Re: ICANN - Formal Complaint re Verisign
Geotrust is not Verislime, but they *are* Choicepoint. If you don't know who Choicepoint is; well, they vacuum up your personal data and resell it to all comers. Google on Choicepoint FTC for a rundown. Sort of John Poindexer's version of Halliburton..a private sector Big Brother. I regard Verislime vs Choicepoint as like Joey (The gang that couldn't shoot straight..) Leonand's outfit vs. the Colombian mobs. Sigh, I'll be sticking with Verislime for buying certs, I guess. -- A host is a host from coast to [EMAIL PROTECTED] no one will talk to a host that's close[v].(301) 56-LINUX Unless the host (that isn't close).pob 1433 is busy, hung or dead20915-1433
Re: ICANN - Formal Complaint re Verisign
One thing I haven't seen mentioned in all this is the incredible business monopolizing effect this move will have on the TLD's in question. It dramatically shifts the domain playing field in Verisign's favor by pointing millions of potential customers to their site(s) specifically, giving them millions of dollars in free advertising eye-time over any of the competition I don't see how this eye-time can be translated into millions of dollars. But it is clear that Verisign are making money by selling sponsored links to people who sell spamming services and software. And it is also clear that this redirection of traffic allows them to amass a large database of email addresses that are current, active and which belong to people who don't always check things carefully before acting, i.e. the To: email address was mistyped. They could make a lot of money selling that list of email addresses to spammers. And they could also sell a lot of the mistyped addresses after correcting the domain name portion by supplying the closest matches from the .COM and .NET database. I wonder how anyone can continue to trust a company like this as a certificate authority. They seem to have attracted the breed of get-rich-quick management who want to make money by scamming the public and selling very unsubtantial things like names(.COM) and numbers (SSL certs). I don't pretend to believe that we can stop fast-buck artists from running these sorts of scams but we have to find alternative sources for SSL certs from companies whose business model lies squarely in the world of security and trust. That clearly excludes Verisign. Any company with such shoddy business practices that they can unleash this technically flawed redirection of traffic without proper testing and public consultation is also a soft target for infiltration. As was already mentioned, it is only a matter of time before a criminal gang infiltrates Verisign and launches man-in-the-middle attacks on the banking system. There are already people that are specifically targetting banks by installing surreptitious keyloggers on computers that sniff out Internet banking passwords. This would be far more effective if the keyloggers were installed by a man-in-the-middle so that they were targetted only at the intended victims. --Michael Dillon
Re: ICANN - Formal Complaint re Verisign
If I remember correctly, Verisign person stated in an interview that they estimate that it will be worth up to $100M annually. Boycott Verisign as much as possible. You can register new names in .BIZ or .INFO or in a country specific TLD including .US http://www.us-register.com/faq-us.cfm If you just cannot convince customers to stay away from the polluted mess of .COM then please use one of the alternative registrars so that less of your money goes to Verisign. And you can get SSL certs from alternative sources such as GeoTrust http://www.geotrust.com/ If you really believe that Verisign's actions are stock manipulation or shareholder fraud and you have some evidence to support that belief then report it to the SEC http://www.sec.gov/complaint.shtml If you believe that Verisign's actions have damaged your business in any way then ask your lawyers to write a letter to Verisign demanding that they cease and desist. If necessary, then follow up with a lawsuit or join in a class action suit against Verisign. Complaining on this mailing list achieves very little but there are things that individuals and businesses can do to put their money where their mouth is and have some real impact on Verisign. --Michael Dillon
Fw: Re: ICANN - Formal Complaint re Verisign
An interesting thought... Jerry Jerry, One question - if I previously typed in an URL that was incorrect and would get the usual response from my OWN system, there would be not a real lot of data sent/received to pay for that mistake. Now that Verisign is doing their current thing, there is a lot more data being paid by ISPs across the world that shouldnt HAVE to be paid for. So is anyone thinking of banding together the ISPs in on this formal complaint citing loss of income from this? The bigger the ISP - eg AOL - the bigger the new cost for Verisign advertising, paid at the ISP's expense because of all this. A group of ISPs all complaining should get some action you would think. I am posting this to you as if you can use it, feel free to post it to Nanog where I have no posting rights. Regards, Greg. .
Re: Fw: Re: ICANN - Formal Complaint re Verisign
Somebody pointed out, on another list, that Verisign's move is essentially a man in the middle attack. Which leads to the question: are they in violation of any Federal laws - such as, say, the Patriot Act?
