VeriSign sticks with redirect service

The company says it will respond to technical complaints over its recent move to redirect Internet users who enter incorrect domain names, but it will not pull the plug on the service.

Declan McCullagh
Declan McCullagh Former Senior Writer
Declan McCullagh is the chief political correspondent for CNET. You can e-mail him or follow him on Twitter as declanm. Declan previously was a reporter for Time and the Washington bureau chief for Wired and wrote the Taking Liberties section and Other People's Money column for CBS News' Web site.
2 min read
VeriSign said Thursday that it would respond to technical complaints over its recent move to redirect Internet users who enter nonexistent or misspelled domain names to its Web site, but it said it would not pull the plug on the service.

Criticism has been growing over the Mountain View, Calif.-based company's surprise decision to take control of unassigned .com and .net domain names, which has confused antispam utilities and drawn angry denunciations of the company's business practices from frustrated network administrators.

"There is a lot of fiction about the actual technology and the service," VeriSign spokesman Brian O'Shaughnessy said. "What we are doing is trying to determine fact and fiction and we're doing so by reaching out to the technology community and helping them to understand exactly what is fact and fiction."

VeriSign would not disclose what changes it might make to address technical complaints about its Site Finder service.

O'Shaughnessy said the service has been embraced by end users. "We've seen nothing but very positive results from the Internet community," he said. "Usage is extraordinary. Both individual users and enterprises are giving very positive feedback."

VeriSign's new policy is intended to generate more advertising revenue from additional visitors to its network of Web sites. But the change has had the side effect of rewiring a portion of the Internet that software designers always had expected to behave a certain way. That can snarl anti-spam mechanisms that check to see if the sender's domain exists, complicate the analysis of network problems and possibly even pollute search engine results. Because VeriSign will become a central destination for mistyped e-mail and Web traffic, its move also raises serious privacy questions.

In response, the Internet's technical community has developed a patch to BIND, the workhorse utility that implements the Domain Name System protocols. It's designed to counteract VeriSign's change by blocking traffic to its Site Finder site and returning the same "domain not found" error message as before.

When asked why VeriSign did not inform the Internet's technical organizations of the change in advance, O'Shaughnessy replied: "There's not much I can add except to say that our testing and the resources we've applied toward this have been in accordance with prevailing industry standards for new products and services."

Neither the Internet Corporation for Assigned Names and Numbers (ICANN), which in principle oversees VeriSign's actions as a domain name registrar, nor the U.S. Department of Commerce, which has a contract with VeriSign that grants it a government-granted monopoly over .com and .net, has responded to repeated requests for comment since Tuesday.

O'Shaughnessy said there's no need for any outside organization to get involved. "There's some religiousness that's been brought to bear here besides the technical reality," he said. "We're fully compliant with every RFC," O'Shaughnessy said in reference to the technical standards that govern the Internet.