Beyond the Verisign vs. ICANN Battle


By Alex Salkever Stratton Sclavos wants the Internet to grow up. The CEO of Verisign (VRSN), Sclavos has built a business designed to provide some of the basic plumbing for the Information Age by providing computer security services, issuing digital certificates needed for safe e-commerce, and operating the database that keeps track of all .com and .net domain names. To listen to Sclavos and other Verisign execs talk, the Net's plumbing is all stopped up.

What's the clog? A bunch of grumpy technical experts who, Sclavos & Co. claim, are holding the infrastructure that powers the Internet hostage by refusing to allow it to evolve and become more technologically stable and sophisticated as well as more commercially viable. These experts, also known as the Internet Committee on Assigned Names & Numbers, are the force majeure in the field of Net regulation. More than any other body, ICANN makes key decisions that affect the way the Internet works.

It comprises a formidable group of distinguished names. And it was ICANN that sent Verisign a cease-and-desist letter earlier in October seeking to stop the Net plumber from plumbing the millions of mistyped Web-page requests per day for ad dollars by directing surfers to a Verisign-operated paid-search engine called Site Finder (see BW Online, 10/7/03, "Verisign Didn't Deserve This Spanking"). Verisign used its monopoly hold on the .com and .net database to identify incoming queries destined for nonexistent Web pages and sending them to Site Finder rather than returning a standard error message.

UNFAIR SHAKE? Sclavos and his executives claim Site Finder was an innovation that served customer needs. To back this point up, Verisign points to surveys it recently conducted finding that out of 1,000 Internet-savvy people, two-thirds preferred some type of search capability or related links a la Site Finder with a returned error message. Verisign officials says they're not getting a fair shake from ICANN. "The biggest problem is the lack of a consistent and fair process by which registries understand how they can introduce services," says Verisign spokesperson Tom Galvin.

For its part, ICANN called Site Finder, essentially, a selfish, poorly thought-out move that threatened the stability of the Internet due to Verisign's unilateral and rapid roll out of Site Finder. Further, ICANN and other critics stated that Site Finder hurt efforts to control spam and impaired a key part of the Internet, namely, the domain name system (DNS), which acts as a global traffic cop for the Net. It did this by eliminating the error-message system around which network operators had built complicated response mechanisms to optimize and monitor their systems.

In a letter to Verisign dated Sept. 22, ICANN President Paul Twomey and other key ICANN committee members wrote: "VeriSign's change has substantially interfered with some number of existing services which depend on the accurate, stable, and reliable operation of the domain name system."

TWO WRONGS. In the end, Verisign bowed to ICANN's lawyers and shut down the Site Finder service indefinitely. But the fight still simmers in the Internet community, with the majority of voices saying Versign is clearly in the wrong here. On the other side, a handful of large commercial entities -- such as e-mail outsourcing company Brightmail, which handles about 10% of all e-mail, according to International Data Corp. -- have come out in support of Verisign and claimed that Site Finder was, in reality, nothing more than a minor annoyance.

This case is a rare one where two wrongs may both be right. Site Finder was a distasteful abuse of the spirit, if not the letter, of Verisign's contract to maintain the stewardship of the .net and .com domain-name database. But its claims that the Net's pipes are stopped up and leaking is also on the money.

What I really didn't like about Site Finder was its premise. Sclavos and his executives said it would provide a key customer-assistance tool. That may be. Mistyped or incorrectly remembered Web-site addresses are a royal pain. But so is the constant barrage of advertisements erupting from every part of the Internet. Site Finder will add to that barrage with yet another search engine overstocked with paid listings.

It's sort of like taking a wrong turn and finding yourself in the midst of a flea market when all you want is directions. If that's Verisign's idea of innovation, count me out.

STUCK IN THE PAST. Then again, Verisign's claims that the Internet is paralyzed by an old guard who dominate the governance bodies such as ICANN has more than a hint of truth to it. For example, Verisign charges that ICANN's continued reliance on nonprofit and largely academic entities to maintain the DNS "root servers" that are the ultimate arbiter of Internet traffic opens the whole Net to the possibility of catastrophic failure. These entities don't have the resources of a dedicated organization focused on servicing DNS, Sclavos has claimed in several recent interviews.

Verisign and others have also expressed rising concern that the Net's basic syntax is far too rooted in a different era, when just a few people could log onto the precursor to the Net. Today, the language mail servers speak to each other in passing messages back and forth and the way Web browsers request and send out information remain largely the same as when they were first planned and implemented. Engineered for a time when everyone on ArpaNet knew each other, these protocols and syntaxes seem frighteningly naïve in today's world of malicious hackers, spewing spammers, and vile Net fraudsters.

The protocol to exchange mail messages between machines, SMTP, has no built-in mechanism to authenticate who a messages's sender is and verify his or her identity. This is why spam is such a problem today -- because no one has to worry about getting caught if they impersonate someone else or make up their own identity in sending an e-mail. You can't catch anyone because the SMTP protocol is designed to be flexible and allow for anominity.

DANGEROUS TURF. DNS is the basic service used to more or less direct traffic around the Net. Like SMTP, it has no accepted and widely used mechanism for authenticating requests for data. In fact, very few of the prevailing syntaxes and protocols underpinning the Internet contain provisions for effective protections against network attacks, cyber or otherwise.

Gently nudging the Internet community into a more secure future is ICANN's job. Yet ICANN itself and the Internet Engineering Task Force, another key governing body, have had trouble deciding among themselves on how to upgrade the Net.

Meanwhile, the tide of spam threatens to deluge everyone and significantly increase costs of running networks (the ratio of spam to legitimate mail is well over 50% at this point, according to Brightmail). And hackers wielding nasty Internet worms have clearly illustrated this summer that chunks of the Internet infrastructure -- partly, but not all, due to Microsoft's (MSFT) difficulty in building secure products -- remain wide open to cyber attacks that teenagers can easily master and execute.

Instead of Verisign and ICANN slinging arrows at each other, they should be working together, along with other responsible parties, to build a better, safer, more efficient Internet. Salkever is Technology editor for BusinessWeek Online


Silicon Valley State of Mind
LIMITED-TIME OFFER SUBSCRIBE NOW

(enter your email)
(enter up to 5 email addresses, separated by commas)

Max 250 characters

 
blog comments powered by Disqus