In several presentations before the Security and Stability Advisory Committee (SECSAC) of the Internet Corp for Assigned Names and Numbers (ICANN), VeriSign said that most of the problems identified with Site Finder are minor and easily addressed.
Site Finder presents web users with a search engine page, instead of an error message, when they misspell a .com or .net domain name in the browser, but it has caused knock-on effects with other non-web applications.
When it was first launched on September 15, it came under a storm of criticism from those who believe it was an opportunistic and irresponsible move to increase VeriSign’s revenue at the expense of the Internet’s health.
Reluctantly, VeriSign suspended the service after a request, and then a stern demand, from ICANN, which wants its SECSAC to review the effects of Site Finder before coming to any conclusions.
VeriSign has now presented the results of a review of claims that Site Finder broke or made unpredictable certain applications, such as spam filters, email, automated HTTP tools and domain name availability checking tools.
The review found that most problems were minor or inconvenient but that there were some moderate problems that are out of VeriSign’s hands and would require ISPs or software developers to make changes.
Issues that VeriSign can address, notably three problems in how Site Finder causes email to behave differently, the company said it is developing changes for. The company said it is also working on non-English versions of the service.
VeriSign presented evidence to suggest that the Site Finder concept was popular among end users. A survey the firm commissioned showed that 38% of US users strongly and 46% somewhat prefer Site Finder over an error message.
Site Finder is English-only, and pre-Site Finder error messages were usually localized, but the majority of users surveyed in Germany and China also either strongly or somewhat preferred Site Finder to an error page, VeriSign said.
Site Finder’s opponents pointed out that there are lies, damn lies and statistics, and that survey results depend in a large part on how questions are phrased. VeriSign said it would not disclose the raw survey data to independent analysis.
There was also data presented that could be interpreted as showing a negative reaction from the Internet community.
Edelman said that the amount of traffic that went to verisign.com leapt after Site Finder’s introduction, but that it reduced somewhat after certain ISPs, companies, and even nations, implemented measures to block the service.
There were also claims that America Online Inc [AOLA], EarthLink Inc [ELNK] and Time Warner Cable [TWX] were among the ISPs that said they had blocked it in the US.
Also on the list of on-the-record opponents of the service are XO Communications [XOCM.OB], AT&T [T], Tucows [TCOW.OB], Register.com [RCOM], Microsoft [MSFT], the Public Interest Registry, the Internet Society, the London Internet Exchange, and Melbourne IT.
While VeriSign may have a monopoly on meaningful quantitative data surrounding Site Finder’s impact, its opponents argue that the as-yet-unrealized impacts – such as how others respond to Site Finder’s presence – is a bigger concern.
For example, it emerged this week that a patch that the Internet Software Consortium issued to BIND (the dominant DNS server software), designed to evade Site Finder, could also inadvertently cause problems with resolving .name domains.
Some people are also concerned that the likes of AOL and Microsoft, which both lost money as a result of Site Finder’s introduction, could start making their own tit-for-tat changes. The end result, some fear, is a fragmented Internet.
The SECSAC will now convene to put together some advice for ICANN on what, if any, security and stability concerns Site Finder causes.
This article was based on material originally published by ComputerWire.
