[ga] The Value of Trust in 2007

["Jay Westerdal" <Jay@xxxxxxxxxxxxx>]

Dear Fellow Internet users,

On September 15th VeriSign unexpectedly and with no warning started
resolving every non-existent domain name ending in .COM or .NET to a
pay-per-click search program called SiteFinder. VeriSign estimates that this
will make itself over 150 Million dollars per year in typographical errors
made everyday by Internet users such as you and I. Some Industry experts
predict that this program will actually generate over 1 million dollars a
day for VeriSign.

For those of you that don?t know the history of the .COM database; it was
started by the Department of Commerce under the name Internic. The domain
ending with .COM was short for Commerce. The contract to run Internic was
awarded to VeriSign (Network Solutions) to operate the .COM zone. In 1999
the US congress appointed ICANN as the governing body of the Internet. Since
then ICANN has made deals with VeriSign to allow them to continue operating
the .COM database, and granted them rights to do so until 2007. VeriSign is
not the owner of the .COM database but merely the database custodian.

VeriSign is not allowed to purchase more then 5000 .COM domain names under
the registry agreement. The registry agreement states that a domain is
considered registered under the agreement if the registry generates a DNS
resource record that is published authoritatively. VeriSign does just that
when they generate DNS records for all non-existent domains. They resolve
all these all non-existent domains to an actual website for those domains
then redirect it back to their own SiteFinder pay-per-placement search
program.

VeriSign justifies SiteFinder by calling it a ?service? and says it helps
users by giving them a friendly search page instead of a non-existent domain
message. Some modern Internet browsers such as Internet Explorer see this
non-existent error message and instead return their own similar search page.
If an Internet Explorer user doesn?t want to see Microsoft?s default search
page they could install different plus-ins to handle the DNS error, or the
user could choose a different browser. But in either case, the user has an
option. Internet users world wide don?t have any choice because VeriSign is
the sole authoritative root server which operates the .COM database.

Because applications and devices like cell phones, email, search engines,
and automated programs handle the error messages differently; it would be
naive for VeriSign to think only humans with browsers rely on DNS. When a
user enters a non-exist domain name on their cell phone the DNS error
message would prevent downloading. Now cell phones download VeriSign?s
SiteFinder webpage and Service Providers bill the cell phone user for that
extra usage. SPAM prevention programs also rely on this error message to
check to see if the domain is real. Automated programs just don?t appreciate
SiteFinder in the same way VeriSign intended for Humans to enjoy it. Not
that many humans appreciate being monetized for typographical errors.

Makers of DNS software such as BIND have released patches that hack around
the VeriSign?s program. However, VeriSign can alter their approach and make
such patches null and void. If there were an arms race between the
Authoritative Root for .COM and software makers, the winners would always be
VeriSign.

We as the Internet community should insist ICANN enforce their contract with
VeriSign and that VeriSign stop registering all non-existent domain names.
US citizens should contact their representatives in Congress and ask their
Senators to leverage their influence on ICANN.

With VeriSign making over 1 million dollars a day on this program, they can
afford to hire the best attorneys, thus prolonging their fight until a judge
orders them to comply. VeriSign has said they will not comply without a
fight.

I urge you and any of your customers to sign the petition located at
http://www.whois.sc/verisign-dns/

A custodian of a World asset should be held to higher standard. It is all
about the value of Trust.

Jay Westerdal
Name Intelligence, Inc.