Re: ICANN - Formal Complaint re Verisign
On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: And you can get SSL certs from alternative sources such as GeoTrust http://www.geotrust.com/ Bzzz, geotrust is Verisign http://www.google.com/search?sourceid=mozclientie=utf-8oe=utf-8q=Thawte+was+b ought+by+Verisign Marc -- A mouse is a device used to point at the xterm you want to type in - A.S.R. Microsoft is to operating systems security what McDonalds is to gourmet cooking Home page: http://marc.merlins.org/ | Finger [EMAIL PROTECTED] for PGP key
Re: ICANN - Formal Complaint re Verisign
Speaking on Deep Background, the Press Secretary whispered: On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: And you can get SSL certs from alternative sources such as GeoTrust http://www.geotrust.com/ Bzzz, geotrust is Verisign And braindead. Go to that address with lynx. -- A host is a host from coast to [EMAIL PROTECTED] no one will talk to a host that's close[v].(301) 56-LINUX Unless the host (that isn't close).pob 1433 is busy, hung or dead20915-1433
Re: ICANN - Formal Complaint re Verisign
Marc MERLIN [EMAIL PROTECTED] 9/18/03 9:27:11 AM On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: And you can get SSL certs from alternative sources such as GeoTrust http://www.geotrust.com/ Bzzz, geotrust is Verisign http://www.google.com/search?sourceid=mozclientie=utf-8oe=utf-8q=Thawte+was+b ought+by+Verisign Marc If GeoTrust is Verisign, why do they make a big deal out of competing with Verisign? http://www.geotrust.com/resources/market_share/index.htm John --
Re: ICANN - Formal Complaint re Verisign
Once upon a time, Marc MERLIN [EMAIL PROTECTED] said: On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: And you can get SSL certs from alternative sources such as GeoTrust http://www.geotrust.com/ Bzzz, geotrust is Verisign http://www.google.com/search?sourceid=mozclientie=utf-8oe=utf-8q=Thawte+was+b ought+by+Verisign Bzzt, Thawte != Geotrust. -- Chris Adams [EMAIL PROTECTED] Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
RE: ICANN - Formal Complaint re Verisign
As someone who has dealt extensively with GeoTrust, I can assure you, they are not owned by Verisign. They're a totally separate company that has the old equifax root cert. Thanks, Matt -- Matthew Zito GridApp Systems Email: [EMAIL PROTECTED] Cell: 646-220-3551 Phone: 212-358-8211 x 359 http://www.gridapp.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Neiberger Sent: Thursday, September 18, 2003 11:59 AM To: [EMAIL PROTECTED] Subject: Re: ICANN - Formal Complaint re Verisign Marc MERLIN [EMAIL PROTECTED] 9/18/03 9:27:11 AM On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: And you can get SSL certs from alternative sources such as GeoTrust http://www.geotrust.com/ Bzzz, geotrust is Verisign http://www.google.com/search?sourceid=mozclientie=utf-8oe=u tf-8q=Tha wte+was+b ought+by+Verisign Marc If GeoTrust is Verisign, why do they make a big deal out of competing with Verisign? http://www.geotrust.com/resources/market_share/index.htm John --
Re: ICANN - Formal Complaint re Verisign
On Thu, 18 Sep 2003, Marc MERLIN wrote: On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: And you can get SSL certs from alternative sources such as GeoTrust http://www.geotrust.com/ Bzzz, geotrust is Verisign http://www.google.com/search?sourceid=mozclientie=utf-8oe=utf-8q=Thawte+was+b ought+by+Verisign Geotrust != Thawte, thus follows that Geotrust != Verisign - d. -- Dominic J. Eidson Baruk Khazad! Khazad ai-menu! - Gimli --- http://www.the-infinite.org/ http://www.the-infinite.org/~dominic/
Re: ICANN - Formal Complaint re Verisign
On Thu, 18 Sep 2003 09:59:27 MDT, John Neiberger [EMAIL PROTECTED] said: If GeoTrust is Verisign, why do they make a big deal out of competing with Verisign? And Chevy competes with Pontiac and Buick. Your point? pgp0.pgp Description: PGP signature
RE: ICANN - Formal Complaint re Verisign
On Thu, 18 Sep 2003, Matthew Zito wrote: As someone who has dealt extensively with GeoTrust, I can assure you, they are not owned by Verisign. They're a totally separate company that has the old equifax root cert. Agreed. I used Equifax before they handed off to Geotrust. Both have done a good job and are less painful ( less expensive) to deal with than VeriSign. I've never had to interact with either beyond purchasing single web certs at a time though. Gerald - How are ya? Never been better, ... Just once I'd like to be better.
