Verisign hijacked unused .COM and .NET domains

Discussion in 'Linux Networking' started by Jem Berkes, Sep 16, 2003.

  1. ICAN can take a cctld out of the root, and has. I'd say that's a pretty
    good sign of control.

    As for practical matters, there is a staelmate between ICANN and the cctlds
    ICANN is extremely retiscent to do anyting with or to them for fear they'll
    all walk and deploy their own root servers at which point ICANN
    monopoly power is diminished.

    ICANN has asked all cctlds to pay them, some do, some don't. It's a real
    neat Mexican standoff. Peter Dengate Thrush is the guy you want to
    talk to about this.
     
    Richard J. Sexton, Sep 18, 2003
    #21
    1. Advertisements

  2. Jem Berkes

    Mark Crispin Guest

    Just where were you?

    I didn't see you show up until sometime in the 90s.

    I've been involved with the network since 1973. I was one of the people
    on the panel that created the DNS.

    -- Mark --

    http://staff.washington.edu/mrc
    Science does not emerge from voting, party politics, or public debate.
    Si vis pacem, para bellum.
     
    Mark Crispin, Sep 18, 2003
    #22
    1. Advertisements

  3. Jem Berkes

    Mark Crispin Guest

    Non-sequitor.

    The fact is that the NIC functions were handled very well by Jake Feinler
    and her group at SRI. The fact is that the NIC functions were taken away
    by putting it up for bid. There was no need to do that, and the NIC was
    run incompetantly for years afterwards because the low bidder didn't have
    a clue as to how to do it.

    I trust you boys in the "alternate TLD" movement about as much as I trust
    Sharon and Arafat to make peace. You'd be just as bad as Verisign if you
    had the power. Probably worse.

    -- Mark --

    http://staff.washington.edu/mrc
    Science does not emerge from voting, party politics, or public debate.
    Si vis pacem, para bellum.
     
    Mark Crispin, Sep 18, 2003
    #23
  4. Jem Berkes

    Mark Crispin Guest

    You have *willingly* done business with them?

    That is, choose to do business with Verisign/Network Solutions even though
    there were alternatives which matched the criteria of viability,
    affordability, reliability, and trustworthiness?

    Well, I guess that there is one exception in the world. There's always
    someone who likes it.

    For the rest of us, dealing with Verisign/Network Solutions is like
    undergoing some slightly disgusting medical procedure such as an enema.
    It was something that you endured rather than sometime you choose to
    undertake, in the perception that there was either no alternative or the
    alternatives came up short in terms of the above-mentioned criteria.

    -- Mark --

    http://staff.washington.edu/mrc
    Science does not emerge from voting, party politics, or public debate.
    Si vis pacem, para bellum.
     
    Mark Crispin, Sep 18, 2003
    #24
  5. *THIS* from the guy who thought that imapd should hardcode $HOMEDIR as
    the location of all mail messages, leading to disaster if you kept
    anything else there and whose idea of how to patch it was to rewrite
    what imapd thought your home directory was, which broke *lots* of other
    tools including the pine software in the same software package.

    Hi, Mark! Yes, it's the guy who finally gave up publishing patches when
    you switched to writing it all in C++ for no particular reason....
     
    Nico Kadel-Garcia, Sep 19, 2003
    #25
  6. Mark, Mark, Mark. I know lots of peope who hold parties to do painful
    things I would consider wildly inappropriate, even distasteful. Their
    lives, their problems. You are not the keeper of the One True Way, and
    never have been.

    Now, Verisign is a pain in the ass. Their model of "you shall all trust
    us to be the root of all signatures" is extremely dangerous and allows
    even a modest slippage of security at that root level (such as through a
    Patriot Act authorized search) to imperil security software security
    worldwide. And this wildcarding is just as grabby, sleazy, and almost as
    dangerous as a lot of their other software and business practices. It
    should provide additional incentive to take back those root servers.

    But they're fast enough on responding to domain management requests and
    key requests to handle most of corporate America's needs, which is their
    big market, so they're not going away tomorrow.
     
    Nico Kadel-Garcia, Sep 19, 2003
    #26
  7. So?
     
    Richard J. Sexton, Sep 19, 2003
    #27
  8. How would you know they were the low bidder? The bids were sealed.
    At any rate SRI could have bid, and didn't (if memory serves)
    You're guessing. Never guess.
     
    Richard J. Sexton, Sep 19, 2003
    #28
  9. Cause I got better service from NSI? Cause the horror stores from
    the large number of incompetant ICANN accredited registrars maybe?
    And no, I'm not the only one I know lots of poeple that endd up
    saying "JAY-SUS even NSI wasn't this retarded" and switched back.
    In all fairness when you've had a handful of domain there for about
    a decade you end up knowing who to contact; any problem I had was
    fixed in near-real time.
    There are problems with EVERY registrar. At some point it
    becomes a religious issue and not a business one. I take
    the atheist route on this one.
     
    Richard J. Sexton, Sep 19, 2003
    #29
  10. Jem Berkes

    Peter Peters Guest

    On anything further than registering a domain I have had no service at
    all from NSI. When I have to pay a domain the page to pay is (again)
    somewhere else. And if you have payed they mail you the domain is not
    registered with them but worldnic. I should use
    www.worldnic.<something>. When I do I end up on the same NSI page with
    the same problem paying.

    And when I move domains away from NSI the first three/four attempts
    result in an e-mail from the new registrar telling NSI has had a NOACK
    from the owner. But the owner am I and I have never seen such an e-mail.
    Finally the fourth or fifth time I get a big sales pitch from NSI about
    how good they are etc. After scrolling a rather large number of pages
    you could find a link with which you can ACk the move.
     
