Main Page | See live article | Alphabetical index


VeriSign Inc. is, among other things, the operator of the .com and .net top-level domains, and a certificate authority for X.500 certificates.

VeriSign wildcard DNS controversy

Between 15 September 2003 and 4 October 2003, VeriSign operated a wildcard DNS record for all .com and .net domain names not yet registered by others.

During that time, Internet users who tried to access these domains were redirected to a VeriSign web portal with information about VeriSign products and purchased links to "partner" sites. This had the advantage to VeriSign of receiving greater revenue from users wishing to register these domain names, however this action has not been lauded within the community.

Such behavior had the effect of "capturing" the web traffic for several million mis-typed or experimental web accesses per day, and meant that VeriSign effectively "owned" all possible .com and .net domains that had not been bought by others as an advertising platform, over a googol new domain names suddenly "belonged" to VeriSign.

VeriSign has described this change as an attempt to improve the Web browsing experience for the naive user. VeriSign's critics see this as disingenuous. Certainly the change led to a dramatic increase in the amount of internet traffic arriving at According to the web traffic measurement company Alexa, in the year prior to the change was around the 2,500th most popular website. In the weeks following the change, the site has been around the 20th most popular site, and reached the top 10 in the immediate aftermath of the change and surrounding controvesy. (Source:

There has been a storm of controversy among network operators and competing domain registrars, particularly on the influential NANOG and ICANN mailing lists, some of whom have asserted:

Other people and organizations have asserted:

A number of workarounds were developed to locally disable the effects of Site Finder on a per-network basis. Most notably, the Internet Software Consortium announced that it had produced a version of the BIND DNS software that could be configured by Internet service providers to filter out wildcard DNS from certain domains; this software was deployed by a number of ISPs.

On 4 October 2003, as a result of a strong letter from ICANN, VeriSign disabled Site Finder. However, VeriSign has made public statements that suggest that they may be considering whether they will change this decision in the future.

To be written:

See also:

External links