Skip to main content

Message from Theo Hnarakis to Paul Twomey

From: Theo Hnarakis
Sent: Thursday, 2 October 2003 6:02 PM
To: Paul Twomey
Subject: Verisign Sitefinder service

To Paul Twomey, ICANN President
From: Theo Hnarakis, CEO of Melbourne IT Limited

Hello Paul,

I am writing to express our extreme disappointment that Verisign have launched a new registry service (Sitefinder) without consulting with either its direct customers (Registrars) or the wider community.

We would have expected that at least 3 months notice of such a new service be provided to the Internet community that is very dependent on the DNS nameservice for .com and .net provided by Verisign.

The change to the behaviour of the DNS nameservice for .com and .net has already impacted on the operation of the installed base of software deployed on the Internet, and will have a direct financial impact on some businesses. For example anti-spam software and browser software. Furthermore, several Melbourne IT resellers have been adversely impacted by the changes.

Melbourne IT is a supporter of innovation by registry operators, and the sitefinder service introduced by Verisign may be a useful service to Internet end users, however it is possible that it could be implemented in such a way to ensure that the service minimises disruption of existing software. This could have been done with a consultative discussion amongst members of the ICANN community.

In fact, Melbourne IT communicated our disappointment directly to Verisign and Rusty Lewis on the 19th of September and requested that the Sitefinder service be suspended pending a consultative discussion with all stakeholders. We are yet to receive a formal reply.

Melbourne IT supports the request from ICANN to Verisign to voluntarily suspend the service, and Melbourne IT also supports the recommendations of the ICANN Security and Stability Committee:

"Recognizing the concerns about the wildcard service, we call on VeriSign to voluntarily suspend the service and participate in the various review processes now underway.

We call on ICANN to examine the procedures for changes in service, including provisions to protect users from abrupt changes in service.

We call on the IAB, the IETF, and the operational community to examine the specifications for the domain name system and consider whether additional specifications could improve the stability of the overall system. Most urgently, we ask for definitive recommendations regarding the use and operation of wildcard DNS names in TLDs and the root domain, so that actions and expectations can become universal. With respect to the broader architectural issues, we call on the technical community to clarify the role of error responses and on the separation of architectural layers, particularly and their interaction with security and stability."

Melbourne IT supports the initiative of the ICANN Security and Stability Advisory Committee to hold a public meeting on 7 October 2003 to gather more input before issuing a report to ICANN.

As an act of good faith, Melbourne IT has agreed to provide some assistance to Verisign through its Technical Review panel to objectively evaluate the issues raised by the ICANN community, but Melbourne IT believes that Verisign in turn should also suspend the service while the community has a chance to thoroughly consider the issues associated with introducing wildcard entries into the .com and .net zonefiles.

If Verisign will not voluntarily suspend the service and consult with all stakeholders, Melbourne IT recommends that ICANN review its contractual options with respect to seeking more cooperation from Verisign.

Theo Hnarakis
Chief Executive Officer
Melbourne IT
Level 2, 120 King Street
Melbourne Victoria 3000

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."