VeriSign holds firm on 404 scrap

VeriSign said on Monday that it would not abandon its decision to point unassigned domain names at its website, but representatives did say the company would form a technical committee later this week to look into the problems caused by the change.

During the last week, criticism has steadily grown over VeriSign's SiteFinder service, which has caused problems for network administrators and confused spam-blocking utilities. A number of internet standards bodies and administrative groups have asked the company - which enjoys a government-granted monopoly over the .com and .net registry - to stop, and a second lawsuit seeking an injunction against the practice was filed on Monday.

On Monday, VeriSign spokesman Tom Galvin said SiteFinder would remain in place because "we think the technical review committee is the appropriate mechanism before making any long-term decisions about the service." The committee members who will be chosen by VeriSign and will report to the company will be announced later this week, Galvin said.

VeriSign Vice President Russell Lewis said in a Sunday letter to the internet Corporation for Assigned Names and Numbers (Icann): "All indications are that users, important members of the internet community we all serve, are benefiting from the improved web navigation offered by Site Finder. These results are consistent with the findings from the extensive research we performed."

Icann is the nonprofit organization that oversees internet domain names. On Friday, the group asked VeriSign to pull the plug on its 'wildcard' redirection service.

Since then, Icann's Security and Stability Advisory Committee has published a more-detailed critique of the technical problems caused by VeriSign's move. The committee - which includes a VeriSign representative - said it would hold a public meeting in the Washington DC, area on 7 October and has asked for feedback to be sent to secsac-comments@icann.org.

"VeriSign's change appears to have considerably weakened the stability of the internet, introduced ambiguous and inaccurate responses in the [Domain Name System], and has caused an escalating chain reaction of measures and countermeasures that contribute to further instability," the committee's critique said. "VeriSign's change has substantially interfered with some number of existing services which depend on the accurate, stable, and reliable operation of the domain name system."

VeriSign's new policy is intended to generate more advertising revenue from additional visitors to its network of websites. But the change has had the side effect of rewiring a portion of the internet that software designers always had expected to behave a certain way. That can snarl antispam mechanisms that check to see if the sender's domain exists, complicate the analysis of network problems and possibly even pollute search engine results. Because VeriSign will become a central destination for mistyped email and web traffic, its move also raises serious privacy questions.

On Monday, domain name registrar Go Daddy Software filed a lawsuit in federal district court in Arizona seeking to halt the SiteFinder redirection. Bob Parsons, president of Go Daddy, said in a statement: "VeriSign has hijacked this entire process. When the user is sent to VeriSign's advertising page, VeriSign gets paid by the advertiser when the user clicks a link to get off the page, to the tune of $150m annually, as estimated by VeriSign."

It appears to be the second lawsuit filed in response to VeriSign's move. Popular Enterprises, the parent company of search provider Netster.com, sued VeriSign over the SiteFinder redirection last week, alleging antitrust violations, unfair competition and violations of the Deceptive and Unfair Trade Practices Act.

Also in response to VeriSign's move, the well-respected Internet Architecture Board published on Saturday a document titled 'Architectural Concerns on the use of DNS Wildcards', referring to the domain name system. It says the danger of "wildcard records is that they interact poorly with any use of the DNS that depends on 'no such name' responses."

Declan McCullagh writes for CNET News.com