ICANN Takes Action with respect to Verisign's Sitefinder
October 03, 2003

RETURN TO Abbstract


3 October 2003

Via E-mail and U.S. Mail

Russell Lewis
Executive Vice President, General Manager
VeriSign Naming and Directory Services
21345 Ridgetop Circle LS2-3-2
Dulles, VA 20166-6503

Re: Deployment of SiteFinder Service

Dear Rusty:

This letter is further to the advisory posted by ICANN on 19 September 2003
regarding the changes to the operation of the .com and .net Top Level Domains
announced by VeriSign on 15 September 2003, and in response to your letter of
21 September 2003. These changes involved the introduction (for the first
time in the .com and .net domains) of a so-called "wildcard" mechanism that
changes the expected error response for Internet traffic that would otherwise
have resulted in a "no domain" response, and redirects that traffic to a
VeriSign-operated webpage with links to alternative choices and to a search

Because of numerous indications that these unannounced changes have had very
significant impacts on a wide range of Internet users and applications, ICANN
on 19 September 2003 asked VeriSign to voluntarily suspend these changes, and
return to the previous behavior of .com and .net, until more information
could be gathered on the impact of these changes. On 21 September 2003,
VeriSign refused to honor that request. In the time since then, ICANN has had
further opportunity to consider the technical and practical consequences of
these changes, and to evaluate whether these unilateral actions by VeriSign
were consistent with its contractual obligations to ICANN.

Based on the information currently available to us, it appears that these
changes have had a substantial adverse effect on the core operation of the
DNS, on the stability of the Internet, and on the relevant domains, and may
have additional adverse effects in the future. These effects appear to be
significant, including effects on web browsing, certain email services and
applications, sequenced lookup services and a pervasive problem of
incompatibility with other established protocols. In addition, the responses
of various persons and entities to the changes made by VeriSign may
themselves adversely affect the continued effective functioning of the
Internet, the DNS and the .com and .net domains. Under these circumstances,
the only prudent course of action consistent with ICANN's coordination
mission is to insist that VeriSign suspend these changes pending further
evaluation and study, including (but certainly not limited to) the public
meeting already scheduled by ICANN's Security and Stability Advisory
Committee on 7 October in Washington, D.C.

In addition, our review of the .com and .net registry agreements between
ICANN and VeriSign leads us to the conclusion that VeriSign's unilateral and
unannounced changes to the operation of the .com and .net Top Level Domains
are not consistent with material provisions of both agreements. These
inconsistencies include violation of the Code of Conduct and equal access
provisions, failure to comply with the obligation to act as a neutral
registry service provider, failure to comply with the Registry Registrar
Protocol, failure to comply with domain registration provisions, and
provision of an unauthorized Registry Service. These inconsistencies with
VeriSign's obligations under the .com and .net registry agreements are
additional reasons why the changes in question must be suspended pending
further evaluation and discussion between ICANN and VeriSign.

Given these conclusions, please consider this a formal demand to return the
operation of the .com and .net domains to their state before the 15 September
changes, pending further technical, operational and legal evaluation. A
failure to comply with this demand will require ICANN to take the steps
necessary under those agreements to compel compliance with them.

Various press reports have quoted VeriSign representatives as being concerned
about the processes by which changes in the operation of top-level domains
are evaluated and approved by ICANN. I share those concerns. The introduction
by registry operators of new products or services that do not threaten
adverse effects to the Internet, the DNS or the top-level domains which they
operate should not be impeded by unnecessary or prolonged processes. On the
other hand, VeriSign, like other operators of top level domains, occupies a
critical position of public trust, made even more important given the fact
that it is the steward for the two largest generic top level domains. This
means that VeriSign has both a legal and a practical obligation to be
responsible in its actions in operating those top level domains.

To ensure that this obligation is carried out, there must be a timely,
transparent and predictable process for the determination of the likelihood
that a proposed change in the operation of a generic top-level domain under
contract with ICANN will have significant adverse effects. To this end, I
will be asking the GNSO to begin to create such a procedure, taking into
particular account any comments submitted by other ICANN advisory bodies,
liaisons, and constituencies. I will request the GNSO to make its
recommendations no later than 15 January 2004.

If, during this period, further technical and operational evaluations of the
changes made by VeriSign on 15 September indicate that those measures can be
reinstated, or reinstated with modifications, without adverse effects, I will
initiate the process to modify the .com and .net agreements to allow those
changes to take place. We will use best efforts to complete these evaluations
in a timely manner.

If, on the other hand, these ongoing evaluations confirm the claimed adverse
effects on the Internet, the DNS or the .com and .net domains that have been
publicized to date, or raise new concerns of that type, those concerns will
have to be resolved prior to any reintroduction of these changes. If any such
concerns cannot be resolved, and VeriSign continues to seek to implement the
service, it will be necessary to make recourse to the dispute resolution
provisions of the two agreements.

Given the magnitude of the issues that have been raised, and their potential
impact on the security and stability of the Internet, the DNS and the .com
and .net top level domains, VeriSign must suspend the changes to the .com and
.net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4
October 2003. Failure to comply with this demand by that time will leave
ICANN with no choice but to seek promptly to enforce VeriSign's contractual

I look forward to VeriSign's compliance by the date specified.

Best regards,

Paul Twomey
President and CEO

Chuck Gomes - Vice President, VeriSign Naming and Directory Services
Kevin Golden, Esq. - Senior Corporate Counsel, VeriSign, Inc.

Appoarently Verisign has capitulated and agreed to take Sitefinder off the air, at least for the moment. See, for example, the Washington Post article or the New York Times article.

Despite the uproar, Verisign is publically playing the role of victim:

"Without so much as a hearing, ICANN today formally asked us to shut down the Site Finder service," said VeriSign spokesman Tom Galvin. "We will accede to their request while we explore all of our options."

RETURN TO Abbstract