ICANN Committee Calls for Permanent End to SiteFinder

In a long-awaited report, VeriSign's suspended service is slammed for disrupting the Internet and causing potential privacy violations.

Nine months after starting its investigation, an advisory committee of the Internets main oversight body has released a report condemning VeriSigns SiteFinder redirection service.

The report, issued Friday by an ICANN (Internet Corporation for Assigned Names and Numbers) committee, concluded that SiteFinder, suspended in October, should remain shuttered and that similar domain registry services should be stopped and prevented.

VeriSign in September launched SiteFinder, a Web search site to which Web users were redirected when they entered unregistered or mistyped domain names. The Mountain View, Calif., company is the registry that manages the Internets two major domains, .com and .net, and it faced criticism for tinkering with the core of the domain name system.

"VeriSigns actions did not have network-shattering effects but did violate fundamental architectural principles and well-established codes of conduct and good practice intended to ensure stability," ICANNs Security and Stability Advisory Committee concluded in its report, here in PDF form. "Users decisions and control were pre-empted, and users were potentially subjected to violations of their privacy."

The committees report was based on a series of public meetings it held in October to examine SiteFinder, as well as on other public comments. It is likely to be a hot issue during ICANNs board of directors meeting next week in Kuala Lumpur, Malaysia, where the board now must decide whether to take any action based on its findings.

VeriSign officials said the reports conclusions were not surprising because the committees chairman, Steve Crocker, and other members had said previously that they opposed SiteFinder.

/zimages/2/28571.gifClick here to read more about the committees initial reaction to SiteFinder.

"It is somewhat surprising that a report that took nine months to put together doesnt provide any fact or evidence to back up their claims," VeriSign spokesman Tom Galvin said. "Were exactly where we were last October."

VeriSign has maintained that by offering SiteFinder, it was trying to innovate the way the domain-name system works. It also has sued ICANN over SiteFinder and other registry services it wants to operate, alleging that the nonprofit body does not have the authority to regulate the Internet but only to be a technical body.

ICANN also said Friday that it had filed another motion to dismiss VeriSigns lawsuit after VeriSign amended its complaint in response to a judges earlier ruling throwing out its antitrust claim.

Crocker said his committee addressed the technical issues around SiteFinder and whether VeriSigns effort to redirect Web users to other sites was appropriate, not whether ICANN has the authority to stop it.

The basic conclusion of the 78-page report: "Dont do this," Crocker said.

"Dont redirect uninstantiated domain names in the big, public registries," he said. "It creates all kinds of problems, and its not the right thing to do."

Among the reports eight findings was that SiteFinder "violated fundamental Internet engineering principles" by mingling different architectural layers of the Internet. SiteFinder targeted HTTP requests, but because it was operated at the level of the DNS (Domain Name System), it also affected other Internet protocols, Crocker said.

E-mails sent with addresses containing unregistered or mistaken domain names also were redirected to VeriSigns servers without the consent or knowledge of users, according to another finding in the report.

Along with recommending the permanent blocking of SiteFinder, the committee suggested that domain redirection be ended and prevented in the future for top-level domain names that serve the public.

Fifteen of the 258 top-level domain names, including country codes, use a so-called wildcard in their databases to redirect domain names, the report found.

ICANN also needs to create a formal process for evaluating new registry services before they are introduced, the committee recommended. The report found that SiteFinder caused disruption because it caused sudden changes in the domain-name system without input from the public.

VeriSign and other critics have slammed the Security and Stability Advisory Committee for taking so long to release its conclusions, which initially were expected within a few months of the SiteFinder suspension.

Crocker said the blame lies with him, not with ICANN. The committee, which consists of volunteer members, misjudged how much time and work it would take to complete the report, he said.

At least one registrar, which sells .com and .net domain names to consumers and businesses, said he agrees with the reports condemnation of SiteFinder. Bob Parsons, president and founder of The Go Daddy Group Inc., said he believes ICANN was right to pressure VeriSign to suspend SiteFinder and that it should have the authority to regulate registry offerings.

"ICANN, with respect to SiteFinder, acted admirably," Parsons said. "[VeriSign is] placed in a fiduciary responsibility … for those domain names [that] they manage, and them taking advantage of that is wrong."

/zimages/2/28571.gifCheck out eWEEK.coms Infrastructure Center at http://infrastructure.eweek.com for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.