I have gotten a reasoned response from the technology editor of the Washington Post, and we are discussing things. While I wouldn't have done it that way, he had a rational explanation of why the story was written the way it was, and definitely indicating there will be continuing coverage of the issue. He believes there's always room for improving coverage.
Howard C. Berkowitz wrote:
I have gotten a reasoned response from the technology editor of the Washington Post, and we are discussing things. While I wouldn't have done it that way, he had a rational explanation of why the story was written the way it was, and definitely indicating there will be continuing coverage of the issue. He believes there's always room for improving coverage.
Care to share? Eliot
At 11:56 AM -0700 10/8/03, Eliot Lear wrote:
Howard C. Berkowitz wrote:
I have gotten a reasoned response from the technology editor of the Washington Post, and we are discussing things. While I wouldn't have done it that way, he had a rational explanation of why the story was written the way it was, and definitely indicating there will be continuing coverage of the issue. He believes there's always room for improving coverage.
Care to share?
Eliot
I was thinking about that, and now have a very red face. Eudora, for some reason (out of storage without a message?) seems to have lost about an hour of outbox messages. I'm hoping to get a copy sent back to me. In any event, in working with media, there's a time where some level of confidentiality is useful, when you are building the relationship and giving background. Let me summarize that the Post initially saw this more as a business than technology issue, and gave Verisign its chance to tell its side of the story. I believe the relevant editor now believes the issue is much more complex. I'd want his permission to share the specific response. Howard
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications. On Wed, 8 Oct 2003, Howard C. Berkowitz wrote:
I have gotten a reasoned response from the technology editor of the Washington Post, and we are discussing things. While I wouldn't have done it that way, he had a rational explanation of why the story was written the way it was, and definitely indicating there will be continuing coverage of the issue. He believes there's always room for improving coverage.
James Smallacombe PlantageNet, Inc. CEO and Janitor up@3.am http://3.am =========================================================================
At 03:06 PM 08/10/2003, up@3.am wrote:
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications.
Too difficult and obscure a topic to make interesting. Its even worse than the S&L scandal of the 80s. Things like ice statues pissing vodka at private million dollar parties are easy to cover in that a picture says it all.... There is no easy way to convey this issue to the general public in just a few words and at the same time not put them to sleep.... ---Mike
On Wed, 8 Oct 2003, Howard C. Berkowitz wrote:
I have gotten a reasoned response from the technology editor of the Washington Post, and we are discussing things. While I wouldn't have done it that way, he had a rational explanation of why the story was written the way it was, and definitely indicating there will be continuing coverage of the issue. He believes there's always room for improving coverage.
James Smallacombe PlantageNet, Inc. CEO and Janitor up@3.am http://3.am =========================================================================
"Verisign Highjacks Internet" That should work :-) On Wed, 8 Oct 2003, Mike Tancsa wrote:
At 03:06 PM 08/10/2003, up@3.am wrote:
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications.
Too difficult and obscure a topic to make interesting. Its even worse than the S&L scandal of the 80s. Things like ice statues pissing vodka at private million dollar parties are easy to cover in that a picture says it all.... There is no easy way to convey this issue to the general public in just a few words and at the same time not put them to sleep....
---Mike
On Wed, 8 Oct 2003, Howard C. Berkowitz wrote:
I have gotten a reasoned response from the technology editor of the Washington Post, and we are discussing things. While I wouldn't have done it that way, he had a rational explanation of why the story was written the way it was, and definitely indicating there will be continuing coverage of the issue. He believes there's always room for improving coverage.
James Smallacombe PlantageNet, Inc. CEO and Janitor up@3.am http://3.am =========================================================================
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications.
For all that I'm critical of wildcards in TLDs -- I spoke at the meeting yesterday, and my slides are on my Web page -- I don't think there are any issues of malfeasance. No one has been looting Verisign's coffers, they're not cooking the books, etc. I see three issues: is this technically wise, did Verisign have the right to do this under their current contract with ICANN, and should they have such a right. I don't see anything resembling dishonesty. --Steve Bellovin, http://www.research.att.com/~smb
At 3:54 PM -0400 10/8/03, Steven M. Bellovin wrote:
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications.
