back to article Verisign warns new dot-word domains could make internet unstable

Verisign, operator of the .com and .gov registries as well as two of the internet's 13 root servers, has warned that the "unprecedented" introduction of hundreds of new dot-word domains may make the internet unstable. In a quarterly filing to the US Securities and Exchange Commission this week, the tech biz included extensive …

  1. graeme leggett Silver badge

    telling quote

    " think that there was no end-user demand whatsoever for more extensions."

    #damnright

    1. Anonymous Coward
      Anonymous Coward

      Re: telling quote

      #thisisnottwitter

    2. DavidRa

      Re: telling quote

      Further, the implementation of (effectively) random words as root zones has no doubt caused extra costs to unrelated companies. I'll bet good money that there are hundreds or thousands of cases of internal domains being "duplicated" than just my own network at home. When I built it, 15? 18? years ago, .earth was a perfectly reasonable choice as it wasn't public. Now I can't even tell (programmatically) if I'm inside or outside the network if I look up nameservers for what was my internal space - it's no longer NXDOMAIN outside the walls.

      And each one will require either some internal migration work (to something real that is "owned" or at the least to something that can never BE owned - good luck guessing today what ICANN will not decide to make available as a root domain over the coming decades). Or, "sorry no you can't browse that site at work because our internal network clashes with the Internet".

      I'm not saying the individual costs are huge but when there are thousands of small impacts it adds up.

      1. Brian Scott

        Re: telling quote

        I'm guessing that the available namespace for private networks is now reduced to rude words. This could go do well in some workplaces.

        1. Anonymous Coward
          Anonymous Coward

          Re: telling quote

          Who else will divvy up to buy the rights to .bollocks

          climatechange.bollocks

          Ukgov.bollocks

          marketing.bollocks.

          I mean these are all fundamentally attractive names?

          I'll leave .blatherskite to our Hibernean colleagues.

          1. David Harper 1

            Re: telling quote

            My vote goes to dot-cockwomble.

      2. Anonymous Coward
        Anonymous Coward

        Re: telling quote

        I've recently had to explain exactly why we're not going to be able to renew a publicly trusted certificate:

        - it (was|is) an internal hostname, and as of november the CAs will no longer be issuing for those

        But more importantly:

        Some nob jockey at ICAAN has sold off the relevant gtld, so not only is that hostname now potentially a publicly resolvable domain, because the gtld is reserved for certain business types, we can't even buy up the domains we need (which would have allowed us to get certs).

        In the short term, it's switching to snake oil certs, in the long term it's migrating off the two gtlds that are affected

        1. Bronek Kozicki

          Re: telling quote

          There is another way around it, just create an "internal" subdomain in the domain you officially own. You may want to make sure that you do not leak it to the outside world, which requires some funky NS server setup (but you probably needed something similar anyway, for your "private" root domain). At least it's guaranteed not to clash with someone else's domain.

          1. JimC

            Re: telling quote

            > just create an "internal" subdomain in the domain you officially own.

            Doesn't everyone do that? Had that argument must be 15 years or more ago... Although ISTR some MS consultant claiming it was better to make internals domains something.local, which never struck me as a great idea.

  2. Your alien overlord - fear me

    Unstable? I nailed my router to the wall. It's pretty stable thank you.

    Of course if ICANN had stopped being such a c*nt years ago and introduced it themselves, at the same price as dot Com's this wouldn't be an issue nowadays but oh no, dot Com's are the only true way to internet holiness etc. etc.

    So basically, foot meet explosively driven lead slug from tube.

  3. Mage Silver badge

    "actual public benefit reason"

    Yes.

    I've had deep forebodings about this. It's so obviously senseless, destabilising and a money grab.

  4. Naughtyhorse

    Well at least...

    Now we know where sep blatter is going to be working after he gets out of jail.

  5. Mark 85
    Facepalm

    theregister.science???

    Interesting. Malwarebytes tells me that is a malicious website and has blocked it. Google, DuckDuckGo and others show it as viable but VeriSign and Internic show it as being a non-domain. I hope you guys didn't pay good money for that domain.

    Ah.... the confusion and terror of this is running rampant already.

