Site Finder was a wildcard DNS record for all .com and .net unregistered domain names, run by .com and .net top-level domain operator VeriSign between 15 September 2003 and 4 October 2003. [1]
All Internet users who accessed any unregistered domains in the .com and .net domain space were redirected to a VeriSign web portal with information about VeriSign products and links to "partner" sites. This gave VeriSign the advantage of receiving greater revenue from advertising and from users wishing to register these domain names. It had the effect of capturing the web traffic for several million mistyped or experimental web accesses per day, and meant that VeriSign effectively owned all possible .com and .net domains that had not been bought by others, and could use them as an advertising platform.
VeriSign described the change as an attempt to improve the Web browsing experience for the naive user, without mentioning any use of the domain name system other than by browsers. VeriSign's critics saw this claim as disingenuous. The change led to a dramatic increase in the amount of Internet traffic arriving at verisign.com. According to the web traffic measurement company Alexa, in the year prior to the change verisign.com was around the 2,500th most popular website. In the weeks following the change, the site came into the top 20 most popular sites, and reached the top 10 in the aftermath of the change and surrounding controversy. [2]
There was a storm of controversy among network operators and competing domain registrars, particularly on the influential NANOG and ICANN mailing lists, some of whom asserted:
Others were concerned that the Site Finder service was written entirely in English and therefore was not accessible by non-English readers.
The Internet Architecture Board composed a document detailing many of the technical arguments against registry-level wildcards; [4] this was used by ICANN as part of its supporting arguments for its action.
A number of workarounds were developed to locally disable the effects of Site Finder on a per-network basis. Most notably, the Internet Systems Consortium announced that it had produced a version of the BIND DNS software that could be configured by Internet service providers to filter out wildcard DNS from certain domains; this software was deployed by a number of ISPs.
On October 4, 2003, as a result of a strong letter [5] from ICANN, VeriSign disabled Site Finder. However, VeriSign has made public statements that suggest that they may be considering whether they will change this decision in the future. On February 27, 2004, VeriSign filed a lawsuit against ICANN, claiming that ICANN had overstepped its authority. The claim regarded not only Site Finder, but also VeriSign's much-criticised Wait Listing Service. The claim was dismissed in August 2004; parts of the lawsuit continued, and culminated in a March 1, 2006 settlement between VeriSign and ICANN which included "a new registry agreement relating to the operation of the .COM registry." [6]
On July 9, 2004, the ICANN Security and Stability Advisory Committee (SSAC) handed down its findings after an investigation on Site Finder. It found that the service should not be deployed before ICANN and/or appropriate engineering communities were offered the opportunity to review a proposed implementation, and that domain name registries that provide a service to third parties should phase out wildcard records if they are used.
The Domain Name System (DNS) is a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985.
The Internet Corporation for Assigned Names and Numbers is a global multistakeholder group and nonprofit organization headquartered in the United States responsible for coordinating the maintenance and procedures of several databases related to the namespaces and numerical spaces of the Internet, ensuring the Internet's stable and secure operation. ICANN performs the actual technical maintenance work of the Central Internet Address pools and DNS root zone registries pursuant to the Internet Assigned Numbers Authority (IANA) function contract. The contract regarding the IANA stewardship functions between ICANN and the National Telecommunications and Information Administration (NTIA) of the United States Department of Commerce ended on October 1, 2016, formally transitioning the functions to the global multistakeholder community.
In the Internet, a domain name is a string that identifies a realm of administrative autonomy, authority or control. Domain names are often used to identify services provided through the Internet, such as websites, email services and more. Domain names are used in various networking contexts and for application-specific naming and addressing purposes. In general, a domain name identifies a network domain or an Internet Protocol (IP) resource, such as a personal computer used to access the Internet, or a server computer.
A domain name registry is a database of all domain names and the associated registrant information in the top level domains of the Domain Name System (DNS) of the Internet that enables third party entities to request administrative control of a domain name. Most registries operate on the top-level and second-level of the DNS.
The domain com is a top-level domain (TLD) in the Domain Name System (DNS) of the Internet. Created in the first group of Internet domains at the beginning of 1985, its name is derived from the word commercial, indicating its original intended purpose for subdomains registered by commercial organizations. Later, the domain opened for general purposes.
