardcore lobbying group to force the Federal Authorities to do their job and prioritize the prosecution of spammers and other groups who are stealing, breaking into and destroying resources. The ineffectiveness of anti-spam efforts nowadays is the perfect testimonial to the much-needed aggressive politicking the tech community needs to do to solve this problem.

    On the other hand, the business community is also being too political and not technical enough. Tens, perhaps hundreds of thousands of businesses do not have secure networks and related policies and 99% of the larger operations are not fully-exploiting the technology available to them.

    Likewise, the mainstream business community is excessively political and seems to have had the common sense, as well as technical insight, sucked out of a majority of their business models. The whole "dot bomb" implosion was the result of too many companies relying exclusively on hype and politics to drive their business model.

    While the tech community can stand to be more political, I think the mainstream business community even more desperately needs to get technical.
    • by LL ( 20038 )
      >While the tech community can stand to be more
      >political, I think the mainstream business
      >community even more desperately needs to get
      >technical.

      There's a nice commentary on how it is difficult to separate social from technical concerns. [link] [shirky.com]. Perhaps that should be extended to the economic space as well.

      What Verisign is trying to do is simple, enclose the entire DNS space. One solution in rejecting their governance is to support alternative domains ([AlterNIC] [wired.com]) but in some ways thi

  • by zeruch ( 547271 )
    ...this article is stating somethi8ng that isn't a new concept, but certainly one that needs to be paid more attention to.

    Geeks in general have been absent from the political process, or at best mediocre at bitching in online fora and sending boilerplate emails as if having your meager feeling of involvement is somehow truly the best use of your collective intellect. A handwritten letter is usually worth 1000 emails (that is a comparison I have heard enough times to conbsider it fairly valid).

    The peopl
  • by SEE ( 7681 ) on Thursday February 12, 2004 @04:37AM (#8256456) Homepage
    A non-profit organization was set up to run Internet name assignments, with international participation, representation of major infrastructure players, and even a nascent direct interested-person representation system.

    It was called the Internet Corporation for Assigned Names and Numbers, and it's the organization that went ahead and so solidly entrenched VeriSign in the first place.

    Merely passing along control to another NGO is not, in itself, a solution; there is no reason to expect it won't be politicized and turned into another ICANN.
  • Veri-lame (Score:4, Interesting)

    by Anonymous Coward on Thursday February 12, 2004 @04:49AM (#8256473)
    Well now, if we are going to have urls and dns, we need someone to sit on the database of who has what assigned to where.

    meet Verisign...

    Ok, so we are sitting on the afforementioned database with the required info for the internet presence for millions if not billions of people,
    what shall we do?

    I know, lets break it all and try to break into the search engine business! Every page anyone looks for on a domain that no longer exists will be our domain!

    All your leftovers are belong to verisign! ......

    Now to me this just seems like an abuse of power by the people who look after the database for us.
    (veri-lame)

    If they had mentioned that they would do this in the future then i'm most likely we wouldn't have picked verisign to look after our data, or we would have made sure they couldn't use it as a gun to our heads further down the road.

    If they were going to break all the RFC's and the like, again, we would have put blocks in place.

    but instead they are free to claim they own every domain that was ever that doesn't have a paying owner right now. Not that verisign are paying to squat on that domain mind, they just control the database.

    so i say again

    All your leftovers are belong to verisign!

    Who do they think they are? I don't want to use their substandard search engine anyway.

    much more useful would be a link to the domain as it was last known on internet archive or some other internet backup site. Not whatever it is verisigns ill thought out search routines are going to return.
  • Where's the Beef? (Score:3, Insightful)

    by i)ave ( 716746 ) on Thursday February 12, 2004 @04:57AM (#8256499)

    I'd just like to ask, "where's the beef in this article?". To my eyes, it reads like a general complaint on life in general. Should he have titled this article, "My rant" ? There's nothing, I repeat, NO THING, in this article that wasn't already said, more eloquantly, in yesterday's slashdot article: What the Internet Isn't"
    1. http://www.worldofends.com/
  • by werdna ( 39029 ) on Thursday February 12, 2004 @07:16AM (#8256879) Journal
    If Varisign can tinker with DNS responses provided by their DNS, why can't every other downstream DNS server act in kind, when forwarding a query, taking the ersatz advertising responses from Varisign and substituting their own advertising website, or better yet, substitute the responsible "usual" behavior?

