VARs Blast VeriSign Domain Search Move

On Sept. 15, VeriSign, which controls the popular .com and .net domain names, set up a service that sends Web surfers who mistype Web site names to VeriSign's own Site Finder search service.

Before VeriSign's move, a user mistyping a .com or .net URL would not get a response and users would re-type their search. Now they automatically get routed to a VeriSign site from which they can seek out the correct destination but are subjected to VeriSign's advertising in the process.

Solution providers maintain that what VeriSign has done not only "steals" users from legitimate search and portal sites, but breaks existing spam filters and other infrastructure at client sites.

The fact that VeriSign directs them to a legitimate, albeit controversial site, means that VeriSign returns an IP address for its server, so that the requested bogus domain name appears to be legitimate. That has huge ramifications for spam filters trained to screen out mail from fake domain suffixes.

Site Finder immediately had critics howling that VeriSign had abdicated its responsibility to be a neutral arbiter and registry of domain names in return for ad revenue.

"In my opinion, they are stealing--and that's not too strong a word--visitors from legitimate search engine [and portal] companies," said Brian Bergin, president of Terabyte Computers, a network consultancy in Boone, N.C.

Even the Internet Corporation for Assigned Names and Numbers (ICANN), which contracted out the domain name work to VeriSign, was perplexed. Yesterday, ICANN said on its Web site that VeriSign's "change appears to have considerably weakened the stability of the Internet, introduced ambiguous and inaccurate responses in the DNS and has caused an escalating reaction of measures and countermeasures that contribute to further instability." (Click here for ICANN statement.)

Critics maintain that VeriSign's duties, which call for it to maintain the popular domains, make it a monopoly sanctioned by the U.S. Department of Commerce. As such, they insist, it should be held to higher standards than publicly held profit-making enterprises. They charge that Site Finder is an attempt by VeriSign to enrich its coffers at the expense of Web site operators such as Microsoft and America Online.

Site Finder's launch touched off a flurry of moves last week. On Thursday, The Internet Software Consortium, the nonprofit organization that develops BIND software for Internet domain name directories, wrote a patch that ISPs and others could use to block customers from Site Finder.

One of those operators, Popular Enterprises, which owns the Netster.com search engine, launched a $100 million lawsuit against VeriSign alleging antitrust violations and unfair competition. The suit was filed in U.S. District Court in Florida.

On Friday, ICANN asked VeriSign to "voluntarily suspend" the service until its impact could be reviewed by ICANN's Security and Stability Advisory Committee and the Internet Architect Board.

VeriSign refused. In a letter posted to ICANN's Web page, Russell Lewis, executive vice president of VeriSign's Naming and Directory Services, said stopping the service would be "premature." Lewis insisted that Site Finder is a service that benefits the community by providing better Web navigation.

By that time, many solution providers supporting customers had already dealt with fallout from VeriSign's move, which wreaked havoc with spam filters and other technologies.

In the past, many filters simply blocked mail coming from unrecognized domain names. But VeriSign's move redirects pings to their own legitimate site, so spam messages are getting through. Bergin cited one particular "well-designed" spam from an alleged msdn.com domain name that would normally have been rejected. It was now getting delivered and included fraudulent claims about Microsoft security patches.

VeriSign has managed to "remove the ability for default search options to work in IE and other browsers [and] hunt down DNS issues," Bergin said.

On Tuesday afternoon, the Public Interest Registry, which maintains the .org domain, added its take, urging ICANN to take whatever "remedial action" is necessary to remove all DNS wild card systems, including Site Finder.

Microsoft and Google, which operate some of the largest portal sites on the Internet and presumably are hugely affected by this move, did not return calls for comment.