Icann raises concerns over VeriSign technology

The Internet Corporation for Assigned Names and Numbers has expressed concerns regarding a service launched last week by VeriSign...

The Internet Corporation for Assigned Names and Numbers has expressed concerns regarding a service launched last week by VeriSign which is designed to handle internationalised domain names (IDNs).

According to Icann, "some commentators" are worried that the VeriSign service is using technology that is contrary to Internet Domain Name System (DNS) standards to respond to DNS address requests containing non-ASCII characters, the group said in a bulletin posted on its Web site.

"In response to these expressions of concern, Icann has requested the advice of the Internet Architecture Board, which is responsible for providing oversight of the architecture for the protocols and procedures used by the Internet, on the changes announced by VeriSign Global Registry Services (VGRS)," the bulletin said.

The DNS was designed to support 38 English-language ASCII characters, but international domain names draw from the non-ASCII 96,000-character Unicode repertoire. Domain names in languages other than English must be encoded in ASCII for transmission across the DNS for them to work.

In October, an IDN working group of the Internet Engineering Task Force (IETF) released a standard that sought to handle internationalised domain names in a standard fashion by allowing non-ASCII characters to be represented using only the ASCII characters. The IETF group is also represented in Icann's IDN committee.

VeriSign said that because the standard called for changes to individual applications to support IDNs, it had developed a free plug-in, called i-Nav, for Microsoft's Internet Explorer browser that encodes foreign domains into ASCII.

Through its registry contracts, VeriSign operates what it calls "the definitive database" of more than 27.3 million Web addresses in .com, .net, and .org on "a platform that is the world's de facto standard in DNS registry services".

Whereas a browser requesting a non-ASCII domain returns an error message, VeriSign has changed the behaviour of the authoritative name servers for the ".com" and ".net" zones to return a "positive" answer by leading to a page on the VeriSign Web site that promotes the i-Nav plug-in.

In Icann's letter to the Internet Architecture Board, it quoted a message from Paul Hoffman of the Internet Mail Consortium, outlining his concerns with the VeriSign service.

"VGRS makes wild guesses about what the user wanted, some of which are very clearly impossible. Worse yet, they do not include all of the legal guesses that they could have made," Hoffman said.

"Icann should demand that [VeriSign] immediately stop giving incorrect answers to any query in .com and .net, and should instead follow the IETF standards. If VGRS refuses, Icann should redelegate the .com and .net zones to registries that are more willing to follow the DNS standards," Hoffman said.

Read more on Business applications