Editing Site Finder

{{Short description|Wildcard DNS record run by VeriSign}}
'''Site Finder''' was a [[wildcard DNS record]] for all [[.com]] and [[.net]] unregistered domain names, run by .com and .net [[top-level domain]] operator [[VeriSign]] between 15 September 2003 and 4 October 2003.<ref>{{Cite web |date=2023-05-21 |title=Domain Names - Verisign |url=http://www.witiger.com/ecommerce/domainnamephishing-verisign.htm |access-date=2024-06-27 |archive-url=https://web.archive.org/web/20230521121459/http://www.witiger.com/ecommerce/domainnamephishing-verisign.htm |archive-date=2023-05-21 }}</ref>

==Site Finder==
All Internet users who accessed any unregistered domains in the .com and .net domain space were redirected to a VeriSign [[web portal]] with information about VeriSign products and links to "partner" sites. This gave VeriSign the advantage of receiving greater revenue from advertising and from users wishing to register these domain names. It had the effect of capturing the [[web traffic]] for several million mistyped or experimental web accesses per day, and meant that VeriSign effectively owned all possible .com and .net domains that had not been bought by others, and could use them as an advertising platform.

VeriSign described the change as an attempt to improve the Web browsing experience for the naive user, without mentioning any use of the domain name system other than by browsers. VeriSign's critics saw this claim as disingenuous. The change led to a dramatic increase in the amount of Internet traffic arriving at verisign.com. According to the web traffic measurement company [[Alexa Internet|Alexa]], in the year prior to the change verisign.com was around the 2,500th most popular website. In the weeks following the change, the site came into the top 20 most popular sites, and reached the top 10 in the aftermath of the change and surrounding controversy.<ref>{{Cite web |url=http://traffic.alexa.com/graph?w=640&h=480&r=4y&u=verisign.com |title=Alexa.com |access-date=2006-11-09 |archive-date=2017-12-01 |archive-url=https://web.archive.org/web/20171201035029/http://traffic.alexa.com/graph?w=640&h=480&r=4y&u=verisign.com |url-status=dead }}</ref>

==Issues and controversy== 
There was a storm of controversy among network operators and competing domain registrars, particularly on the influential [[North American Network Operators' Group|NANOG]] and [[ICANN]] mailing lists, some of whom asserted:
* that the redirection was contrary to the proper operation of the [[Domain Name System|DNS]], ICANN policy, and the Internet architecture in general;
* that VeriSign breached its trust with the Internet community by using technical architecture for marketing purposes;
* that the redirection broke various [[Request for Comments|RFC]]s and disrupted existing Internet services, such as [[email]] relay and filtering ([[Spamming|spam]] filters were not able to detect the validity of domain names);
* that the redirection amounted to [[typosquatting]] where the unregistered domain being resolved is a spelling mistake for a famous registered domain;
* that VeriSign abused its technical control over the .com and .net domains by exerting a ''de facto'' monopoly control;
* that VeriSign may have been in breach of its contracts for running the .com and .net domains;
* that the Site Finder service assumed that all DNS traffic was caused by Web clients, ignoring the fact that DNS is used by other applications such as networked [[Printer (computing)|printer]]s, [[File Transfer Protocol|FTP]] software, and dedicated communications applications. If users of these applications accidentally entered a wrong host name, instead of a meaningful "host not found" error they would get a "request timed out" error, making it look like the server existed but is not responding. No statement by VeriSign in support of Site Finder even acknowledged the existence of DNS traffic not caused by Web clients,{{Citation needed|date=February 2007}} although they published implementation details which mentioned this traffic.<ref>[https://web.archive.org/web/20041109202247/http://www.verisign.com/static/002702.pdf VeriSign Site Finder implementation] VeriSign Naming and Directory Services, August 27, 2003</ref>
* that Site Finder contained an [[end-user license agreement]] which stated that the user accepts the terms by using the service—but since mistyping an address automatically caused the service to be used, users could not refuse to accept the terms.