    Indeed, if Varisign does this, wouldn's such a response be inevitable, for good and for ill?

    What I will be most amused by when that happens are the frivolous lawsuits Varisign will raise when that happens.
  • by Flyboy Connor ( 741764 ) on Thursday February 12, 2004 @07:49AM (#8257003)
    It happens all the time, every time.

    Engineer has an idea. Engineer implements the idea. Engineer is happy. Engineer's peers are happy. Non-engineer picks it up and uses it to get a lot of money, tarnishing the original idea in the process. All engineers are outraged.

    The article states that engineers should be more aware of politics. That's bull.

    An engineer that takes politics into account will accomplish nothing, because he is battling windmills. Trying to protect your inventions against corporate meddling is impossible. The problem is that those who invent simply do not have the power to enforce the "right" use of their invention. Being aware that that power lies with people who are mainly interested in squeezing money out of ideas will only make you despressed.

    And there are reasons that this is the way it is. The two main ones are (1) the innovators are the grease-monkeys of the corporate and political worlds; and (2) the fact that innovations can generate money is the catalyst that allows engineers to innovate.

    These two reasons lead to three possible solutions for the described situation.

    Solution 1: More engineers become politicians, thereby gaining influence on law-making and getting the ability to bend the laws to idealistic purposes. Unfortunately, engineers (just as scientists and artists) do not want to be politicians. It's a frustrating job, especially if you are idealistic. If someone is only interested in money and power, it can be a fulfilling job, but I don't expect idealistic law-making from such a person.

    Solution 2: Engineers refuse to work for corporations and develop their ideas for themselves. Unfortunately, this will mean that they do not have the funding to work on their interesting ideas, and even if they succeed, a big corporation will notice them and run away with them.

    Solution 3: Engineers do not create inventions that can be or need to be exploited for money. Translated: Engineers won't innovate at all.

    Conclusion: All three solutions won't work in practice. Since that is a depressing thought, perhaps you better not read this comment.

    Too late.

    • That was brilliantly written -- the prose and the logic were good.

      Of course, since I'm responding, I don't think that the logic is perfect. :-) Not all politicians are purely greed-motivated. You just need to get someone in place that is willing to do something that may make a bit less money for them but that is a Good Thing. Sure, maybe just about every politician makes a money-driven decision every now and then, but I suspect that for most politicians, not every decision is money-driven.

      This is how a
      • I'd like to see a couple of governmental technology advisory boards that consist *entirely* of PhDs from universities -- people that are *not* ex-CEOs and are less likely to have old business buddies that they're willing to do favors for.

        Do you really believe there ISN'T a comparable Old Boys network in academia? Dollar bills are not the only form of currency.
  • Slightly off topic, but still relevant; what immunizes Verisign to trademark lawsuits if they do this? I've just checked, and my employer has only registered one of three obvious variants on their trademark (which includes the word "and"). If Verisign's service redirects traffic from one obvious variant to a competitor's site, surely they are in breach of my employer's registered trademark?

    Since Verisign receive a payment for each registered .com domain, they can't argue that my employer should register al

    • by 0x0d0a ( 568518 )
      There is only trademark infringement if the usage is likely to cause confusion. Generally, the usage needs to be within the same industry or product category. It is unlikely that people will confuse SiteFinder with your site. Simply having a database that takes in a trademarked keyword and returns results related to that keyword is legitimate -- even if some of the result refer to competitors.
      • Re:Trademark issues? (Score:2, Informative)

        by ffnord ( 750389 )
        Simply having a database that takes in a trademarked keyword and returns results related to that keyword is legitimate -- even if some of the result refer to competitors.