The DNS root zone is the top-level DNS zone in the hierarchical namespace of the Domain Name System (DNS) of the Internet.
The domain name .org is a generic top-level domain (gTLD) of the Domain Name System (DNS) used on the Internet. The name is truncated from 'organization'. It was one of the original domains established in 1985, and has been operated by the Public Interest Registry since 2003. The domain was originally "intended as the miscellaneous TLD for organizations that didn't fit anywhere else." It is commonly used by non-profit organizations, open-source projects, and communities, but is an open domain that can be used by anyone. The number of registered domains in .org has increased from fewer than one million in the 1990s, to ten million in 2012, and held steady between ten and eleven million since then.
Verisign, Inc. is an American company based in Reston, Virginia, that operates a diverse array of network infrastructure, including two of the Internet's thirteen root nameservers, the authoritative registry for the .com, .net, and .name generic top-level domains and the .cc country-code top-level domains, and the back-end systems for the .jobs and .edu sponsored top-level domains.
A wildcard DNS record is a record in a DNS zone that will match requests for non-existent domain names. A wildcard DNS record is specified by using a *
as the leftmost label (part) of a domain name, e.g. *.example.com
. The exact rules for when a wildcard will match are specified in RFC 1034, but the rules are neither intuitive nor clearly specified. This has resulted in incompatible implementations and unexpected results when they are used.
The Domain Name System Security Extensions (DNSSEC) is a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protocol provides cryptographic authentication of data, authenticated denial of existence, and data integrity, but not availability or confidentiality.
A domain name registrar is a company, person, or office that manages the reservation of Internet domain names.
Network Solutions, LLC, formerly Web.com is an American-based technology company and a subsidiary of Web.com, the 4th largest .com domain name registrar with over 6.7 million registrations as of August 2018. In addition to being a domain name registrar, Network Solutions provides web services such as web hosting, website design and online marketing, including search engine optimization and pay per click management.
.cm is the country code top-level domain (ccTLD) for Cameroon.
Open Root Server Network (ORSN) was a network of Domain Name System root nameservers for the Internet. ORSN DNS root zone information was kept in synchronization with the "official" Domain Name System root nameservers coordinated by ICANN. The networks were 100% compatible, though ORSN was operated independently. The ORSN servers were primarily placed in Europe. ORSN is also used by public name servers, providing Domain Name System access freely for everyone, without any limitation until the project closed in May 2019. ORSN was primarily started to reduce the over-dependence of Internet users on the United States and Department of Commerce/IANA/ICANN/VeriSign, limit the control over the Internet that this gives, while ensuring that domain names remain unambiguous. It also helps avoid the technical possibility of global "Internet shutdown" by one party. They also expect their network to make domain name resolutions faster for everyone.
.web is a proposed top-level domain (TLD) that was created and assigned by an auction process to several bidding companies. It was awarded to Nu Dot Co LLC, which is primarily funded by Verisign.
OpenDNS is an American company providing Domain Name System (DNS) resolution services—with features such as phishing protection, optional content filtering, and DNS lookup in its DNS servers—and a cloud computing security product suite, Umbrella, designed to protect enterprise customers from malware, botnets, phishing, and targeted online attacks. The OpenDNS Global Network processes an estimated 100 billion DNS queries daily from 85 million users through 25 data centers worldwide.
DNS hijacking, DNS poisoning, or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries. This can be achieved by malware that overrides a computer's TCP/IP configuration to point at a rogue DNS server under the control of an attacker, or through modifying the behaviour of a trusted DNS server so that it does not comply with internet standards.
Navigation Catalyst Systems, previously known as Vendare, First Look, and qsrch.net, was a pay-per-click advertising company that specialized in monetizing parked domain names and registrars' wildcard DNS records. Navigation Catalyst Systems was a subsidiary of New.net and an affiliate of the ICANN-accredited registrar Basic Fusion.
Domain registration is the process of acquiring a domain name from a domain name registrar.
Public Interest Registry is a not-for-profit based in Reston, Virginia, created by the Internet Society in 2002 to manage the .ORG top-level domain. It took over operation of .ORG in January 2003 and launched the .NGO and .ONG top-level domains in March 2015.