Tag Archives: dns

Missed it by that much

I recently picked up a new domain name for a stand-alone website I’ve been working on. Since I got a good deal from Yahoo last March when I registered googolplextheaters.com for $5/year, I went with Yahoo again. I was slightly annoyed to see the price was now $9.95, but I remembered $4.98 had been a promo price, and $10/year is still not bad. Heck, I remember when then-monopoly Network Solutions dropped the price of a domain name from $100 to $70.

Anyway, it seems that Yahoo still offers $4.98 domains—depending on how you get there. Some of their ads offer the lower price, and if you come into the service through the ad, you get the discount.

It’s kind of like an automatic coupon.

It’s also a bit annoying that I could have spent half as much if I’d clicked on a different link.

Still, it’s only a $5 difference. I spend that much on lunch.

What’s Really Behind Site Finder Backlash

SiteFinder was a “service” Verisign offered for a few weeks in 2003 in which DNS lookups to any non-existant domain in .com or .net responded with a pointer to an ad page. Techies revolted because it broke a lot of stuff. Verisign attempted to paint opponents of Site Finder as a minority of anti-innovation “technology purists” who still resent the presence of commerce on the Internet. A shorter version of my response ran on CNet’s News.com as a letter to the editor.

Mark McLaughlin’s opinion piece, “Innovation and the Internet,” simply proves that Verisign has completely missed the point. The reason so many people objected to SiteFinder is not the service it provided, nor a rejection of innovation, but that it caused a significant number of non-web applications to fail. Verisign, a company that should know better, had forgotten that the Internet is more than just the web.

There are many applications besides the web which make use of the DNS system, and many of them take actions that depend on whether a domain exists or not. Some of the more obvious cases occur in spam blocking. For instance, mail servers often check to see whether a the sender’s domain exists before accepting email. The DNS wildcard that powered SiteFinder broke this: suddenly, all domains would appear to be valid. A spammer could claim to be sadkjfhdsaf@asdfsadfjsdf.com, and the message would be accepted.

Another issue is DNS-propagated blacklists: at least one (ORBS, if I remember correctly) had folded and allowed its domain name to expire, but many software packages still included it in their default configurations. Since people often install software without updating, they were seeing slightly slower results at first, but the SiteFinder wildcard suddenly caused all queries to return positive, and a number of servers began rejecting all mail. (Something similar happened with Osirusoft a month earlier, but that was intentional on the part of Osirusoft’s former administrator.)

Other people are concerned about the fact that misdirected email, instead of being routed to secondary servers (in the case of a bad configuration) or bounced back by the originating ISP, is being routed through Verisign. Here, it’s a matter of trust: if you trust Verisign to do the right thing and bounce it without looking at it, then you probably have no objection. But many people saw the arbitrary creation of the wildcard in the first place as a breach of trust, casting doubt on their trustworthiness in other areas.

There are ways to resolve the issue of mistyped websites that do not break other applications. Microsoft embedded this functionality in Internet Explorer some time ago. I believe AOL has done the same in their software. While there were probably some objections, in neither case did it cause other applications to stop working.

It’s not about being technology “purists,” stifling innovation, or keeping commercialism off the Internet. It’s about recognizing the fact that the Internet is a collaborative effort, not the private domain of any one company. If Verisign had submitted its idea for review, and given others a chance to point out its flaws and to make adjustments to their own software, this could all have been avoided. As it is, it is clear that Verisign neither thought through all the consequences nor is willing to recognize that there even are consequences. And that – not a desire to “hold the Internet back” – is the reason for the backlash.