[I suspect Henrik is right about the lethargy of governments and the desirability of caution and forbearance. But it is incorrect to say that it's just a "commercial message" that's at issue here. The Internet is more than port 80. Verisign's move has caused a lot of problems for non-web services (like email) that expect the Net to act a certain way, which is what much of the fuss is about. --Declan] --- Date: Wed, 24 Sep 2003 22:48:23 +0200 To: Declan McCullagh <declan@private> From: Henrik Nilsson <henrik.nilsson@private> Subject: Re: [Politech] Michael Geist's column on VeriSign's domain name redirection Cc: domains@private As someone who has worked the last 6 years covering public interest issues regarding Internet services (Swedish Ministry of Communications, Telecom regulatory agency incl advisor to Swedish government on ICANN, Competition/Anti-trust Authority) let me say that, much as I respect prof Geist, he is talking up his posterior. It will take something more drastic than being redirected to a commercial message for a national government to intercede at short notice and with various legal issues outstanding. Much as I personally find Verisign's action objectional, let me state that Internet governance (and most other governance) proceeds under the law, with due process, and with all deliberate speed. Exitable elements of the Internet community may wish for more direct action - more thoughtful individuals may prefer governments to procede with caution. Yours, etc Henrik Nilsson Stockholm, Sweden --- Date: Tue, 23 Sep 2003 11:12:06 -0400 From: Carey Lening <clening@private> To: Declan McCullagh <declan@private> Subject: The latest stupidity from Verisign. Seen this? http://www.theregister.co.uk/content/6/32933.html Apparently Verisign wasn't content with just sending out false mail registrations to non-Verisign folks. They have to resort to yet another questionable act -- in defiance of ICANN. So how long does this contract run ? ;) (Politech still rocks, even after all these years, and my random changing email addresses.) Carey Lening --- Date: Mon, 22 Sep 2003 15:24:35 -0700 To: declan@private From: Malcolm Hoar <malch@private> Subject: Latest word from VeriSign re wilcards Declan: This is outrageous: "All indications are that users, important members of the internet community we all serve, are benefiting from the improved web navigation offered by Site Finder." http://www.icann.org/correspondence/lewis-to-twomey-21sep03.htm -- |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| | Malcolm Hoar "The more I practice, the luckier I get". | | malch@private Gary Player. | | http://www.malch.com/ Shpx gur PQN. | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- Subject: OMG, this is horrible! Date: Thu, 18 Sep 2003 14:58:37 -0700 Message-ID: <0C5792DFC53F764F9CC9312C8F15F5F41632D8@private> From: "Paul Bunn" <Paul@private> To: "Declan McCullagh (E-mail)" <declan@private> What an abuse of their power of controlling the root name servers! Mis-type a URL, get a VeriSign spam. It's like they're cybersquatting the entire internet name space. http://www.petitiononline.com/icanndns/petition.html --- From: "Richard M. Smith" <rms@private> To: "Declan McCullagh" <declan@private> Subject: VeriSign hires Omniture to snoop on typos Date: Wed, 17 Sep 2003 11:19:39 -0400 Hi, Here's another interesting angle on the Verisign Site Finder Web site. VeriSign has hired a company called Omniture to snoop on people who make domain name typos. I found this Omniture Web bug on a VeriSign Site Finder Web page: http://verisignwildcard.112.2o7.net/b/ss/verisignwildcard/1/G.2-Verisign -S/s03509671784255?[AQB]&ndh=1&t=17/8/2003%2010%3A39%3A28%203%20240&page Name=Landing%20Page&ch=landing&server=US%20East&c1=www.elinkprocess.com/ html/minibank_1000.html&c2=www.elinkprocess.com/html/minibank_1000.html% 20%2803/00%29&c12=Yes&c13=03&c14=No&c15=00&c16=Yes&c17=15&c22=NOT%20SET& g=http%3A//sitefinder.verisign.com/lpc%3Furl%3Dwww.elinkprocess.com/html /minibank_1000.html%26host%3Dwww.elinkprocess.com&r=http%3A//www.google. com/search%3Fas_q%3Dmini-bank%2B1000%26num%3D100%26hl%3Den%26ie%3DUTF-8% 26oe%3DUTF-8%26btnG%3DGoogle%2BSearch%26as_epq%3D%26as_oq%3D%26as_eq%3D% 26lr%3D%26as_ft%3Di%26as_filetype%3D%26as_qdr%3Dall%26as_occt%3Dany%26as _dt%3Di%26as_sitesearch%3D%26safe%3Dimages&s=1024x768&c=32&j=1.3&v=Y&k=Y &bw=1024&bh=538&ct=lan&hp=N&[AQE] The query string of the URL contains the usual things such as the Web page URL, the referring URL, browser type, screen size, etc. This query string is built on the fly by about 50 lines of JavaScript embedded in the Verisign Web page. The Omniture server sets a cookie so that people can be watched over time to see what typos they are making. Here's a bit more about the Omniture snooping service: http://www.omniture.com/announcement.html Note to Omniture: Yes, I was using Google to research security issues with the Mini-Bank 1000 ATM, but my interests are purely academic. ;-) Richard M. Smith http://www.ComputerBytesMan.com _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2b30 : Wed Sep 24 2003 - 14:05:23 PDT