“VeriSign shouldn't get near-automatic renewals of the .com contract without fulfilling more security requirements, Network Solutions Vice President Jonathan Nevett said. “We're facing a contract that provides for permanent monopoly, for fee increases without justification and now without adequate security protections. It's mind-boggling that the contract has gotten this far.”
According to a report issued by Network Solutions, ICANN and VeriSign have failed to protect the DNS against assaults from hackers that have “poisoned databases,” shut down DNS servers and “amplified Denial of Service attacks.”
Network Solutions also raised concerns over changes at ICANN that allow registrars for TLD’s that include .biz, .info and .org to raise prices by as much as 7 percent under their new contracts. ICANN’s contract with VeriSign, which covers .com, is set to expire late in 2007. Proposed language in that agreement would allow VeriSign to raise fees by 7 percent, Nevett said.
Ken Silva, VeriSign's chief security officer, said security and price increases are linked, pointing out that increased security will come at a higher cost. The contract to operate the .com domain allows ICANN to change the agreement through consensus of its two security committees, and ICANN can cancel the contract if it believes VeriSign hasn't performed adequately, Silva said.
As for charges that VeriSign has done little to date to secure the DNS, which many call the backbone of the Internet, Silva said the company had managed to defeat several massive attacks, including one from more than 30,000 botnet computers launched in January.
"The technology we're talking about to keep up with this kind of load is not something you just buy off the shelf," Silva said. "Let's not lose sight of the fact that security continues to be the biggest threat to the growth of the Internet. Supporting that security and stability is going to involve a lot of technology, a lot of talent and a lot of equipment."
Network Solutions timed its criticism of ICANN and VeriSign to coincide with a hearing scheduled for Wednesday before a Senate subcommittee on Commerce, Science and Transportation, which will look into ICANN’s memorandum of understanding with the U.S. Commerce Department.