    1. thames

      Re: theregister.science???

      I never knew it existed. If I hadn't seen it in the story (and to be honest, I didn't pay any attention to it until I read your comment) I would have assumed that it was a fake spam or malware site squatting on The Register's name. However, it just redirects back to the regular The Register site.

      But that of course is the whole business model of the "dot word" domain name industry. It doesn't expand the name space to any significant degree, because it's the bit to the left of the dot that matters. It just means that every well known web site now has to buy up umpteen different versions of their brand name in order to protect it.

      It's an extortion racket. "Nice brand name you've got there. Be a pity if anything were to happen to it."

      Why hasn't anyone taken ICANN to court and gotten a restraining order against them with respect to their brand names instead of just paying blackmail? Maybe with the explosion of domain names, victims will think it worth while going that route.

    2. Anonymous Coward
      Anonymous Coward

      Re: theregister.science???

      A few of us might've put El Reg up to it…

      I seem to recall once pointing out in a post that it was available (couldn't find the post today) and received a reply from El Reg member of staff saying "Noted!". It became "unavailable" soon after that.

  6. Destroy All Monsters Silver badge
    Holmes

    Mitigated

    Anything that pisses Verisign off is good, anything that wrecks the current economic "fake scarcity" model of domain names is good, but all in all the new domain names suck ...

    So, overall it's good.

    1. veti Silver badge

      Re: Mitigated

      This, exactly. In retrospect, I should've seen earlier that the change would upset Versign, and chalked that up to the 'benefit' side of the ledger. There had to be some positive outcome.

  7. ben edwards

    Didn't Verisign try to sell adspace on fat-fingered URLs for a while there? They have no rights to be whining about gTLDs.

  8. druck Silver badge
    FAIL

    Why now?

    Why are these companies/people only complaining about this now? Everyone with an once of common sense was decrying the ICANN money grab from the first day the dots words fiasco was announced.

  9. wsm

    This Internet stability thing

    Is ICANN talking about the infrastructure, the users, or their ability to shake more money out of the tree?

    1. brotherelf
      Facepalm

      Re: This Internet stability thing

      I parsed it as "sorry, we didn't document the procedures when we set this up because we didn't think we'd ever have to do this on a regular basis, let alone without service degradation", but maybe I'm confusing that with my orkplace.

  10. Ian Michael Gumby

    The Reg got it right.

    The only thing to come out of these new domain names is spam.

    I've got a list of 20-30 of these new tLDs that have hit my mail servers delivering spam.

    As soon as these hit, I add them to my filter and report them.

  11. OsranaKurwa
    Linux

    Boo Hoo Hoo, our monopoly is fading away.

    Bring on the entire dictionary as gTLDs because then nobody can hijack the monopoly of .com/.net/.org domains and try to extort people who are dead set on a particular domain name (like their surname).

    These monopolists have been running extortion scams for forever (like temporarily buying the domain name when anyone searches for it and it doesn't exist & jacking up the price astronomically).

    Zero sympathy for those people who have trouble dealing with choice... and personal email servers. Boo hoo hoo to you too.

    1. Anonymous Coward
      Anonymous Coward

      Re: Boo Hoo Hoo, our monopoly is fading away.

      "These monopolists have been running extortion scams for forever (like temporarily buying the domain name when anyone searches for it and it doesn't exist & jacking up the price astronomically)."

      Yep, had that too, and the buggers had somehow acquired the domain name that used to belong to the national registrar in my country. Even the website had the same look and it was only when I couldn't find my existing account that I twigged.

  12. Christian Berger

    This comes from the company...

    which redirected all unallocated .com domains to their own advertisement site and used to have a subsidiary in Germany called "Jamba" which defrauded millions of school children by selling them ring tones.

  13. Oliver Burkill

    Bog off Verisign.

    The root zone is about 80 KB. I'm not concerned that is going to break the internet.