For all that I'm critical of wildcards in TLDs -- I spoke at the meeting yesterday, and my slides are on my Web page -- I don't think there are any issues of malfeasance. No one has been looting Verisign's coffers, they're not cooking the books, etc. I see three issues: is this technically wise, did Verisign have the right to do this under their current contract with ICANN, and should they have such a right. I don't see anything resembling dishonesty.
Steve, I think that's a fair summary. They are being an aggressive business, and perhaps an aggressive business isn't the right steward for a TLD. In my "10,000 foot view," I tried to distinguish what the ideal should have been -- and maybe should be reflected in future contracts -- versus what did happen. There's an old quote that applies to some extent, "Never attribute to malice what can be adequately explained by stupidity." I'm not saying the contract drafters were stupid, but they were under time pressure, couldn't foresee future operational contingencies, etc. Nevertheless, we may have a legal situation not completely unlike the recent issues with do-not-call. When a judge ruled additional legislation was needed, it was passed and signed in what was close to an all-time record. Now, Verisign has a contract, but, if they continue to be disruptive, there are options. It is my hope that Verisign will moderate.
From "Shorter Oxford English Dictionary, Fifth Edition":
malfeasance / mal'fi:z(schwa)ns/ noun. L17. [Anglo-Noramn malfaisance, from mal- MAL- + Old & mod. French faisance: see FEASANcE. Cf. MISFEASANCE] LAW. Evildoing, illegal action; an illegal act; spec. official misconduct by a public servant. I would argue that since Verisign took this action unilaterally in violation of their contract to administer the REGISTRY function and without the approval or consent of the community, this definition could apply to their actions. I would further argue that since Verisign declined ICANN's polite request to cease and desist, they deliberately and willfully conducted themselves in a manner known to be contrary to that public trust. If that does not meet this definition, I do not know what would. Owen --On Wednesday, October 8, 2003 15:54 -0400 "Steven M. Bellovin" <smb@research.att.com> wrote:
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications.
For all that I'm critical of wildcards in TLDs -- I spoke at the meeting yesterday, and my slides are on my Web page -- I don't think there are any issues of malfeasance. No one has been looting Verisign's coffers, they're not cooking the books, etc. I see three issues: is this technically wise, did Verisign have the right to do this under their current contract with ICANN, and should they have such a right. I don't see anything resembling dishonesty.
--Steve Bellovin, http://www.research.att.com/~smb
Steve, Per American Heritage Dictionary: mal·fea·sance "Misconduct or wrongdoing, especially by a public official." That's not the same as "dishonesty". In any event, the problem is not that the semantics of the word are wrong in this case, but that using the word just serves to inflame. I was particularly heartened that yesterday's meeting was conducted in a thoroughly professional tone, with folks offering clear and practical expressions of their views. Consequently: SMB> I see three issues: is this technically wise, did Verisign have the right SMB> to do this under their current contract with ICANN, and should they have SMB> such a right. Is exactly the right way to approach this topic. (I think Howard's foray into categorizing issues is also extremely constructive.) d/ -- Dave Crocker <dcrocker-at-brandenburg-dot-com> Brandenburg InternetWorking <www.brandenburg.com> Sunnyvale, CA USA <tel:+1.408.246.8253>
-- On Wednesday, October 8, 2003 14:08 -0700 -- Dave Crocker <dhc@dcrocker.net> supposedly wrote:
In any event, the problem is not that the semantics of the word are wrong in this case, but that using the word just serves to inflame. I was particularly heartened that yesterday's meeting was conducted in a thoroughly professional tone, with folks offering clear and practical expressions of their views.
Since I was not at the meeting, just read the press accounts, I am interested in this. I got the distinct impression that, although "professional", Verisign was making an effort to keep things on a purely technical track. And then afterwards claimed that "nothing broke" since Joe User could get to www.[webpage].com. This is not the attitude of someone trying to work through the process to a mutual resolution. It is the attitude of someone who is trying to work the process so they can claim some type of validity to their (pre-determined) decision. As someone who was there, would you care to comment on my impression? Happy to be wrong, I certainly would love it if Verisign is actually doing "the right thing". -- TTFN, patrick
In message <2147483647.1065636656@[172.30.102.254]>, "Patrick W. Gilmore" write
As someone who was there, would you care to comment on my impression? Happy to be wrong, I certainly would love it if Verisign is actually doing "the right thing".
