VeriSign, critics gear up for ICANN hearing
A VeriSign Inc. official defended its contract to operate the .com domain Monday, after Network Solutions accused the Internet Corporation for Assigned Names and Numbers (ICANN) of not requiring adequate security safeguards in its registry agreements.
Network Solutions, a domain-name registrar, released a report last week saying ICANN has "failed" to address security in its latest proposals for the .com, .biz, .info and .org top-level domains. Network Solutions officials also criticized a provision in the proposed contract renewal for the .com domain that would allow VeriSign to raise prices by 7 percent in four of the contract's six years. The current .com contract expires in late 2007.
VeriSign shouldn't get near-automatic renewals of the .com contract without more security requirements, said Jonathan Nevett, Network Solutions' vice president and chief policy counsel. "We're facing a contract that provides for ... permanent monopoly, for fee increases without justification and now without adequate security protections," he said. "It's mind-boggling that the contract has gotten this far."
But Ken Silva, VeriSign's chief security officer, said some price increases will be necessary to keep the .com domain secure. The contract to operate the .com domain allows ICANN to change the agreement through consensus of its two security committees, and ICANN can cancel the contract if it believes VeriSign hasn't performed adequately, Silva said.
VeriSign has warded off several massive attacks on the .com domain, including attacks using more than 30,000 bot-net computers in January, Silva said. Meanwhile, the .com domain has been available 100 percent of the time for the last seven years, he said.
Internet attacks continue to evolve and become larger, and it's difficult to set a security road map that stays relevant for any length of time, Silva said. He praised the proposed .com contract renewal for its pricing "flexibility."
"The technology we're talking about to keep up with this kind of load is not something you just buy off the shelf," Silva said. "Let's not lose site of the fact that security continues to be the biggest threat to the growth of the Internet. Supporting that security and stability is going to involve a lot of technology, a lot of talent and a lot of equipment."
The two companies held briefings about the proposed .com contract as a subcommittee of the U.S. Senate Commerce, Science and Transportation Committee has scheduled a hearing Wednesday on ICANN's future. Besides the top-level domain agreements, the subcommittee is likely to focus on the renewal of the memorandum of understanding between the U.S. Department of Commerce and ICANN, allowing the nonprofit organization to oversee the Internet's technical infrastructure.
A year ago, countries including China and Brazil proposed a new model for Internet governance, with an international body taking responsibility from the U.S. and ICANN. The U.S. government and many U.S. companies oppose such a move.
Network Solutions focused on the top-level domain agreements with its report, "DNS -- A System in Crisis." Among its criticisms: the domain agreements do not allow ICANN to audit security practices of domain operators. "This is the backbone of the Internet," said report author Jerry Archer. "Without this, there are no signposts."
IDG News Service
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