Others were concerned that the Site Finder service was written entirely in [[English language|English]] and therefore was not accessible by non-English readers.

The [[Internet Architecture Board]] composed a document detailing many of the technical arguments against registry-level wildcards;<ref>[http://www.iab.org/documents/docs/2003-09-20-dns-wildcards.html IAB Commentary: Architectural Concerns on the use of DNS Wildcards] {{Webarchive|url=https://web.archive.org/web/20110530032303/http://www.iab.org/documents/docs/2003-09-20-dns-wildcards.html |date=2011-05-30 }}, September 19, 2006</ref> this was used by ICANN as part of its supporting arguments for its action.

==Fallout==
A number of workarounds were developed to locally disable the effects of Site Finder on a per-network basis. Most notably, the [[Internet Systems Consortium]] announced that it had produced a version of the [[BIND]] DNS software that could be configured by [[Internet service provider]]s to filter out wildcard DNS from certain domains; this software was deployed by a number of ISPs.

On October 4, 2003, as a result of a strong letter<ref>[https://www.icann.org/resources/unthemed-pages/twomey-to-lewis-2003-10-03-en Letter from Paul Twomey to Russell Lewis 3 October 2003]</ref> from [[ICANN]], VeriSign disabled Site Finder. However, VeriSign has made public statements that suggest that they may be considering whether they will change this decision in the future. On February 27, 2004, VeriSign filed a lawsuit against ICANN, claiming that ICANN had overstepped its authority. The claim regarded not only Site Finder, but also VeriSign's much-criticised [[Wait Listing Service]]. The claim was dismissed in August 2004; parts of the lawsuit continued, and culminated in a March 1, 2006 settlement between VeriSign and ICANN which included "a new registry agreement relating to the operation of the .COM registry."<ref>[http://www.icann.org/announcements/announcement-28feb06.htm ICANN Board Approves VeriSign Settlement Agreements] ICANN, February 28, 2006</ref>

On July 9, 2004, the ICANN ''Security and Stability Advisory Committee'' (SSAC) handed down its findings after an investigation on Site Finder. It found that the service should not be deployed before ICANN and/or appropriate engineering communities were offered the opportunity to review a proposed implementation, and that [[domain name registry|domain name registries]] that provide a service to third parties should phase out wildcard records if they are used.

==References==
<references/>

==External links==
* {{Webarchive |url=https://web.archive.org/web/20041109202247/http://www.verisign.com/static/002702.pdf |date=November 9, 2004 |title=''VeriSign's Site Finder Implementation'' document (PDF)}}
* [https://web.archive.org/web/20040413042737/http://www.merit.edu/mail.archives/nanog/2003-09/msg00398.html VeriSign's announcement to NANOG of their wildcard DNS changes]
* [http://www.icann.org/announcements/advisory-03oct03.htm ICANN Advisory Concerning Demand to Remove VeriSign's Wildcard] of 3 October 2003
* [http://slashdot.org/articles/03/09/16/0034210.shtml?tid=126&tid=95&tid=98&tid=99 Slashdot discussion regarding Site Finder]
* [https://web.archive.org/web/20030923220436/http://www.isc.org/products/BIND/delegation-only.html Internet Software Consortium announcement of "delegation-only" feature that can be used to ignore gTLD wildcards]
* {{Webarchive |url=https://archive.today/20130119164106/http://news.com.com/2100-1038_3-5092133.html?tag=nefd_top |date=January 19, 2013 |title=''VeriSign to revive redirect service'' CNET article written 15 October 2003}}
* [https://web.archive.org/web/20110514000402/http://www.washingtonpost.com/ac2/wp-dyn/A9415-2004Feb26?language=printer Washington Post (27.02.2004): Suit Challenges Powers of Key Internet Authority]
* [http://www.icann.org/committees/security/ssac-report-09jul04.pdf Findings of ICANN SSAC on Site Finder service] (PDF)

[[Category:Domain Name System]]