Without commenting on your impressions, I'll note that everyone's slides are at http://secsac.icann.org/agenda.htm . (Alas, all are in Powerpoint; my slides, at least, are available in many other formats via http://www.research.att.com/~smb/talks ) --Steve Bellovin, http://www.research.att.com/~smb
I think it speaks volumes, and not in a positive way, that even ICANN and other organizations entrusted with the management of the internet can't figure out that documents should be published in an OPEN standard format. Owen --On Wednesday, October 8, 2003 9:56 PM -0400 "Steven M. Bellovin" <smb@research.att.com> wrote:
In message <2147483647.1065636656@[172.30.102.254]>, "Patrick W. Gilmore" write
As someone who was there, would you care to comment on my impression? Happy to be wrong, I certainly would love it if Verisign is actually doing "the right thing".
Without commenting on your impressions, I'll note that everyone's slides are at http://secsac.icann.org/agenda.htm . (Alas, all are in Powerpoint; my slides, at least, are available in many other formats via http://www.research.att.com/~smb/talks )
--Steve Bellovin, http://www.research.att.com/~smb
I was able to view all of the .ppt's with openoffice.org running on RedHat 9. Curtis On Thursday 09 October 2003 00:29, the council of elders heard Owen DeLong mumble incoherently:
I think it speaks volumes, and not in a positive way, that even ICANN and other organizations entrusted with the management of the internet can't figure out that documents should be published in an OPEN standard format.
Owen
--On Wednesday, October 8, 2003 9:56 PM -0400 "Steven M. Bellovin"
<smb@research.att.com> wrote:
In message <2147483647.1065636656@[172.30.102.254]>, "Patrick W. Gilmore" write
As someone who was there, would you care to comment on my impression? Happy to be wrong, I certainly would love it if Verisign is actually doing "the right thing".
Without commenting on your impressions, I'll note that everyone's slides are at http://secsac.icann.org/agenda.htm . (Alas, all are in Powerpoint; my slides, at least, are available in many other formats via http://www.research.att.com/~smb/talks )
--Steve Bellovin, http://www.research.att.com/~smb
On Thursday 09 October 2003 00:55, the council of elders heard Joe Abley mumble incoherently:
On 9 Oct 2003, at 00:32, Curtis Maurand wrote:
I was able to view all of the .ppt's with openoffice.org running on RedHat 9.
Just because the file formats have been reverse engineered, it doesn't mean they're open.
Good point.
FWIW, mine were entirely in OpenOffice, so the PPT conversion may be sort of messed up. OpenOffice (.sxi) and PDF (not really 'open' either, but somewhat more portable) available at http://www.fluffysheep.com/icann-secsac/ But Steve's presentation was much better, so read his instead :) --DRS On Wednesday 08 October 2003 21:29, Owen DeLong wrote:
I think it speaks volumes, and not in a positive way, that even ICANN and other organizations entrusted with the management of the internet can't figure out that documents should be published in an OPEN standard format.
Owen
--On Wednesday, October 8, 2003 9:56 PM -0400 "Steven M. Bellovin"
<smb@research.att.com> wrote:
In message <2147483647.1065636656@[172.30.102.254]>, "Patrick W. Gilmore" write
As someone who was there, would you care to comment on my impression? Happy to be wrong, I certainly would love it if Verisign is actually doing "the right thing".
