:: Deepquest ::

Icann 1 – verisign 0

Verisign was forced to remove the “wildcards” systeme that disturb the stability of many system, networks, and applications. Making a real proof abuse of trust. Isn’t it deja vu?

on september 15th [url=http://www.verisgn.com]verisign[/url] activated a system called wildcards. Basicly it catched all traffic to non existing domain, including emails. Any typos in email address where sent to Verisign. Icann asked verisign to remove that system by 6:00 PM PDT on 4 October 2003.

Here are various problems encoutered by wildcard system:

-Eliminating the display of “page not found” in the local language and character set of the users when given incorrect URLs rooted under these top-level domains, and instead causing those browsers to display an English language search page from a web server run by VeriSign.

-All mail to non-existent hostnames in the .com and .net TLDs to flow to VeriSign’s server (in addition to other effects on certain email programs and servers)

-Eliminating the ability of some applications to inform their users as to whether a domain name is valid before actually sending a communication

-Rendering certain spam filters inoperable or ineffective

-Affecting interaction with other protocols in a number of ways

-Adversely affecting the performance of certain automated tools

-Affecting in some cases (where volume-based charging is applicable) increasing the user cost simply by increasing the size of the response to an incorrectly entered domain name

-Creating a single point of failure that is likely to be attractive to deliberate attacks

-Raising serious privacy issues

-Interfering with standard approaches to reserved names

-Generating undesirable workarounds by affected third parties.

so now everything is back to normal, but we will remember this:

[url=http://www.icann.org/announcements/advisory-03oct03.htm]Icann advisory[/url]