    Peter Peters, Sep 19, 2003
    #30
  11. Yeah, that happens and it's annpying. My favorite registrar abuse though
    ans still champion is register.com. Reg a name with them, pay for it
    and get a "free parking page" and they put their banner ad on it
    and make money off your name. This went to court IIRC.

    Or how about the new .biz tld? After the legal geniuses at icann
    scrutinized the application (for $50K) they pronounced it
    ok whereupon a court declared it an illegal lottery.

    It's pretty easy to find fualt with any registrer - again, at
    some point it becomes a religious issue.

    I'd be happier if NSI didn't wildcard unused names but I have
    a suspicion every TLD will do this in time, sadly.
     
    Richard J. Sexton, Sep 19, 2003
    #31
  12. JdeBP> We delegated authority over certain things to Verisign,
    JdeBP> and it has suddenly done something that we don't like.
    JdeBP> Our remedy is to revoke its authority (or at least to
    JdeBP> threaten to, in order to compel it to behave differently).

    RJS> THAT'S the problem... "we" never did.

    Yes, we did. Moreover, we still do. By delegating the authority over the
    entire DNS namespace to our root server organization of choice, which we all
    do individually and continually, we indirectly delegate authority to whomever
    that root server organization chooses, in its turn, to delegate authority to.
    (Some proxy DNS server softwares allow us to delegate authority for particular
    subdomains directly, giving us finer control. But that doesn't change the
    basic fact that it is still we who are delegating the authority.) The root
    server organizations all delegate authority over "com." and "net.", and their
    subdomains, to Verisign. Therefore by delegating our authority to the root
    server organizations we have indirectly delegated, and are indirectly
    delegating, authority over "com." and "net.", and their subdomains, to
    Verisign.

    RJS> The DNS has been under US government control and funding
    RJS> since day 1.

    That could only be true if the U.S. government funded all of the augmented
    root server organizations.
     
    Jonathan de Boyne Pollard, Sep 22, 2003
    #32
  13. MC> Anarchy doesn't work.

    No-one is advocating anarchy. The augmented root server organizations, and
    many others, are advocating _democracy_, in the best traditions of the notion
    that the source of the power to govern is the people. Verisign's authority
    over "com." and "net.", and their subdomains, comes from the root server
    organizations. But the authority of the root server organizations in turn
    comes from the people who choose to delegate authority to them (by configuring
    their resolving proxy DNS servers with the list of the delegate organization's
    servers) in the first place.
     
    Jonathan de Boyne Pollard, Sep 22, 2003
    #33
  14. Why not? Usenet is the worlds largest functioning anarchy.
     
    Richard J. Sexton, Sep 23, 2003
    #34
  15. alt.* is (almost) an Anarchy. At least the creation of the other major
    hierarchies requires some debate between newsadmins and the communities
    requesting [ the creation and circulation of ] the newsgroups.

    Other than that, of course every group's posters are a self organising
    group (hence an anarchy group in essense). But still, the creation and
    circulation of the groups and posts is not an anarchic (sp?) procedure.

    But then again this is much more politics than it is a technical issue.
     
    Yiorgos Adamopoulos, Sep 23, 2003
    #35
  16. MC> Anarchy doesn't work.

    JdeBP> No-one is advocating anarchy. The [...]

    RJS> Why not?

    Probably because everyone who is advocating anything has decided that anarchy
    is not appropriate.

    RJS> Usenet is the worlds largest functioning anarchy.

    That's debatable. For example: My ISP, like many ISPs, will not carry
    newsgroups in many hierarchies unless they are listed at Google or by the
    ISC. That sounds like the existence of /de facto/ central governing
    authorities to me.
     
    Jonathan de Boyne Pollard, Sep 24, 2003
    #36
  17. Thanks, but I'm familiar with the newsgroup creation process. But that
    doesn't change the model unwhich usenet operates: anarchy. That
    it works at all is testament to how well various news admins play well
    with others, but there is no central authority.

    Even if you call this something other than anarchy the point remains the
    dns could have been administered like this (not, uh, the way it is
    administered now).
    That's the problem. The issues witht he DNS that have now led us to
    so much grief are political, not technical. By the IETF eschewing any
    political problem (other than crypto) a power vacuum was created
    and the usual list of suspects rush to fill that void.

    So hows this DNS by committee working out for YOU?
     
    Richard J. Sexton, Sep 25, 2003
    #37
  18. RJS> Usenet is the worlds largest functioning anarchy.
    Dammit Jonno, that usenet is an ararchy is supposed to be a given
    on usenet. Please see earlier arguments and admonishments and abuse
    on this subject and save me the trouble of typing it all in again
    or just Godwin this thread and be done with it.
     
    Richard J. Sexton, Sep 25, 2003
    #38
  19. But would you want it to? Do you really want DNS to have the analogy to
    "Sorry, my ISP doesn't carry alt.whatever"? One reason that email and the
    web work as well as they do is because we all share a common,
    well-organized naming system.
     
    Barry Margolin, Sep 25, 2003
    #39
  20. Jem Berkes

    Tim Haynes Guest

    I suspect that any putative replacement remotely-anarchic DNS would require
    an increase in Clue from its users, and another referring system; consider
    `just add <foobox> to your massively-long nameserver-list and then you'll
    be able to point your browser at web.pigsty', for example - how would you
    allude to `foobox' if not via IP#?

    As for `just doing something', well, it'd cut out the AOLers... OK, anyone
    for an Internet3? ;8)

    ~Tim
     
    Tim Haynes, Sep 25, 2003
    #40
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.