Without commenting on your impressions, I'll note that everyone's slides are at http://secsac.icann.org/agenda.htm . (Alas, all are in Powerpoint; my slides, at least, are available in many other formats via http://www.research.att.com/~smb/talks )
--Steve Bellovin, http://www.research.att.com/~smb
Steve, et al: There may be issues of collateral damage. While Microsoft and Verisign battle one another for the advertising revenue available from intercepting typographical errors, innocent third parties may have to repeatedly pay to modify their software. The Verisign interception mechanism is being inserted into the core infrastructure of the Internet, DNS. While their intent is to capture eyeballs from Web URL typos, they inadvertently capture all DNS typos. Thus, all protocols and services are affected. Other protocols and services must analyze their own software to see how it reacts to the new behavior of the DNS system. Adversely affected protocols and services will have to make changes to detect the Verisign scheme and compensate for it. This will cost money. There will be software development costs, as well as costs related to customer support (new documentation, calls to tech support, etc.) While the Microsoft eyeball-capture scheme affected only MS IE users, the Verisign scheme affects everyone. When the behavior of the DNS changes, software and user behavior will also require modification. It has been suggested that the typo-eyeball capture revenue is quite large. If Verisign is successful in obtaining this revenue, it will be at the expense of Microsoft. Microsoft's revenue will decrease. Microsoft is likely to respond. They may change the operation of Internet Explorer to detect the Verisign system and to bypass it. Perhaps they will bundle the fix into one of the recommended IE patches. This will return the typo-eyeballs to Microsoft and recapture the revenue. Verisign will then suffer a downturn in revenue, and will likely try to respond. To the extent that it is technologically feasible, they may make changes to their typo-eyeball capture mechanism to once again reclaim the eyeballs, and the revenue. Given the estimates of the size of the "purse", they will likely try very hard to maintain the revenue stream. While Microsoft's changes affect only IE, which is end-system software, Verisign's changes will affect part of the core infrastructure of the Internet. When Verisign launches its counter-measure, it will be intended to circumvent the detection mechanisms added to IE. Sadly, it will likely also circumvent the detection mechanisms added to third party protocols and services. While the fight is between Microsoft and Verisign for the revenue from capturing typo-eyeballs, every time Verisign launches a new counter-measure, every protocol and service will have to analyze the change and take appropriate action. The typo-eyeball revenue estimates are substantial. It is unlikely that either direct combatant will concede defeat. Thus, there will be perpetual damage to innocent third parties. Bob Enger ----- Original Message ----- From: "Steven M. Bellovin" <smb@research.att.com> To: <nanog@merit.org> Sent: Wednesday, October 08, 2003 3:54 PM Subject: Re: News coverage, Verisign etc.
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications.
For all that I'm critical of wildcards in TLDs -- I spoke at the meeting yesterday, and my slides are on my Web page -- I don't think there are any issues of malfeasance. No one has been looting Verisign's coffers, they're not cooking the books, etc. I see three issues: is this technically wise, did Verisign have the right to do this under their current contract with ICANN, and should they have such a right. I don't see anything resembling dishonesty.
--Steve Bellovin, http://www.research.att.com/~smb
I would call it dishonest. An analogy might be the curator for the Louvre walking right up to the Mona Lisa in broad daylight, taking it, selling it for personal gain, then, when questioned by incredulous onlookers, calmly stating that it is his property to sell. Bold, yes, honest? On Wed, 8 Oct 2003, Steven M. Bellovin wrote:
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications.
For all that I'm critical of wildcards in TLDs -- I spoke at the meeting yesterday, and my slides are on my Web page -- I don't think there are any issues of malfeasance. No one has been looting Verisign's coffers, they're not cooking the books, etc. I see three issues: is this technically wise, did Verisign have the right to do this under their current contract with ICANN, and should they have such a right. I don't see anything resembling dishonesty.
--Steve Bellovin, http://www.research.att.com/~smb
James Smallacombe PlantageNet, Inc. CEO and Janitor up@3.am http://3.am =========================================================================
-- On Wednesday, October 8, 2003 15:28 -0400 -- Mike Tancsa <mike@sentex.net> supposedly wrote:
At 03:06 PM 08/10/2003, up@3.am wrote:
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications.
Too difficult and obscure a topic to make interesting. Its even worse than the S&L scandal of the 80s. Things like ice statues pissing vodka at private million dollar parties are easy to cover in that a picture says it all.... There is no easy way to convey this issue to the general public in just a few words and at the same time not put them to sleep....
"The company which manages all .com & .net domain names recently decided to redirect any and all type-os to their own servers, angering every Network Operator on the planet. They did this with absolutely no advanced warning or public comment period. This has the makings of a war which could shake the foundations of the web and change the way users get to web pages." Hrmm, yer right, probably not spicy enough for today's tabloids. Maybe a reporter could say something about "lining their pockets using a monopoly" or "battling titans like AOL and Microsoft", but those are not very technical arguments. -- TTFN, patrick
participants (13)
-
Curtis Maurand
-
Dave Crocker
-
David Schairer
-
Eliot Lear
-
Howard C. Berkowitz
-
Joe Abley
-
Mike Tancsa
-
Owen DeLong
-
Patrick W. Gilmore
-
Robert A. Hayden
-
Robert M. Enger
-
Steven M. Bellovin
-
up@3.am