[wildcard-comments] Breaking Backward Compatibility; Internet Users Pay

[Casey West <casey@xxxxxxxxxxxx>]

VeriSign has broken backward compatibility for the .com and .net
TLDs. After 20 years of tried and true expected results (namely, the
DNS returning NXDOMAIN when a domain does not exist) VeriSign has
broken the DNS.

Their reasons are clear, financial gain. Their reports on user
satisfaction are misleading, mistaking typos for intentional use, and
unintentional use for satisfied users. I can understand why they believe
a problem has been solved, wool is thick.

Not only have they broken HTTP traffic, but email services that have
been working for decades were broken when a mail server started
responding to email sent to non-existent domain names, as well as email
filters counting on the DNS returning a NXDOMAIN response for a
non-existent domain. Similarly, sending email to a non-existent domain
returns a different SMTP response code than it used to.

We all understand this generates revenue for VeriSign, but what does it
cost the rest of us? It costs us in several areas. Foremost, bandwidth
fees. An HTTP response for a non-existent domain used to return a single
DNS response (NXDOMAIN), with VeriSign's SiteFinder I have to pay for
the bandwidth of receiving a web page from VeriSign. Large ISPs acquire
large financial hits as a result.

SMTP services inherit a similar fate. Services counting on the DNS to
return NXDOMAIN for non-existent domains are fooled into believing the
domain exists. As a result, storage costs rise, as email that should be
filtered and removed is being passed through.

These costs cause needless financial harm to Internet users and
providers. There is yet to be a compelling reason why we should incur
these costs while VeriSign profits. Large ISPs have turned to customized
DNS services specifically to curb the problems caused by the TLD
wildcards. The demerits of such a change in the DNS must be considered
very heavily when providers on the scale of AOL and EarthLink resort
to counter-measures.

The TLD wildcards must go. I see no problems with VeriSign benefiting
positively from SiteFinder, however, backward compatibility issues, and
higher costs for Internet users and providers is too lofty a price for
us to bear.

Some may say Microsoft has been doing this for years with their "search
from the location bar" feature, tied to MSN. While this is true, it was
a client level decision that could be turned off with client level
configuration. VeriSign's TLD wildcards cannot be shut off at the
individual computer level, over the scope of all Internet users.

In short, VeriSign believes SiteFinder is useful for all Internet users.
That is fine, but let it stand its own merits. As the manager for the
.net and .com TLDs VeriSign should act with prudence, even in the face
of huge financial possibilities. Further, a red flag should be raised
when any company who positions themselves so unilaterally against
strong, truly reasonable concerns emanating from key organizations in
Internet infrastructure.

  Casey West

-- 
Shooting yourself in the foot with the Internet 
You put your foot in your mouth, shoot it, then spam the bullet so
that everybody gets shot in the foot.