ICANN raises concerns over VeriSign IDN change
IDG News Service - The Internet Corporation for Assigned Names and Numbers (ICANN) is expressing concerns regarding a service launched last Friday by VeriSign Inc. that's designed to handle internationalized domain names (IDN).
According to an ICANN statement, "some commentators" are worried that the VeriSign service is using technology contrary to Internet Domain Name System (DNS) standards to respond to DNS address requests containing non-ASCII characters, the Marina Del Rey, Calif., group said.
"In response to these expressions of concern, ICANN has requested the advice of the Internet Architecture Board, which is responsible for providing oversight of the architecture for the protocols and procedures used by the Internet, on the changes announced by VeriSign Global Registry Services (VGRS)," ICANN said.
The DNS was designed to support 38 English-language ASCII characters, but international domain names draw from the 96,000-character non-ASCII Unicode repertoire. Domain names in languages other than English must therefore be encoded in ASCII for transmission across the DNS in order for them to work.
In October, the IDN working group of the Internet Engineering Task Force, a standards-setting body, released a first mechanism, called Internationalizing Domain Names in Applications (IDNA), which seeks to handle internationalized domain names in a standard fashion by allowing non-ASCII characters to be represented using only the ASCII characters. The task force is also represented in ICANN's IDN committee.
In announcing its new service, VeriSign said that because IDNA calls for changes to individual applications to support IDNs, it developed a free plug-in called i-Nav for Microsoft Corp.'s Internet Explorer browser to encode foreign domains into ASCII.
Through its registry contracts, the Mountain View, Calif.-based digital authentication company operates what it calls "the definitive database" of over 27.3 million Web addresses ending in .com, .net and .org on "a platform that is the world's de facto standard in DNS registry services."
Whereas a browser requesting a non-ASCII domain traditionally returns an error message, VeriSign has changed the behavior of the authoritative name servers for the .com and .net zones (the name servers that are capable of replying to all the domain name queries that can reasonably be addressed to them) to return a "positive" answer by leading to a page on the VeriSign Web site that promotes the i-Nav plug-in.
In ICANN's letter to the Internet Architecture Board, it quoted a message received on Jan. 5 from Paul Hoffman of the Internet Mail Consortium that outlined his concerns with the VeriSign service.
Hoffman claimed that there are a number of technical problems with the change that, at its heart, undermines IDNA by adding a "guessing" element to theprocess.
"VGRS makes wild guesses about what the user wanted, some of which are very clearly impossible. Worse yet, they do not include all of the legal guesses that they could have made," Hoffman said.
IDNA, which is designed to avoid such guessing, is on the verge of being recommended as a standard by the Internet Engineering Task Force, and VeriSign should be compelled to adhere to that standard, Hoffman said.
"ICANN should demand that [VeriSign] immediately stop giving incorrect answers to any query in .com and .net, and should instead follow the IETF standards. If VGRS refuses, ICANN should redelegate the .com and .net zones to registries that are more willing to follow the DNS standards," Hoffman said.
VeriSign has asserted that i-Nav supports IDNs in a manner consistent with IDNA.
- 5 Customers Deliver Virtual Desktops and Apps to Empower a Modern Workforce Learn how Citrix solutions helped 5 companies realize the full value of desktop virtualization through a project-by-project approach based on key business priorities.
- Mitigate Risk and Accelerate Time to Value Download this white paper to learn how your IT organization can accelerate business, introduce new services, and reach new markets, all while staying...
- Allay Risks in Application Rationalization and Modernization IT has to do it all: react quickly to market needs, introduce new services, capitalize on mobile, and comply with regulatory requirements, all...
- Delivering Application Data On-Demand Packaged app dev teams frequently operate with limited testing environments due to various constraints. By virtualizing the entire application stack, Delphix-powered teams can...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Live Webcast IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency...
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt.
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.