[Politech] Reply to column on VeriSign: Don't ask for government intervention

From: Declan McCullagh (declan@private)
Date: Wed Sep 24 2003 - 13:58:47 PDT

  • Next message: Declan McCullagh: "[Politech] Request for comments on challenge-response antispam protocol [spam]"

    [I suspect Henrik is right about the lethargy of governments and the 
    desirability of caution and forbearance. But it is incorrect to say that 
    it's just a "commercial message" that's at issue here. The Internet is more 
    than port 80. Verisign's move has caused a lot of problems for non-web 
    services (like email) that expect the Net to act a certain way, which is 
    what much of the fuss is about. --Declan]
    Date: Wed, 24 Sep 2003 22:48:23 +0200
    To: Declan McCullagh <declan@private>
    From: Henrik Nilsson <henrik.nilsson@private>
    Subject: Re: [Politech] Michael Geist's column on VeriSign's domain name
    Cc: domains@private
    As someone who has worked the last 6  years covering public interest issues 
    regarding Internet services (Swedish Ministry of Communications, Telecom 
    regulatory agency incl advisor to Swedish government on ICANN, 
    Competition/Anti-trust Authority)  let me say that, much as I respect prof 
    Geist, he is talking up his posterior. It will take something more drastic 
    than being redirected to a commercial message for a national government to 
    intercede at short notice and with various legal issues outstanding. Much 
    as I personally find Verisign's action objectional, let me state that 
    Internet governance (and most other governance) proceeds under the law, 
    with due process, and with all deliberate speed. Exitable elements of the 
    Internet community may wish for more direct action - more thoughtful 
    individuals may prefer governments to procede with caution.
    Yours, etc
    Henrik Nilsson
    Stockholm, Sweden
    Date: Tue, 23 Sep 2003 11:12:06 -0400
    From: Carey Lening <clening@private>
    To: Declan McCullagh <declan@private>
    Subject: The latest stupidity from Verisign.
    Seen this?
    Apparently Verisign wasn't content with just sending out false mail 
    registrations to non-Verisign folks.  They have to resort to yet another 
    questionable act -- in defiance of ICANN.
    So how long does this contract run ? ;)
    (Politech still rocks, even after all these years, and my random changing 
    email addresses.)
    Carey Lening
    Date: Mon, 22 Sep 2003 15:24:35 -0700
    To: declan@private
    From: Malcolm Hoar <malch@private>
    Subject: Latest word from VeriSign re wilcards
    This is outrageous:
    "All indications are that users, important members of the
    internet community we all serve, are benefiting from the
    improved web navigation offered by Site Finder."
    | Malcolm Hoar           "The more I practice, the luckier I get". |
    | malch@private                                     Gary Player. |
    | http://www.malch.com/               Shpx gur PQN.                |
    Subject: OMG, this is horrible!
    Date: Thu, 18 Sep 2003 14:58:37 -0700
    Message-ID: <0C5792DFC53F764F9CC9312C8F15F5F41632D8@private>
    From: "Paul Bunn" <Paul@private>
    To: "Declan McCullagh (E-mail)" <declan@private>
    What an abuse of their power of controlling the root name servers!
    Mis-type a URL, get a VeriSign spam.  It's like they're cybersquatting the 
    entire internet name space.
    From: "Richard M. Smith" <rms@private>
    To: "Declan McCullagh" <declan@private>
    Subject: VeriSign hires Omniture to snoop on typos
    Date: Wed, 17 Sep 2003 11:19:39 -0400
    Here's another interesting angle on the Verisign Site Finder Web site.
    VeriSign has hired a company called Omniture to snoop on people who make
    domain name typos.  I found this Omniture Web bug on a VeriSign Site
    Finder Web page:
    The query string of the URL contains the usual things such as the Web
    page URL, the referring URL, browser type, screen size, etc.  This query
    string is built on the fly by about 50 lines of JavaScript embedded in
    the Verisign Web page.
    The Omniture server sets a cookie so that people can be watched over
    time to see what typos they are making.
    Here's a bit more about the Omniture snooping service:
    Note to Omniture:  Yes, I was using Google to research security issues
    with the Mini-Bank 1000 ATM, but my interests are purely academic. ;-)
    Richard M. Smith
    Politech mailing list
    Archived at http://www.politechbot.com/
    Moderated by Declan McCullagh (http://www.mccullagh.org/)

    This archive was generated by hypermail 2b30 : Wed Sep 24 2003 - 14:05:23 PDT