Inside ICANNWatch  
Submit Story
Lost Password
Site Messages
Top 10 Lists
Latest Comments
Search by topic

Our Mission
ICANN for Beginners
About Us
How To Use This Site
Slash Tech Info
Link to Us
Write to Us

  Useful ICANN sites  
  • ICANN itself
  • Bret Fausett's ICANN Blog
  • Internet Governance Project
  • UN Working Group on Internet Governance
  • Karl Auerbach web site
  • Müller-Maguhn home
  • UDRPinfo.com;
  • UDRPlaw.net;
  • CircleID;
  • LatinoamerICANN Project
  • ICB Tollfree News

  •   At Large Membership and Civil Society Participation in ICANN  
  • icannatlarge.com;
  • Noncommercial Users Constituency of ICANN
  • NAIS Project
  • ICANN At Large Study Committee Final Report
  • ICANN (non)Members page
  • ICANN Membership Election site

  • ICANN-Related Reading
    Browse ICANNWatch by Subject

    Ted Byfied
    - ICANN: Defending Our Precious Bodily Fluids
    - Ushering in Banality
    - ICANN! No U CANN't!
    - roving_reporter
    - DNS: A Short History and a Short Future

    David Farber
    - Overcoming ICANN (PFIR statement)

    A. Michael Froomkin
    - When We Say US™, We Mean It!
    - ICANN 2.0: Meet The New Boss
    - Habermas@ discourse.net: Toward a Critical Theory of Cyberspace
    - ICANN and Anti-Trust (with Mark Lemley)
    - Wrong Turn in Cyberspace: Using ICANN to Route Around the APA & the Constitution (html)
    - Form and Substance in Cyberspace
    - ICANN's "Uniform Dispute Resolution Policy"-- Causes and (Partial) Cures

    Milton Mueller
    - Ruling the Root
    - Success by Default: A New Profile of Domain Name Trademark Disputes under ICANN's UDRP
    - Dancing the Quango: ICANN as International Regulatory Regime
    - Goverments and Country Names: ICANN's Transformation into an Intergovernmental Regime
    - Competing DNS Roots: Creative Destruction or Just Plain Destruction?
    - Rough Justice: A Statistical Assessment of the UDRP
    - ICANN and Internet Governance

    David Post
    - Governing Cyberspace, or Where is James Madison When We Need Him?
    - The 'Unsettled Paradox': The Internet, the State, and the Consent of the Governed

    Jonathan Weinberg
    - Sitefinder and Internet Governance
    - ICANN, Internet Stability, and New Top Level Domains
    - Geeks and Greeks
    - ICANN and the Problem of Legitimacy

    Highlights of the ICANNWatch Archive
    (June 1999 - March 2001)

    Verisign/NSI VeriSign Responds to SSAC on SiteFinder Report
    posted by michael on Sunday August 15 2004, @06:22PM

    Steven Forrest writes "VeriSign has released its 95-page response to the report from the ICANN Security and Stability Committee, Redirection in the Com and Net Domains, which was critical of VeriSign's SiteFinder service. Short version: The SSAC's report went far beyond its narrow mandate to examine the technical impact of Site Finder and the SSAC, stacked with members already known to oppose, ventured into making policy recommendations after finding that, much to the SSAC members' chagrin, there was no evidence that Site Finder created any security or stability threats to the domain name system or the Internet."

    From the executive summary:
    SSAC's purported "findings" and "recommendations" are inappropriate, unsubstantiated, and themselves contrary to longstanding written standards and specifications for the operation of the DNS and the Internet. None of SSAC's findings conclude that Site Finder, or wildcards generally, pose a threat to the security and stability of the Internet's naming and address allocation system. That is the limit of SSAC's mandate. Accordingly, those "findings" and "recommendations" it does make exceed the scope of SSAC's charter as a limited technical advisory committee - to evaluate security and stability threats to the Internet's naming and address allocation systems - and are not derived from the supposed principles espoused by SSAC.

    Such overreaching is an understandable by-product of the context in which the Report was created. SSAC began its analysis with the predetermined conclusion that Site Finder, and all other wildcards, should be prohibited. Indeed, a draft of SSAC's September 22, 2003 report reveals that the "Opinions" and "Recommendations" were drafted before the committee had undertaken any reasoned evaluation of Site Finder. The September 19, 2003 draft of the report entitled Recommendations Regarding Veri[S]ign's Introduction of Wild Card Response to Unregistered Domains within .com and .net., circulated by Steven Crocker, contained fully formed conclusions and recommendations, yet nothing under the "Analysis" heading except a plea for Paul Vixie, among others, to "please dump stuff into this section." Under these circumstances, SSAC's adherence to its preliminary conclusion, notwithstanding the absence of any evidence of a security or stability threat to the DNS or the Internet, should come as no surprise. Moreover, the Report appears primarily to have been composed and/or contributed to by persons who are opponents of Site Finder and/or competitors of VeriSign, a fact the Report fails to acknowledge.

