|
|
ONLINE FEATURES
Book Reviews
BW Video
Columnists
Interactive Gallery
Newsletters
Past Covers
Philanthropy
Podcasts
Special Reports
BLOGS
Auto Beat
Bangalore Tigers
Blogspotting
Brand New Day
Byte of the Apple
Economics Unbound
Eye on Asia
Fine On Media
Green Biz
Hot Property
Investing Insights
Management IQ
NEXT: Innovation
NussbaumOnDesign
Tech Beat
Working Parents
TECHNOLOGY
J.D. Power Ratings
Product Reviews
Tech Stats
Wildstrom: Tech Maven
AUTOS
Home Page
Auto Reviews
Classic Cars
Car Care & Safety
Hybrids
INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip INVESTING Investing: Europe Annual Reports BW 50 S&P Picks & Pans Stock Screeners Free S&P Stock Report SCOREBOARDS Hot Growth 100 Mutual Funds Info Tech 100 S&P 500 B-SCHOOLS Undergrad Programs MBA Blogs MBA Profiles MBA Rankings Who's Hiring Grads | |
OCTOBER 7, 2003
By Alex Salkever Verisign Didn't Deserve This Spanking [Page 2 of 2] LIGHTNING ROD. Verisign is also the dominant digital-certificate-issuing authority with more than 373,000 handed out to date. Verisign grants these certificates to e-commerce sites and other Web organizations that need to conduct secure commerce and need to use digital signatures in the certificates to authenticate transactions and encrypt data traffic. The certificates function as a digital seal of approval and proof that sites are who they say they are. So, it's easy to see why Verisign is a lightning rod for criticism when it does anything even remotely controversial. In the case of the missing error messages, though, Verisign's critics are only half right for several reasons. First is the issue of whether Verisign should be allowed to redirect errant address queries and exercise an unfair advantage in doing so. Numerous other companies practice similar tactics by registering one-character-off domain names in hopes of snagging surfers who mistype a Web address.When Web surfers mistype addresses in Internet Explorer browsers, Microsoft (MSFT ) directs them to an MSN search page with click-throughs to services offered by MSN partners. Yet ICANN hasn't told any of these outfits to buzz off. Second, as for violating the stipulated neutrality of the contract ICANN awarded to Verisign, that claim seems off-base. Yes, Verisign might be able to profit from its tactic. But it wasn't taking business away from anyone -- these are unused Web-site addresses, after all. Third, regarding anti-spam software that relies on the error messages sent out by Verisign in response to mistyped Web addresses, this is at best a blunt-edged instrument to filter out unwanted e-mail. Mail administrators built automated filters that checked the domain name of incoming mail by sending a message to that domain. If a Verisign error message came back in response, then the administrators figured the original message was probably spam. A BETTER TOOL. But any spammers worth their salt today uses legitimate domain names, such as aol.com or yahoo.com or even businessweek.com (believe me, I get a lot of spam from our own domain), as part of their random e-mail missives. Why? Because that type of spam is harder to sift from normal messages. In this case, by using a spoofed address attached to a valid domain name, spammers can easily circumvent such crude filters. Further, relying on error messages is a poor substitute for so-called SMTP authentication, a process that allows a mail server receiving an e-mail to query back the sending mail server directly and ask, "Hey, is this message from a known account on your system?" If the answer comes back "no," then the message is clearly spam and should be deleted. Mail administrators have yet to widely adopt this tactic, though an increasing number are doing so. Yahoo started using SMTP authentication several years ago in part to cut down on spam coming from addresses ending in yahoo.com. Is Verisign lilly-white in all this? Hardly. Directing traffic to Site Finder may help the customers find what they're looking for, but first and foremost it helped Verisign. The Overture search engine by design gives preference to Web listings of companies that pay to advertise with the service. That has raised the ire of consumer groups who claim that Overture returns tainted results. MISSING MESSAGES. Verisign also should have consulted with the Internet community at large before exercising its monopoly power to alter the basic workings of the Web. Certainly, the Internet remains a communitarian venture, and Verisign has run roughshod over that ethos. Finally, it's most unfortunate that Verisign's Site Finder impedes basic software used to manage many types of networks. Tools such as "ping" and "traceroute," which are used to track data moving across a network, rely on specific error messages. When Verisign redirected all errant traffic to Site Finder, those error messages disappeared, rendering the network-management tools far less useful. This was the most troubling side affect of Verisign's unilateral move and perhaps the best reason for stopping any type of redirection until everyone gets a chance to adjust to the change. However, punishing Verisign for breaking anti-spam systems that rely on weak technology makes no sense. Nor does punishing it for redirecting traffic when others do basically the same thing and get away with it. Foolish consistency may be the hobgoblin of little minds, but it's important in clarifying matters in this instance.
 Salkever is Technology editor for BusinessWeek Online and covers computer security issues weekly in his Security Net column
BW MALL
SPONSORED LINKS
Buy a link now!Get BusinessWeek directly on your desktop with our RSS feeds.  Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | |
 Copyright 2003, by The McGraw-Hill Companies Inc. All rights reserved.Terms of Use | Privacy Policy |
Printer-Friendly Version
