October 18, 2003

In response to Keith Teare

In an October 17 entry in his blog (on the subject of Verisign's "sitefinder") Keith Teare said:

For what its worth the DNS service is actually better than it was before for HTTP requests to mistaken addresses. An error message has effectively been replaced with a redirected help screen. Where there are minor inconveniences - as with SMTP - these can easily be worked around if the industry is aware of the use of wildcards. No need for a huge over-reaction here.

A "minor inconvenience"? This reminds me of a time earlier this year when NASA was dismissing the insulation-impact damage to the Shuttle Columbia as "minor" and was assuring everyone that there was no need for a huge over-reaction.

Just as the damage to Columbia proved to be far more significant, Sitefinder's wildcard-record based redirection goes far beyond being a "minor inconvenience".

Quite the contrary: Sitefinder's commits mayhem on the primary principle that make the internet work. Sitefinder breaks the end-to-end principle.

The effects are not limited to email - everything from voice-over-IP to iSCSI (storage area networks) are damaged. And this damage is not "easily worked around".

(And even if it were "easily worked around" - the cost of that "work around" aggregates to a very large number of dollars. And Verisign has not offered to reimburse people for the actual and real damage that it has caused and that sitefinder will continue to cause should it be re-activated.)

Sure, the average person who views the internet only through a web browser might not see anything particularly amiss. But then again, the residents of the Northeastern part of the United States didn't see anything amiss with their electrical service at 4:10pm on August 14th of this year - only a small group of experts saw the signs of impending trouble. So, fact that the masses don't see anything wrong is not a reason to conclude that the concerns of experts can be dismissed.

Posted by karl at October 18, 2003 6:59 PM