Re: ICANN - Formal Complaint re Verisign
On Thu, Sep 18, 2003 at 11:11:12AM -0500, Dominic J. Eidson wrote: On Thu, 18 Sep 2003, Marc MERLIN wrote: On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote: And you can get SSL certs from alternative sources such as GeoTrust http://www.geotrust.com/ Bzzz, geotrust is Verisign http://www.google.com/search?sourceid=mozclientie=utf-8oe=utf-8q=Thawte+was+b ought+by+Verisign Geotrust != Thawte, thus follows that Geotrust != Verisign note to self: 1) wake up 2) read Email (you are of course correct) Marc -- A mouse is a device used to point at the xterm you want to type in - A.S.R. Microsoft is to operating systems security what McDonalds is to gourmet cooking Home page: http://marc.merlins.org/ | Finger [EMAIL PROTECTED] for PGP key
Re: ICANN - Formal Complaint re Verisign
Michael Dillon wrote: Complaining on this mailing list achieves very little but [...] It did one useful thing; it gave a wide number of operators across the ISP and infrastructure industries a chance to see what was happening and put in their two cents. My initial impression was that the wildcard was amazingly bad for a number of reasons, but based on my own impression alone I am unlikely to launch complaints to a wide range of regulators and congresspeople. It is now quite clear that nobody in the industry has seen fit to respond to the Verisign actions as anything defensible at the technical or policy levels. So my opinion goes from being my two cents to a consensus; and I will act in those external arenas based on what I see as a sufficiently wide consensus... -george william herbert [EMAIL PROTECTED]
Re: ICANN - Formal Complaint re Verisign
Jerry Eyers wrote: One thing I haven't seen mentioned in all this is the incredible business monopolizing effect this move will have on the TLD's in question. It dramatically shifts the domain playing field in Verisign's favor by pointing millions of potential customers to their site(s) specifically, giving them millions of dollars in free advertising eye-time over any of the competition If I remember correctly, Verisign person stated in an interview that they estimate that it will be worth up to $100M annually. Pete
Re: ICANN - Formal Complaint re Verisign
PH Date: Thu, 18 Sep 2003 00:50:18 +0300 PH From: Petri Helenius PH If I remember correctly, Verisign person stated in an PH interview that they estimate that it will be worth up to PH $100M annually. I'm willing to suffer that sort of burden to, uh, help make the Internet a better place. Where do I sign up? Eddy -- Brotsman Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _ DO NOT send mail to the following addresses : [EMAIL PROTECTED] -or- [EMAIL PROTECTED] -or- [EMAIL PROTECTED] Sending mail to spambait addresses is a great way to get blocked.
Re: ICANN - Formal Complaint re Verisign
So...what, if anything, has been heard along the lines of feedback/defense/repartee/retort/explanation/spin doctoring/screams of terror from Verisign under the crushing weight of this solid ochlocratic beatdown? Given the below, was wondering if anyone, conversely, has heard any ardent professions on Verisign's part of commercial or vendor agnosticism or assurances of this being for our own good? (Aside from the Terms of Use rhetoric on the sitefinder page, that is...) Honesty is the best policy, but insanity tends to be a better defense. (Not sure where commercial motivation falls in that regard...) --ra -- K. Rachael Treu, CISSP rara at navigo dot com ..sic itur ad nauseum.. On Wed, Sep 17, 2003 at 10:05:04PM +, E.B. Dreger said something to the effect of: PH Date: Thu, 18 Sep 2003 00:50:18 +0300 PH From: Petri Helenius PH If I remember correctly, Verisign person stated in an PH interview that they estimate that it will be worth up to PH $100M annually. I'm willing to suffer that sort of burden to, uh, help make the Internet a better place. Where do I sign up? Eddy -- Brotsman Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _ DO NOT send mail to the following addresses : [EMAIL PROTECTED] -or- [EMAIL PROTECTED] -or- [EMAIL PROTECTED] Sending mail to spambait addresses is a great way to get blocked.
Re: ICANN - Formal Complaint re Verisign
On Wed, 17 Sep 2003 22:05:04 -, E.B. Dreger [EMAIL PROTECTED] said: PH If I remember correctly, Verisign person stated in an PH interview that they estimate that it will be worth up to PH $100M annually. I'm willing to suffer that sort of burden to, uh, help make the Internet a better place. Where do I sign up? Last I checked, Verisign wasn't a 501(c). Draw your own conclusions. pgp0.pgp Description: PGP signature