Failure to do so, ICANN wrote to VeriSign, would result in ICANN taking "the steps necessary" under VeriSign's agreements with ICANN "to compel compliance with them." ICANN's letter dated Oct. 3, and released to the public 6am California time says that "VeriSign must suspend the changes to the .com and .net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4 October 2003. Failure to comply with this demand by that time will leave ICANN with no choice but to seek promptly to enforce VeriSign's contractual obligations."

Key to ICANN's demand is its assertion that Sitefinder has harmful technical properties, a charge buttressed up to a point by the IAB's findings. The critical thing about the IAB's conclusions, however, is that Sitefinder is bad because it breaks long-settled expectations, not that it is bad per se, or that it formally violates standards set out in RFC's.

We've had some lively discussion of the legal issues here and here.

Based on the information currently available to us, it appears that these changes have had a substantial adverse effect on the core operation of the DNS, on the stability of the Internet, and on the relevant domains, and may have additional adverse effects in the future. These effects appear to be significant, including effects on web browsing, certain email services and applications, sequenced lookup services and a pervasive problem of incompatibility with other established protocols. In addition, the responses of various persons and entities to the changes made by VeriSign may themselves adversely affect the continued effective functioning of the Internet, the DNS and the .com and .net domains. Under these circumstances, the only prudent course of action consistent with ICANN's coordination mission is to insist that VeriSign suspend these changes pending further evaluation and study, including (but certainly not limited to) the public meeting already scheduled by ICANN's Security and Stability Advisory Committee on 7 October in Washington, D.C.

In addition, our review of the .com and .net registry agreements between ICANN and VeriSign leads us to the conclusion that VeriSign’s unilateral and unannounced changes to the operation of the .com and .net Top Level Domains are not consistent with material provisions of both agreements. These inconsistencies include violation of the Code of Conduct and equal access provisions, failure to comply with the obligation to act as a neutral registry service provider, failure to comply with the Registry Registrar Protocol, failure to comply with domain registration provisions, and provision of an unauthorized Registry Service. These inconsistencies with VeriSign's obligations under the .com and .net registry agreements are additional reasons why the changes in question must be suspended pending further evaluation and discussion between ICANN and VeriSign.

While this letter by ICANN is a step in the right direction (it should have been sent on Day 1, or better yet, pre-emptively, as many of us had warned BEFORE SiteFinder went live), it does not go far enough. As per point (d) of the Stop Verisign DNS Abuse [whois.sc] petition, ICANN should insist that all audited GROSS revenues of SiteFinder (this would include Overture's share, Paxfire's share, VeriSign's share and anyone else participating in the revenue of the system) be returned to ICANN, via a payment to the GNSO in the name of the Non-Commercial Constituency. VeriSign and its partners should not be allowed to profit from their reckless behaviour.

--
Ambler On The Net [ambler.net]