        Depends what you mean by legitimate. Various search engines, including Google, have gotten into hot water over serving up paid sponsor links to competitors of a given trademarked search term. Dunno if any actually reached the legal arena, the search engines normally cease and desist. And let us not forget the brouhaha over MicroSoft's Smar

      • There is only trademark infringement if the usage is likely to cause confusion.

        The confusion will arise when SiteFinder gets ads.

  • by hqm ( 49964 ) on Thursday February 12, 2004 @09:42AM (#8257720)
    Stratton Sclavos, the CEO of Verisign, must be Darl McBride's secret twin brother, because he is using exactly the same lies, FUD, and ad-hominem attacks against the Internet technical community as SCO is using against the free software community.

    There is an interview with Stratton Sclavos,CEO of Verisign, at http://news.com.com/2008-7347-5092590.html

    Here are some highlights of the Q&A which particularly make my blood boil. This guy is both doing a smear campaign against the opposition to SiteFinder, and either has such a warped understanding
    of how Internet protocols are developed and operate that he is incompetent to be in charge of the root DNS for .com
    , or else he is a cynical liar. I believe the latter is the more likely. His comments about a "cultural divide" are true, but not
    in the way he intends. The cultural divide is between the fair, decent, ethical, and technically responsible people and
    the people such as himself.

    *
    *

    *After a couple of weeks on the hot seat, VeriSign CEO Stratton
    Sclavos is turning up the fire on his company's severest critics.*

    *The Site Finder controversy /You temporarily suspended Site Finder in reaction to widespread
    criticism. What's the next step? /*

    The reason Site Finder became such a lightening rod is that it goes
    to the question of are we going to be in a position to do innovation
    on this infrastructure or are we going to be locked into obsolete
    thinking that the DNS was never intended to do anything other than
    what it was originally supposed to do?

    Still, a lot of people in the Internet community were quite
    surprised by Site Finder--and then you had complaints surfacing that
    it was not complying to approved standards.
    Let's break the argument down: The claim that Site Finder was
    nonstandard and that we should have informed the community we were
    doing something nonstandard--excuse me: Site Finder is completely
    standards-compliant to standards that have been out and published by
    the IETF (Internet Engineering Task Force) for years. That's just a
    misnomer. The IAB (Internet Architecture Board) in its review of
    Site Finder said the very same thing--that VeriSign was adhering to
    standards.

    What we're seeing are predetermined opinions masquerading as
    processes where the outcome is predetermined.
    The second claim, that we brought it out without testing--Site
    Finder had been operational since March or April and we had been
    testing it with individual companies and with the DNS traffic at
    large. Ninety-nine percent of the traffic is pure HTTP, and so it
    handles it the way it should. Just so you know, our customer service
    lines went from 800 or 900 calls on the first day to almost zero
    right now. Every customer who had a Site Finder issue, the
    remediation took less than 12 hours. ...
    *You temporarily suspended Site Finder in reaction to widespread
    criticism. What's the next step? *
    The reason Site Finder became such a lightening rod is that it goes
    to the question: Are we going to be in a position to do innovation
    on this infrastructure, or are we going to be locked into obsolete
    thinking that the DNS was never intended to do anything other than
    what it was originally supposed to do?
    *
    You're hinting at a cultural divide? *
    I think that there is. I don't think it's an intentional divide, but
    it's drifting apart of the day-to-day usage from the folks who did
    great steward's work in the early days and were asked to define all
    the standards to make it work.

    *And those are the people who still dominate the standards bodies? *
    They're speaking out of both sides of their mouth right now. It's
    not OK to say standards are important, un
  • Perhaps Verisign should sit down and read the "World of Ends [worldofends.com]". Especially the parts about The Internet is stupid, Adding value to the Internet lowers its value, and All the Internet's value grows on its edges.

Any sufficiently advanced technology is indistinguishable from magic. -- Arthur C. Clarke

Working...