  14. Anonymous Coward
    Anonymous Coward

    .uk anyone?

    until recently it was not possible to buy [yourbusinessname].uk, it had to be [yourbusinessname].co.uk

    The "naked" .uk became available *at a higher price than .co.uk* (why? Nominet the UK registrar has a very large staff who commend very good salaries and appear to deliver little other than demostrations of their incompetence, clearly this was aimed at doubling their income). I've not seen a single site making active use of the naked variant. Some like Tesco and HSBC have bought the variant (tesco.uk, hsbc.uk) but those examples don't even point to their live websites.

    The reason for naked .uk's failure is instructive to potential buyers of the new gTLDs:

    .com and in UK .co.uk are the expected and trusted TLDs, anything else is at least "second best" and risks being regarded as "dodgy". Rightly so given the history of domain name sales. I've spoken to businesses who've been sold variants like [yourbusinessname].uk.co having been reassured that its just as good as [yourbusinessname].co.uk, no mention of the very probable confusion between the two, no mention that the .co suffix represents Colombia and one guy was even told that .co.uk was being phased out and the replacement was .uk.co

    Even the existing TLDs are mis-sold, I know people with .net names who are in no way involved in networks (and in any case the major network companies prefer .com - e.g. cisco.net redirects to cisco.com)

    Another issue is URL validation algorithms (commonly RegEx). There are plenty kicking around. The TLD element of that regex often "expects" a 2 or 3 letter TLD ( regex code fragment like: .[a-z]{2,3} ). Those validators, embedded in much larger programs, will treat the longer gTLDs as invalid. How many of the few who realise the code needs updating are in a position to spend the time finding the relevant pieces of code and getting it amended? (And as much longer TLDs are now possible the validation will be weaker) .

    There is a problem with domain name availability with occasional reports of premium names being sold for over USD1M and domain name squatters sitting on piles of unused names bought speculatively in the hope of a profitable resale.

    My solution is to scrap the annual fee and replace it with a substantial refundable deposit, maybe USD1000 per name. The costs of running the system would come from interest on that deposit and it would be refunded should the "owner" relinquish the name.

    1. pipp
      Megaphone

      Re: .uk anyone?

      Nominet charges members the same price for .uk domains as .co.uk (£3.50 + VAT for 1 year). If you choose to use a registrar that overcharges for some domains, that's your lookout.

      See: http://registrars.nominet.org.uk/namespace/uk/registration-and-domain-management/new-registrars/fees/fee-schedule

      Of course the whole .uk debacle has been an outrageous money-grab anyway, it's all pretty indefensible.

  15. mcolepdx

    This is an obvious attempt by Verisign to use its position to cast doubt on the competitive potential of new gTLDs. These not-com options have been available to the public for more than a year and a half with absolutely no realized concerns about security and stability, and with registrations growing to more than 8.6 million names to date. Verisign may find itself competitively threatened, but it's a shameful move to try to introduce such a red herring at this stage of the game to try to protect its historic monopoly.

  16. johnjonescode

    Kill it all !!

    make dns glueless

    and get rid of certificate authorities by using dns

    where stuck with those two for some time but come on if we cared about users this would have been done a while ago its a bit like people just typing in the name of the company very few people actually type the full domain they just "google/bing/duck and go"

    john

    1. Brewster's Angle Grinder Silver badge
      Trollface

      Re: Kill it all !!

      We could do away with the DNS entirely: we ship the OS or browser knowing the IP address of Google™ a popular search engine and then the user searches googles as normal -- with google The Search Engine™ returning an IP address. Most users would never notice. Technical users would DuckDuckGo the IP address as normal.

      Seriosuly, this would be one less set of thieves to pay. IPv6 would allow virtual hosting to be implemented via IP-addresses instead of hashes. And international domain names wouldn't be a problem.

      Note the icon. Although I've half convinced myself.

  17. PaulVD
    Big Brother

    Context: the law is an ass

    The point is that this is a regular filing to the Securities and Exchange Commission, as part of which the company has to discuss any material risks to its business. These boilerplate filings are written by corporate lawyers, and their purpose is to ensure that no matter what happens "we warned you of that risk, so you (investor) can't sue us."

    This does not mean that anyone technically competent at Verisign actually expects a problem, just that the lawyers get paid for imagining possible problems.

  18. sysconfig

    icann.wtf

    Is already taken. Damn it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like