North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Where will Verisign stop?

  • From: E.B. Dreger
  • Date: Tue Sep 16 03:41:01 2003

Someone mentioned earlier that Verisign could issue an official-
looking cert for an invalid domain.  They accidentally issued a
cert to a Microsoft imposter.

Although it presumably would be illegal (IANAL), what's to say a
valid cert wouldn't "accidentally" be issued for a competitor at
the same time DNS records "accidentally" pointed to the wrong
place?  Think UltraDNS.com, GeoTrust.com, IPSCA.com, et cetera,
as potential "accident victims".

Unverified MAIL-FROM auth.  Broken PGP auth.  Keeping expired
domains.  Claiming they own domain names, and allow customers to
use them as a "service".  Redirecting the InterNIC neutral site
to themselves.  $150 during the domain "holding period".  The
Domain Registry of America scam.  The CA screwup.  The current
DNS wildcard scandal.

What's next?  Looking at NetSOL's track record, I'd say they're
unfit to provide the services they claim to.

I also believe the Dept of Commerce threatened to revoke NSI's
registrar privileges during the InterNIC homepage incident.
Perhaps it's time to revisit this.

Anyone with proper government or press ("domain service provider
hijacks untold number of unregistered domains") contacts?


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
          DO NOT send mail to the following addresses :
  [email protected] -or- [email protected] -or- [email protected]
Sending mail to spambait addresses is a great way to get blocked.