    After a point-by-point discussion of the SSAC's report, VeriSign concludes:
    The Report is fundamentally flawed in its process, analysis and recommendations. SSAC had a single, limited mandate with respect to Site Finder - to assess quantitatively the technical effect of Site Finder on the stability and security of the DNS and the Internet. SSAC mustered no evidence that Site Finder adversely impacted the security of the DNS or Internet. SSAC found no evidence that Site Finder adversely impacted the stability of the DNS or Internet. SSAC was forced to acknowledge that Site Finder did not cause DNS or Internet failures or outages. These facts should have ended SSAC's Site Finder process.

    Instead, having concluded before it had even begun its investigation that Site Finder should be suspended, and having been stacked during its purported technical evaluation with Site Finder opponents, SSAC proceeded in the absence of evidence or quantification to formulate the biased and unsupported conclusions and recommendations appearing in the Report. Those conclusions and recommendations do not follow from any evidence or technical analysis by SSAC. Rather, they derive from and reflect the purely personal philosophies and preferences of SSAC's conflicted membership. As SSAC member Paul Vixie recognized: "[I] was publicly critical of *.com and *.net, but that's a policy problem, not an operational problem." (Emphasis added.) SSAC's conclusions and recommendations should thus be recognized for what they are - policy recommendations by a body that was not charged with, and has no expertise in, policymaking.

    Indeed, SSAC's policies espoused in the Report are misguided and wrong-headed. They equate "stability" with a total lack of change. However, as the RFC's themselves recognize, the history of the Internet is change, and the future of the Internet is change. To remain vibrant and responsive, the Internet must change, at its core as well as at the periphery. By aligning itself with an immutable status quo, SSAC has done a thorough disservice - to Site Finder, to the Internet, and to present and future Internet users who expect innovation to keep the Internet expanding and responsive to their needs.

    VeriSign reserves all rights and remedies it has with respect to the actions of ICANN and SSAC regarding Site Finder or any other matter, including those rights subject to claims in the pending litigation VeriSign has commenced against ICANN. A statement of the violations of VeriSign's rights by reason of the conduct of ICANN and SSAC, including in connection with the Report, is beyond the scope of this letter.

      ICANNWatch Login  


    [ Don't have an account yet? Please create one. It's not required, but as a registered user you can customize the site, post comments with your name, and accumulate reputation points ("karma") that will make your comments more visible. ]

      Related Links  
    · CORE
    · VeriSign/NSI
    · ICANN
    · Steven Forrest
    · released its 95-page response
    · More Verisign/NSI stories
    · Also by michael
    This discussion has been archived. No new comments can be posted.
    VeriSign Responds to SSAC on SiteFinder Report | Log in/Create an Account | Top | 6 comments | Search Discussion
    Click this button to post a comment to this story
    The options below will change how the comments display
    Check box to change your default comment view
    The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
    First impressions
    by TFBW on Monday August 16 2004, @04:40PM (#14060)
    User #3864 Info
    If they agree with Vixie that *.com and *.net are matters of policy, then were they operating within their mandate to implement a global policy change without consultation in the first place?

    Other than that, the above extract of the report seems to be a good example of "ad hominem" and its close relatives. Nowhere do I see criticism of arguments; only of processes and people.
    [ Reply to This | Parent ]
    • 1 reply beneath your current threshold.
    by fnord (reversethis-{moc.oohay} {ta} {k2yorg}) on Thursday August 19 2004, @05:41PM (#14062)
    User #2810 Info
    I gotta say I hate VeriSign with a passion and I'm no fan of SiteFinder but if the SSAC report is an example of the best that committee can do then we're in real trouble if cyberterrorists or scriptkiddies decide to pingflood the root servers back to the stone age (I've described somewhat cryptically how to do that successfully here previously).

    I mean really, the best SSAC can come up with is that SiteFinder broke some spam filters. Too bad, what is the RFC # on spam filters anyway? Or that it was in English only. Tsk tsk, sorta like ICANN for much of its existence. Or that it broadened an already existing use from the suchlike of .museam which were limited in scope (except that the unlimited in scope .tv, for just one example, had been doing this for years without an internet meltdown). Or, worse still, it interfered with the likes of MicroSoft Network and America OnLine which were already providing a similar service. The horror, the horror. This is one more document out of ICANN on a par with ICP-3, going far beyond their mandate, not surprisingly getting most of it wrong, and thankfully due to be ignored by all but the normal lamers and hangers on. -g

    [ Reply to This | Parent ]
    by jimrutt on Thursday August 26 2004, @11:34AM (#14065)
    User #3264 Info

    Ah, as I said in the begining the whole Sitefinder thing was just reflexive VeriSign bashing. Indeed those sys admins whose organizations found it offensive were rapidly routing around it when it was pulled ... in the good, standard internet culture way. The only offense in my book by VeriSign in the whole episode was springing it on the community without the traditional 60 or 90 days warning... and that was driven I'm pretty sure by VRSN's pre-emtive fear of the VeriSign hating atmosphere.

    ===================== been there, done that
    [ Reply to This | Parent ]
    • 1 reply beneath your current threshold.

    Search ICANNWatch.org:

    Privacy Policy: We will not knowingly give out your personal data -- other than identifying your postings in the way you direct by setting your configuration options -- without a court order. All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 by ICANNWatch.Org. This web site was made with Slashcode, a web portal system written in perl. Slashcode is Free Software released under the GNU/GPL license.
    You can syndicate our headlines in .rdf, .rss, or .xml. Domain registration services donated by DomainRegistry.com