On September 15 2003, Verisign/Network Solutions started abusing their trusted status as Registry for the DNS system to turn all invalid and mistyped domains into an advertising opportunity for their Registrar. In the process they are disrupting innumerable Internet services.
Specifically, they introduced wildcard records into .com and .net, thus asserting control over all domains that are not registered there. Thus web requests to http://nosuchdomainexists.com, or email to email@example.com, and all other protocol requests to expired or unregistered domains, were redirected to their servers, where they have been making advertising pitches, rather than returning the standard NXDOMAIN (No Such Name) error message. Some of the multifold disruptions are explained below.
This is outrageous, both in breaking many applications which use DNS, and in abusing their contracts and defacto-monopoly power over some of the most important virtual real estate there is.
Thankfully, ICANN (the Internet Corporation For Assigned Names and Numbers) told them it was a violation of their contractual agreements, and on October 4, 2003, VeriSign temporarily suspended this change. But subsequently they sued ICANN.
Imagine if the US Postal Service were to suddenly change the way that misaddressed mail works, without consulting with anyone, in a way that made them money and hurt the competition.
Currently, they return the exact letter you sent, unopened, with an official, standard, easily recognizable message saying "address unknown, returned to sender".
Instead suppose that you sent a letter to "Ptanned Parenthood", and got a response from a mysterious third party named Verisign. It became clear that this "Verisign" company knew about the message you had sent, but didn't actually return it. But they did make a pitch for the company of their choosing, whoever it was that paid them (not you!) for the rights to that misspelling of "Planned Parenthood"....
And imagine that at the same time many other problems arose. When you sent a package via competitors like Federal Express, the USPS would still step in, grab the message and send you their confusing promotional materials, written in a language you didn't understand. And many people threw away the unclear responses and didn't realize that their message had bounced. More junk mail started arriving for obscure reasons.
In this analogy, the "USPS" plays the role of Network Solutions, who has an exclusive contract to run the guts of the .com and .net domains in a way that doesn't discriminate against dozens of other firms who can sell domain names ending in .com and .net.
The analogy clearly breaks down in many ways. A telephone example might work better. But the point is still this - why should a organization like the USPS, entrusted with a monopoly position intended to serve the public good, start reading mail that you send and/or handing it off to someone else, with no restrictions on how they might make money off of it or how much of an advantage it gives them over firms that competete with them in other markets?
...registry agreement under which NSI will operate the registry for the .com, .net, and .org top-level domains according to requirements stated in the agreement and developed in the future through the ICANN consensus-based process. All ICANN-accredited registrars will have equal access to this registry.
Michael D. Gallagher Acting Assistant Secretary for Communications and Information Office of the Assistant Secretary 202/501-0536
(ii) NSI shall comply, in its operation of the registry, with all Consensus Policies insofar as they: (a) are adopted by ICANN in compliance with Section 4 below, (b) relate to one or more of the following: (1) issues for which uniform or coordinated resolution is reasonably necessary to facilitate interoperability, technical reliability and/or stable operation of the Internet or domain-name system, (2) registry policies reasonably necessary to implement Consensus Policies relating to registrars, or (3) resolution of disputes regarding the registration of domain names (as opposed to the use of such domain names), and (c) do not unreasonably restrain competition. ... (i) principles for allocation of SLD names (e.g., first-come/first-served, timely renewal, holding period after expiration);
>Date: Tue, 16 Sep 2003 00:39:14 -0400 >From: Patrick Muldoon <...> >To: nanog.... >Subject: Verisign's New Change and Outdate RBL's > > >Was playing with a test box here at home. Installed SpamAssassian >from a newely cvsup'd ports tree on a FreeBSD box, and was surprised >to see messages getting marked as received in blacklists that no >longer exist. Most noteably ORBS. Since this was a fresh Install I >hadn't gone through and removed the dead RBL's from 20_head_tests.cf >yet. Since dorkslayers doesn't exist. any queries for it are >returning that infamous sitefinder address. > >[...]$ host 188.8.131.52.orbs.dorkslayers.com >184.108.40.206.orbs.dorkslayers.com has address 220.127.116.11Note that while the dorkslayers problem has been resolved, since the owners have assigned some nameservers to it and put up a web page, this sort of problem is inevitable the way verisign is handling the situation.
To quote Verisign, among others: