
VeriSign DNS in Trouble 222
hesiod writes "Over at CNet News, there is an article reporting that VeriSign may lose their ability to sell domains. Evidently, ICANN is miffed because VS's WHOIS database has incorrect information. Not exactly news to most of us, but they have been given 15 days to fix the errors, or risk losing the ability to sell domains."
Oh my ... (Score:1)
SSL operations seperate from DNS operations (Score:2, Informative)
Re:Oh my ... (Score:2)
Re:Oh my ... (Score:2)
Good Question [cert.org]
Uh (Score:2)
It'll be intresting to see if VeriSign can actualy fix this in the time alloted, given their amazingly shitty technical skills.
Lying with statistics (Score:2)
Uh-huh, and how many did ICANN check to get those 17? Is that 17 out of 10.3M or 17 out of 32? Verisign obviously thinks everyone is dumber than they are.
VeriSign business plan (Score:2, Funny)
2. ?
3. Profit
Re:VeriSign business plan (Score:2)
2. Spam 'em all
3. Profit
Verisign andgry at ICANN ... (Score:1)
Screw ICANN (Score:1, Troll)
Re:Screw ICANN (Score:2)
Why did you say this? Where does it say that a P.O. Box is problematic?
A.
Re:Screw ICANN (Score:4, Insightful)
Re:Screw ICANN (Score:2)
Thank you, I didn't twig to that. On the other hand, I must point out that if the poster doesn't already *have* a P.O. Box (or the equivalent) that game has already been lost.
A.
Who has had a P.O. Box all of his adult life.
Re:Screw ICANN (Score:2)
On the other hand, I must point out that if the poster doesn't already *have* a P.O. Box (or the equivalent) that game has already been lost.
What game is that? Yes, it's possible to track down my address from my domain name, but it's sufficiently difficult to stop most people.
Re:Screw ICANN (Score:2)
Well, the previous poster claimed 'obvious reasons'. I interpreted that to mean 'wants to keep physical address more or less private'. You may or may not actually feel that way. I was also thinking more generally than just domain names. If you don't use a P.O. Box, your real address appears in far too many places to consider it private.
A.
-100 Offtopic
Re:Screw ICANN (Score:2)
Well, the previous poster claimed 'obvious reasons'. I interpreted that to mean 'wants to keep physical address more or less private'.
Well, mainly I just don't want someone getting pissed at something I write on my website or on slashdot showing up at my doorstep. Yes, it's still possible, so maybe I'm just being overly paranoid.
If you don't use a P.O. Box, your real address appears in far too many places to consider it private.
Perhaps. At the moment I just moved 4 days ago, so pretty much no one who doesn't know me personally has my real address. And if I could lie completely about my address, instead of putting an old address, it would be pretty much impossible to figure out which "Anthony DiPierro" I happen to be. The phone number is real, but it's an efax number, so unless you have a subpeona, you're not going to get my identity from it.
Re:Screw ICANN (Score:2)
Re:Screw ICANN (Score:2)
If anything I do using my domain names annoys or intrigues you, I cheerfully encourage you to use whois to find out. Call before coming to my house and I'll even bake cookies.
Re:Screw ICANN (Score:2)
Re:Screw ICANN (Score:2)
You're quite correct; I do not follow your logic (or rather, I do, but I think it might be a bit simplistic).
The potential for mischief is very well controlled within the Slashdot milieux, and the site's purpose is limited to discussion. Both of these make anonymity appropriate and useful, with no significant drawbacks.
The same cannot be said for participation in the world at large. Sometimes anonymity is good, other times it is not. When it comes to interconnection with a shared resource, accountability is essential. That doesn't mean that people shouldn't have the means to send anonymous emails, or to use anonymizing proxies to surf the web. However, there is - as always - a need for balance.
Still no need for public WHOIS (Score:2)
Why do you need any more "accountability" than that? If you want to take legal action against someone, you have to go to court. If you don't want to go to court, what you want the address for is extralegal action, such as spamming or stalking. There's no reason any registrar should assist in anything like that.
Re:Still no need for public WHOIS (Score:2)
There's a whole wide world between sitting on your thumbs and filing suit.
Perhaps you just want to contact them to discuss something (a settlement, strange packets coming out of their network, what have you - and yes I know, Verisign has nothing to do with IP assignment but I'm discussing the principle here). That's what the judge is going to tell you to do anyway.
Perhaps you'd like to know where they're located so you can assess the feasibility of legal action before going to the expense.
If the only resort is the last resort, then every disagreement has to be settled with nuclear weapons. That's one hell of a way to run a circus.
Re:Still no need for public WHOIS (Score:2)
A computer on the internet is not really different than a fancy telephone on the phone network. Phone companies have supported unlisted numbers for as long as phones have existed, and it isn't that big a deal.
The way that works is you file against a John Doe in some court having jurisdiction over the registrar, then subpoena the domain holder's info. That involves submitting some forms to the court and paying a small filing fee. It's not like starting a DoJ vs. Microsoft case with thousands of lawyers.One important aspect of this is the domain holder now knows who YOU are and that you're trying to obtain their info. That's different from WHOIS, where you can get people's info without their being informed. But there's no reason to support that kind of stalking feature. If you want someone else's info, you should be willing to supply your own info to them. You got a problem with that?
Re:Still no need for public WHOIS (Score:2)
To file in a remote jurisdiction takes either time (to research the procedure) or money (to hire a law firm to do it for you). Thousands of lawyers? Probably not. But that's what we in the bickering business call a straw man.
That is already arbitrated by existing systems. Someone sends you an envelope, they can put a return address on it, or not. If it's a bogus or unsupplied address, you can throw the envelope away. Likewise with phone calls. No need to get the courts involved.
There are hundreds of ways to get people's addresses, from calling the DMV to following them home. All legal. Your accessibility to the outside world is a byproduct of your choice to live in society. If you don't like it, there are still plenty of openings in the hermit industry.
Re:Screw ICANN (Score:2)
What's wrong? You don't want every slashdotter knowing your address? Maybe you see why I feel the same way? Somehow I doubt it.
You're quite correct; I do not follow your logic (or rather, I do, but I think it might be a bit simplistic).
Yes, it is simplistic. You don't want every slashdotter knowing your address. I don't want every slashdotter knowing my address. That's my "obvious reason" for not wanting to put my address in my whois data.
You seem to instead focus on justifications. But justifications don't change my desire for anonymity. Yes, if I get forced to put up my address, I will. Actually more likely I'll go ahead and buy a P.O. Box. I was considering it anyway. Or maybe I'll buy from one of the many places that let me buy a domain name anonymously. Actually after reading this article I'm thinking about starting one.
The same cannot be said for participation in the world at large.
We're not talking about the world at large, we're talking about a domain name.
Sometimes anonymity is good, other times it is not. When it comes to interconnection with a shared resource, accountability is essential.
Again, we're not talking about interconnection with a shared resource, we're talking about a domain name.
That doesn't mean that people shouldn't have the means to send anonymous emails, or to use anonymizing proxies to surf the web. However, there is - as always - a need for balance.
Yep, and putting my address on the internet for any idiot to see just because I buy a domain name exceeds that balance.
The internet isn't the real world. It's about time people start realizing that.
What RFC? (Score:2)
Re:Screw ICANN (Score:2)
17 out of 10.7M (Score:1)
If the IRS was this accurate then taxes would be a lot less since all those slipping through the system would be caught...
Re:17 out of 10.7M (Score:2)
I used to think ICANN wasn't good for anything more than demonstrating how political infighting and empire-building quickly take the place of serving the common interests (of the Internet's users). Now, though, I find myself actually amazed that they're doing something right.
The proof will be in the next whois lookup I do...
Re:17 out of 10.7M - 30K out of 10.7M, if not more (Score:2)
I'd guess far more than that. Pretty much every time I go to look up a domain, it's got bad info. Of course, the only reason I look up domains is when I'm annoyed at the spam they've left in my inbox or the attack attempts they've left in my logs.
So I dunno about the converse, but bad internet citizenship seems to be an excellent predictor of bad contact info.
Calls? (Score:1)
I wondered who that was... Anyone else get called by them?
Re:Calls? (Score:2)
Funny I've been considering transfering my 3 domains from Verisign to Go Daddy for half that. That postcard sold me, I will now.
Re:Calls? (Score:2)
Funny I've been considering transfering my 3 domains from Verisign to Go Daddy for half that. That postcard sold me, I will now.
Everyone using Verisign should take this opportunity to switch! The only reason anyone would use Verisign as their registrar anymore is laziness. We've all been bitching and moaning about how much Network Solutions sucked since before they even started charging for domains but we have a choice now. I would recommend GoDaddy as well. $8.95/year for a domain name and they have a decent web interface for administration. I can register a domain for 4 years for what Network Solutions was charging for 1 year!
Surprised? (Score:3, Funny)
Not me (Score:2)
Re:Surprised? (Score:2)
What a pain in the ass to get them moved to us.
How significant... (Score:1)
I think the real question now is does Verisign drop the domains that don't have legit info to satisfy this complaint. It is a good resource for tracking down abusers and other complaints. I have used it a number of times to track down contact info of providers of people who have attempted to crack my system...
PR Stooging (Score:3, Insightful)
I'm sorry, but my rebuttal is: "HAHAHAHAHAHAHAHAHAHAHAH!"
Only Seventeen?! I'd wager 15% of the domains on there are pointed to the phone number 123-456-7890 at the address of 123 Main Street. I'd call that the beginning of a pattern. Buncha jerks.
Re:PR Stooging (Score:2)
Yeh, but it was probably the first 17.. and I believe the problem isn't people giving them incorrect information, but rather them failing to update peoples information on request.
Re:PR Stooging (Score:2)
cat WHOIS-Database | grep -AB 10 "123-456-7890"
cat WHOIS-Database | grep -AB 10 "123 Main Street"
cat WHOIS-Database | grep -AB 10 "555-555-5555"
cat WHOIS-Database | grep -AB 10 "-555-"
Re:PR Stooging (Score:2)
Only problem is that if such a rule was enforced across the board there'd be hardly any registrars left anymore. Verisign, abominable as they may be, are most certainly not the only culprits of this practise in the registrar world.
Re:PR Stooging (Score:2)
Verisign, abominable as they may be, are most certainly not the only culprits of this practise in the registrar world.
They are, however, so legendary for their horrid service and incompetence that they had to change their name.
This isn't entirely Verisign's fault (Score:4, Insightful)
If I register floobydust.com, and I fill in a contact email that becomes invalid three days after I go live, is that Verisign's fault? What should they do, spam everybody in their WHOIS and purge the bounces?
I can think of lots of reasons to yank Verislime's ability to sell domains, but I'm not sure this is one of them.
Re:This isn't entirely Verisign's fault (Score:2)
Cheap registration -- you're paying for it. (Score:2)
Once, on some weird whim, I tracked down and contacted the person registered as owner of a spam domain. Turned out to be an elderly lady who didn't even own a computer! Obviously the real owner got her name and address out of a phone book. I reported this to the registrar, Verisign, and got back a form email about jerking domains not having any effect on spam. No comment on the fact that they had helped perpetrate a fraud!
Re:This isn't entirely Verisign's fault (Score:2, Insightful)
But when they are contacted and informed that the contact information for a domain that THEY ISSUED is not valid, then they MUST do something about it.
It is their JOB to maintain that information.
ie: Try to contact the domain holder, decide if the registration was fake or not, then axe the domain.
Re:This isn't entirely Verisign's fault (Score:2)
They raped the database doing an upgrade (Score:2)
What they actually DID do was rape the whole WHOIS database for lots of domains, changing zone contacts, technical contacts and in some cases administrative contacts to NO.VALID.EMAIL@blahblah, in many cases before or without EVER sending the stupid letters explaining what happened.
It was a TOTAL FUCKAROUND to get it fixed when it happened, especially when you got no information about specific domains (usernames, passwords).
I even had supervisors at Verisign tell me to make up my own letterhead and fax in changes for domains. They said all they looked for was info that looked vaguely professional. I eventually made a template in word that I faxed in when I pasted in new "logos" I ripped off from google.
Re:This isn't entirely Verisign's fault (Score:2)
No, but if one registers with an address like "Yellow Brick Road, Kansas" (yorkstreethardware.com), or "000 Blank St., No city, XX 00000" (dundjerski.com), or a phone number like 650-555-1212 (sunnyside.com) or 000-000-0000 (jaxx.net), one could argue that the domain should have never been issued.
Re:This isn't entirely Verisign's fault (Score:2)
Right, except that according to the article:
which is a little bit more obvious than an email address change.Re:This isn't entirely Verisign's fault (Score:2)
Here's what I think that should be done to make sure that the information is correct... Build in a clause to the registration agreement that the registrar will verify the information periodically and if any of it changes, the registrant is required to supply the changed. Then, the registrar verifies the information by sending an email to the contact addresses that must be replied to within a certain timeframe. If the email bounces or there is no reply, the domain gets suspended (out of the DNS database until the problem is rectified). Start off with checking the address frequently and then less frequently as the address seems to become more perminant.
One record in question.. (Score:2, Informative)
Dundjerski, Marina (MDE220)
Marina Dundjerski
000 Blank St.
No city, XX 00000
US
123-123-1234
However, on the same record, the "Registrant" field lists an address for the same name as above. If this is the worst that they can come up with, I hardly consider this a big deal.
-molo
How convenient (Score:4, Informative)
Not gonna happen.
Hello gandi.net
We are always fixing this one... (Score:2, Interesting)
Whois Server Version 1.3
[...]
Administrative Contact:
Dundjerski, Marina (MDE220) marina10@EARTHLINK.NET
Marina Dundjerski
000 Blank St.
No city, XX 00000
US
123-123-1234
# date ; whois Dundjerski.com | grep updated
Wed Sep 4 18:12:24 EDT 2002
Database last updated on 4-Sep-2002 18:12:24 EDT.
# date ; whois Dundjerski.com | grep updated
Wed Sep 4 18:12:25 EDT 2002
Database last updated on 4-Sep-2002 18:12:25 EDT.
# date ; whois Dundjerski.com | grep updated
Wed Sep 4 18:12:26 EDT 2002
Database last updated on 4-Sep-2002 18:12:27 EDT.
Re:We are always fixing this one... (Score:2)
Updated Date: 15-jan-2002
i'm forgetting again (Score:5, Informative)
in fact, i have incorrect data because i and my wife were being stalked - and the WHOIS database is where he thought i lived. He went looking for us at the old address.
and what's the worst part of all - to have ANY level of security from a whois search that could give sickos and perverts your address is by getting a P.O. Box.. from the USPS!
Imagine, the key to internet privacy is the Postal Service. Now that's just great.
It soon will be. (Score:2)
Currently you are contractually obligated to provide correct whois information by the terms of service that propagated from ICANN.
SPAMMERS usually use false domain information to hide. Maybe the spammers don't want us breaking into their houses to watch TV and use their computers? Why not, their houses are connected to public roads, so we can use them. Right???
Re:i'm forgetting again (Score:3, Interesting)
what law is it breaking to have incorrect data?
None yet, but if ICANN gets their way they'll buy this law [loc.gov].
Re:i'm forgetting again (Score:5, Interesting)
There is no such law. But what's your point? If Ashcroft or someone from the justice dept were pursuing them, and there was no law, then you'd have a point.
They did, however, sign a contact with ICANN, in which they agreed to have up to date data. They chose to take a big shit on that contract. That's why ICANN is pissed.
Personally, I'd love to see Verisign out of business. Someone stole my identity two years ago and bought $1000 worth of services from Verisign. Verisign took a YEAR to remove the domains, claiming they needed to verify with the registrant before they could be cancelled. (Thieves have more rights than I do, apparently). They still refuse to remove the bogus whois information that the thief supplied using my correct name and address, but a fake phone number and e-mail. They claim I can't remove it, because I told them I didn't enter it in the first place. They also don't answer the phone anywhere but the sales department.
They're a bunch of lying, thieving, ignorant wankers, who deserve to have the book thrown at them. Not that it'll happen, since ICANN will probably give up at the last minute (c.f. United States v. Microsoft).
Re:i'm forgetting again (Score:2)
They claim I can't remove it, because I told them I didn't enter it in the first place.
Sounds like a legitimate reason to me.
Sounds actionable to me (IANAL). Something about accomplice to fraud.
Re:i'm forgetting again (Score:2)
Sounds actionable to me (IANAL). Something about accomplice to fraud.
I don't see how. If anyone was defrauded, it was Network Solutions. You can't be an accomplice to a crime committed against yourself.
I'm sure if you had gotten an injunction NetSol would have gladly removed the information. Until then it's not their place to get involved. Innocent until proven guilty in a court of law, and all that nonsense.
Breach of Contract (Score:2)
Breach of Contract.
When a registrar signs up with ICANN, they sign a binding contract. Whether or not you agree with the contract, it is a binding contract. Below is an excerpt:
3.7.7.1 The Registered Name Holder shall provide to Registrar accurate and reliable contact details and promptly correct and update them during the term of the Registered Name registration, including: the full name, postal address, e-mail address, voice telephone number, and fax number if available of the Registered Name Holder; name of authorized person for contact purposes in the case of an Registered Name Holder that is an organization, association, or corporation; and the data elements listed in Subsections 3.3.1.2, 3.3.1.7 and 3.3.1.8.
source [icann.org]
Law? (Score:2)
The agreement that ALLOWS Verisign to be a registrar requires that they provide accurate information in the whois database for all contacts.
They are required to verify said information upon registration, and to correct errors promptly when they are found.
In other words, you cannot 'anonymously' register a domain.
Privacy? If you want privacy, don't go to the trouble of having your own domain, that's pretty simple. That's like saying you want to get a business license and open a shop in your town, but you don't want anyone to know where you live or who you are.. well guess what, your business license and said filings are a matter of public record, and anyone can go see them.
This is not dissimilar.
Re:i'm forgetting again (Score:2)
All my domains are registered with false contact information, with the exception of the email addresses, which are tagged, but valid. Can anybody tell me why this is a problem?
None of my phones are listed in a phone book, why should my whois data be forced to be any less private?
Re:i'm forgetting again (Score:2)
One problem with this is that when have you bogus contact information, it makes it look like you may have something to hide, seeing as how spammers employ similar tactics with their domain registration.
My suggestion would be to get a Mailboxes, Etc. [mbe.com] dropbox and list that in your domain contact. That way, people who need to legitimately reach you via postal mail can, while stalkers will not find you.
this isnt about bad whois data (Score:3, Insightful)
- Getting rid of Verisign in the
- Getting rid of Verisign before they get the 3
year on
- Getting rid of a company that is going bankrupt
and is highly fraudulent (snapnames, bogus
invoices etc)
- ICANN itself getting out of the spotlight for
firing its At Large Directors
Re:this isnt about bad whois data (Score:2)
Revoking Verisign's registrar business would be ironic indeed - it would get them out of the dual role that they had promised to give up, but gave up
Just transfered from VeriSign (Score:3, Interesting)
I can kind of understand why a larger company would like to know that someone has to jump through major hoops before someone can hijack their domain, but for me all there security was a major pain in the ass. Plus, the last time I checked, they were using some ibm ssl software that doesn't let you use mozilla to manage your account. I am going to plug domainmonger here, I have no affiliation with them, I am just a happy customer.
domainmonger.com [domainmonger.com]
I have had such good luck with domainmonger, they are not a large operation, but I have never had trouble getting ahold of someone if I have had a problem.
....
posting makes you feel goooooodd.
changing registrars (Score:3, Interesting)
Re:Just transfered from VeriSign (Score:2)
Finally, yesterday I called them on the phone and in about 45 minutes of hassling with a live human (no wonder they are hurting), still got no satisfaction. She told me the system was changing and they could not change the domain in any way except through the autoresponder, and had no idea why it didn't work. She did manage to get it to generate a couple of "unauthorized" person trying to change your domain messages (she works for them, but she is unauthorized)! She later told me should would fix the problem (which she had earlier told me was unfixable) but it would take a few days to show up in the database! This is modern technology?
Now the whois record shows yesterday as the last date changed, but it still has the same wrong information in it!
This incompetent company deserves to have their domain privileges removed. Their whois database should be given to someone who can make it work!
Letter from Louis Touton (Score:5, Informative)
Cites the 17 broken entries.
Verisign slap on the wrist? (Score:2, Interesting)
Don't threaten, just do it. (Score:3, Insightful)
#11 is the gem (Score:3, Funny)
Wasn't this this the "spam" arm of NSI?
Missing the point (Score:2, Insightful)
They have a point (Score:4, Insightful)
People would complain to Network Solutions about spammers having obviously bogus WHOIS information (such as phone numbers of --- --- ----), and their reply was that "WHOIS information is ot guaranteed to be accurate".
I think the response is that, if a given set of WHOIS contact information is bogus, and people complain about the bogus information, Verisign should pull the domain in question until they update the information to have legitimate contact info.
A spam-friendly domain without real WHOIS contact information should be pulled until the information is updated. People should be held more accountable for what they put up on the internet; non-bogus WHOIS contact info is a start.
- Sam (Pot. Kettle. Black. I've moved since signing up for my [samiam.org] domains [maradns.org], and have not updated the WHOIS contact info)
Rare for anyone to be held responsible (Score:2, Insightful)
If they get punished for ANYTHING that will give me a little satisfaction. It's kind of a rarity for companies to be held responsible for being arrogant f-ups. Let's hope this gets carried through and they get the spanking they deserve.
Musings over WHOIS. (Score:2)
I realize that keeping data on who domains belong to is somewhat important, but I don't see why this data has to be made available to the general public. Yes, it lets people trace the supposed owner of a domain... which can mean nothing, if the owner and the person maintaining the website aren't the same. It can also give people an avenue to harass you, especially if you happen to host any content that's in any way controversial.
Once, owning a domain was something businesses did. The average person had an email like jdoe@isp.net, and a web address that probably looked like http://www.isp.net/~jdoe. There are still plenty of those out there. There are also those of us who aren't content with the tiny amount of capability our ISP accounts come with, and so pay for third-party hosting... and a domain.
My domain holds a bunch of stuff. A forum for a hobby of mine. My public journal. Some links. Nothing out of the ordinary. I don't see why it's in any way important for other people to have easy access to my address and phone number. If the police need it, let them get it from my registrar.
I don't think there should be a blanket assumption that domains are going to belong to businesses who don't have anything to lose from their contact info being public.
Re:Musings over WHOIS. (Score:2)
If you have a web page that does not demand a password, then it is publication. You are the publisher not the ISP. If it is 'just private stuff' then sorry, your contact details must be registered. I would however grant you as a private citizen operating a non-commercial site the ability to hide your telephone number but not your name and address.
What do you want from them?! (Score:3, Funny)
I mean, are there even companies whose business is to guarantee that someone is who they say they are and that they provide accurate information?
The very idea is ludicrious!
Seriously though...why not have government controlled digital signatures? They could use the passport system (not Microsoft's...the kind you get before you go to another country) as a starting point. It seems like one of the rare chances for beneficial government interference. Sure, we'd lose a particular private sector, but it'd give lots of people the same warm, fuzzy feeling that the FDIC does.
They've already got one # to represent each person anyway.
Really looking for (negative) responses here; I can't see anything bad about this (and I'm usually against government intervention).
Re:What do you want from them?! (Score:2)
The fact that the digital certificate business is based entirely on having a reputation as a trustworthy company is what made VeriSign's slimeball fake-renewal scam all the more amazing.
Re:What do you want from them?! (Score:2)
Let me spell out my view.
I find it rather disturbing that an organization whose main business is to keep track of people has trouble keeping track of people on their secondary business.
It makes me think that perhaps they're not doing their main job right - something which is much harder to verify because the main thing people want from VeriSign is a certificate already in NS and IE's databases. People just aren't going to complain much if they can get their key request replies.
Further, it makes me consider that perhaps privately owned business does not have enough vested interest in its clients to ensure accurate record-keeping, since the cash will keep rolling in anyway (for digital certs).
Sorry if you couldn't read my train of thought through the lines. More clear now?
They big enough? (Score:2)
Blatant Misdirection on ICANNs Part (Score:2, Interesting)
ICANN is so in bed with Verisign it's not even funny. This is a nudge-nudge wink-wink arrangement between them so ICANN can look like they're doing their job and Verisign takes a black eye that nobody will remember in a year so that WLS happens.
Do not be fooled.
Bad whois info (Score:2)
Verisign showing incompetence? (Score:2)
(I'd be more shocked if I were to learn that someone there knew the difference between good data and bad)
Re: your sig (Score:2)
It's idiom, with a meaning kinda like "manana" (Slashdot won't let me put the tilde over that first n) in Spanish. I guess the closest English equivalent would be "someday..."
did /. make verisign mad? (Score:2)
THANK GOD (Score:2)
How I became a porn king without even trying. (Score:5, Interesting)
I found that I was on many porn dealer mailing lists. I contacted VeriSign. I started getting promotional offers for disks of barn yard porn. Both VeriSign and the owner of the site refused to reply to my emails. When I called VeriSign they told me to stop bothering them. They refused to take any action.
Eventually the owner tried to change the DNS server for the site, as technical contact I blocked it. They tried again, I blocked it. They tried to change the technical contact. I let them!
I was listed as technical contact for that site for more than 4 years. VeriSign refused to do anything. I was never able to contact the actual owners of the site. I contacted VeriSign by email and by phone repeatedly. They refused to do anything.
My name and my home address are still listed in directories of porn site operators.
I would like to see the President of VeriSign draw and quartered. I hate those guys. Putting them out of business is the least that should be done to them. They are sick sick sick bastards.
Stonewolf
Re:How I became a porn king without even trying. (Score:2)
Yes, they left the door open, but that doesn't give me the legal right to go through the door.
Stonewolf
Re:How I became a porn king without even trying. (Score:2)
The difference is that *I* didn't initiate the transaction. I just recieved an email asking me to authorize a change. Refusing to authorize the change kept things the same, so I wasn't changing anything. So, in fact blocking the change was what I was required by law to do. And, each time I blocked the change I sent email to both VeriSign and the site owner telling them that I was blocking the change because I wasn't authorized to approve the change because I wasn't the technical contact for the site.
OTOH, helping them correct a typo, at their request, could not be considered unauthorized access. After all, they sent me email asking me to make the change.
Anyway, the only way I could get them to fix the database was to block the change. I could have sued them for damage to my reputation, I could STILL sue them. But, this was easier.
Stonewolf
ObPlug (Score:2)
No bullshit, great service.
Yeah...like this would happen (Score:2)
Big money/companies like this get a whole other set of rules to play by. Probably a PR step to make ICANN look like heroes.
Click here to report bad domain info (Score:2)
I've been reporting some big-name spamvertized sites that hide behind phony domain registrations, and I encourage others to do so.
This isn't their only problem! (Score:2)
I also recently transferred my wife's busybride.com [busybride.com] domain away from them, using joker.com and Verisign is now telling me that it is up for renewal. But if you check the whois information it is obviously registered with joker.com!
(No, I didn't register it with Verisign, the previous owner did and after buying it I also discovered Verisign's other scam, holding domains hostage after a sale and refusing to transfer them for 60 days).
Feh! A pox on their house.
Re:Yeah (Score:2, Insightful)
Re:ICANN's press release (Score:2)
And this isn't a personal privacy issue; that is completely separate from VeriSign not updating WHOIS records when requested and telling customers to give false information.
But it is a personal privacy issue. Verisign is breaking its contract, but by doing so it's protecting its customers' personal privacy.
Please, no more pity posts for VeriSign!
I agree there. But please, no more pity posts for ICANN.
Instead lets have pity posts for the domain name holders. In the end that's who's going to lose, because Netsol will give in within 15 days, and won't lose their status as Registrar.
Re:ICANN's press release (Score:2)
I'm going off incomplete facts here, but it sounds like in some of the cases ICANN sites, the registrants are trying to get their contact information changed and VeriSign isn't allowing them.
Do you have any quotes or references that suggest that? I read the article, I read the press release, and I don't see anything which suggests that.
I sincerely doubt Verisign is doing this to help their customers.
I agree with you there. Verisign's motive is almost certainly profit. But I don't really care about their motive so much as what they are doing. If they are protecting their customer's privacy, then I'm going to support that, regardless of their motive.
So whether or not in these specific cases they are trying to protect their customers privacy, I have first hand knowledge that the general complaints ICANN is raising are valid: VeriSign can be very slow or even completely unresponsive in changing WHOIS records.
That may be the case. In fact, from what I've read I believe it probably is the case. But that's not what ICANN is charging them with.
Also, if you want to register a domain, there has to be some way for people to contact you.
Well, I disagree. I don't think there needs to be some way for people to contact me. Certainly not without obtaining a subpeona. But in any case, I have provided my phone number and email address, as well as my name. There is absolutely no reason the public needs my mailing address as well.
No one requires you to give your home address, but you have to give some contact information.
More specifically, you have to give a mailing address.
Use a P.O. box or your work address, but if no one can reach you in the eventuality your domain is misused, you shouldn't have a domain.
As I said in my other post, I'll use a P.O. Box if ICANN pays for it. And I work at home.
With priviledges come responsibilites.
Yes, with the priviledge of being granted a monopoly comes the responsibility to not infringe upon my right to free speech.
I understand the various concerns such as frivolous lawsuits, but breaking one system to compensate for a broken system isn't the solution.
My concern is not over frivolous lawsuits. My concern is over burglers and psychos.
I also disagree with your characterization that my post was a "pity post for ICANN".
I agree. I wasn't referring to your post.
That said, while I don't support ICANN, I'm also not going to fault them for taking a step in the right direction and I see trying to clean up the WHOIS database as a step in the right direction.
And while I don't support Verisign, I'm also not going to fault them for taking a step in the right direction and trying to facilitate anonymous publication of free speech on the internet. I see allowing anonymous ownership of domain names as a step in the right direction.
I currently have several domain names through Tucows. Many of them have incorrect address information, and I don't want to be forced to change it. But if ICANN gets their way I will have four choices: fix the address, get a P.O. Box, subscribe through a provider who will put the domain in their name, or lose the domain. None of those choices are attractive to me, but I'll probably wind up getting the P.O. Box.
Re:I hope they close the doors on Verisign (Score:2)