The Internet Corporation for Assigned Names and Numbers (ICANN) has asked VeriSign Inc. to suspend its new Site Finder service while it conducts an investigation into the system.
Site Finder is a Web service that appears when users attempt to reach a Web site whose domain name does not exist. This mostly happens as a result of mistyping and Site Finder offers users a search engine, a list of existing domains with related spellings and a directory of Web sites. To enable the service, VeriSign has had to create a wildcard address record so that all attempts to reach sites in the .com and .net address space, except those with valid domain names, results in redirection to Site Finder.
When VeriSign launched the service on Sept. 15 complaints began to flow from many people, especially those involved with the technical side of the Internet and those operating competing search services, because they saw it as an attempt to hijack Web traffic that would otherwise result in an error message or redirection to a search service of the user’s preference.
ICANN said, in a statement issued on Friday, that it has been “monitoring community reaction” to the service and is also “carefully reviewing the terms of the .com and .net Registry Agreements.” It also asked its Security and Stability Advisory Committee and the Internet Architecture Board to produce a report on the subject which was issued Saturday.
The report noted a long list of concerns with the service.
These include the loss of local-language error messages to VeriSign’s English-language Site Finder; additional load for e-mail servers and the failure of some spam filters that check for valid domain names. It also noted that users who pay for data based on the volume sent and received will see higher costs as a result a single “domain not found” packet being replaced by the 17k-byte Site Finder home page and said the system represented a single point of failure and raised privacy concerns.
The IAB report did not conclude that the use of wildcard records, such as that by VeriSign, be prohibited but rather such a system is “dangerous” and should only be enabled with a full understanding of the impact on the network.
ICANN, in its statement issued before the IAB report was published, said it has called on VeriSign to voluntarily suspend the service until various reviews are completed. As of Monday morning Tokyo time (Sunday evening East coast time) the Site Finder service appears to remain in operation.
The IAB report can be found online at: https://www.iab.org/documents/docs/2003-09-20-dns-wildcards.html