[wildcard-comments] My point of view from France
- To: <wildcard-comments@xxxxxxxxx>
- Subject: [wildcard-comments] My point of view from France
- From: "Simon" <simon@xxxxxxxxxxxxxx>
- Date: Sat, 27 Sep 2003 11:40:01 +0200
- Sender: owner-wildcard-comments@xxxxxxxxx
I would like to thank you for caring about this MAJOR issue. In most
cases now, nobody ever reacts to a monopoly company such as VeriSign.
Here in France we have experienced many problems with the SiteFinder
"service" (if ever we can call that a service). I guess everyone knows
that transatlantic optic fibers are already quite busy and that America
<-> Europe connections are far from being as fast as Europe <-> Europe
or America <-> America.
With the new "Site Finder" service, a LARGE amout of datas has been sent
to the VeriSign server (188.8.131.52), and it ALWAYS timeouts. Why would
I have to wait 1 min to know that a domain doesn't exist, while I was
waiting 1 sec?
Then, it raises other major problems. Their dummy mail server is badly
programmed, so the mails sent to a wrong domain with multiple senders
are bounced. My DNS cache is growing fast and there is more hard drive
use than before. Who will pay my cpu time, my disk space and my
My point of view is that VeriSign is a scammer. They just have stolen 10
pennies from every Internet actor, user. They can be so rich with their
system, which is ILLEGAL in France and in Europe (known as "Computing
and Liberties Law", you must be able to know when you are in a database,
and able to SEE and to MODIFY what's in).
Not only VeriSign thinks Internet belongs to American (well, I don't
have anything particular against Americans, we have stupid people too),
although it is an INTERNATIONAL community and that's one of its
FUNDAMENTAL principles... But they also think the WEB is the only
application on the Internet !
Hey SysAdmins, NetAdmins, don't you find a little weird that you can
traceroute nonexistentdomain.com ? This is just an abberation ! This
SHOULDN'T be possible at all.
When I use a FTP client to connect to a non-existent .com/.net domain,
it now says "Connection refused by foreign host" (184.108.40.206 has no
"dummy ftp client"...) instead of "Unable to resolve host". It goes the
same for IRC, and every application on the net. Well it was conceived to
go to 65535 TCP and UDP ports, so I don't ask VeriSign to open 2^17
ports with dummy daemons but to STOP their abuse.
The wildcards were first intended to mass manage subdomains, just
because a domain belongs to one SINGLE person. The TLDs (Top-Level
Domains), and even less for the gTLDs, are not belonging to anyone but
the WHOLE community and EVERYONE below the TLD (I mean : the .com / .net
I run many .com / .net, therefore I am concerned. This is a huge abuse.
I totally agree with the IAB recommandations : I would like VeriSign to
stop their service voluntary. But EVERYONE here knows they won't, they
will try to keep it as long as they can, just to gather tons of
information about netizens.
May I recall that .com and .net are ran as a public service ? They
shouldn't have ever been delegated to a commercial company.
So please, ICANN.. Go to your meeting, but don't let them give their
stupid marketing arguments. This is all about marketing, not computing
or network. Every expert in this world, except those VeriSign paid, will
tell you this is CONCEPTUALLY WRONG.
The whole Internet was thought to balance the load over many servers
(see the DNS architecture !), and without asking or even preventing,
VeriSign decides to go against this fundamental principle and makes the
whole internet go to a single point.
Well, that's so abusive I would like ICANN to remove their registry
status as soon as possible.
Not only because it has enourmous technical implications, but also
because it is moraly wrong. VeriSign knows this subject is too technical
for the common Internet user, and has made it so discretly, many people
aren't even aware about what's going on. Think of all non-english
speaking people who want to get their NXDOMAIN response back but can't
write you a mail...
I keep confident in your action and will not patch my Bind name daemon
until you make them remove their abusive wildcard.