Index of Concerns as to VeriSign Site Finder
The Deployment of VeriSign "Site Finder" and ISP Response

VeriSign's Site Finder service has been controversial for a number of reasons, discussed in recent weeks on numerous bulletin boards, mailing lists, blogs, and other fora. This document attempts to index and organize such concerns, providing appropriate citations where helpful.

  1. Unexpected consequences on web browsing.
    1. Due to Site Finder, users receive VeriSign web pages when they request nonexistent .COM and .NET sites, and these error pages replace the ordinary error messages provided by Web browsers. Users might prefer their browsers' ordinary messages -- which might be customized, for example, to match users' preferred languages -- or users might otherwise disfavor change.
    2. Site Finder also brings inconsistency to users' browsing experiences -- causing .COM and .NET to offer different error messages than other TLDs. (Example:,
    3. Decreases in web browsing speed. Site Finder result pages are large, typically roughly 17KB. So much data can take a noticeable amount of time to transmit, particularly for users with dialup or satellite connections, or for connections via wireless devices. Receiving Site Finder pages can also entail additional costs for those users whose Internet access fees turn on the amount of data retrieved.
    4. Addition to browser history of mistyped domain names. With Site Finder in place, web browser software has no way to know that a given domain was in fact nonexistent, leading only to Site Finder error content, and that the domain therefore should not be included in the browser's history or "AutoComplete" suggestions. If the nonexistent domain comes alphabetically before its correctly-typed variant, AutoComplete will therefore suggest that nonexistent domain -- meaning Site Finder essentially disables the AutoComplete function. (Slashdot comment)

  2. Unexpected consequences on other Internet applications trying to determine whether a given domain name leads to a "real" site.
    1. Causing email to be bounced where, prior to Site Finder, it would have been properly delivered. (Paul Vixie on backup MX servers)
    2. Increases in delay before error messages are returned by network diagnostic tools like FTP, PING, and TRACERT. (Richard Smith on Why Site Finder is Breaking MS Outlook, Outlook Express)
    3. Delay before receipt in error messages by popular email programs. (Why Site Finder is Breaking Windows Networking Utilities)
    4. Erroneous and counterintuitive error messages from email programs (Why Site Finder is Breaking Windows Networking Utilities), and error messages not in a user's native language.

      As to these problems, VeriSign recommends that "application developers should consider taking appropriate corrective actions." (Site Finder Application Developer's Guide, page 6)

  3. Unexpected consequences on Internet infrastructure and systems.
    1. Effects on mail filtering systems. Many mail filtering systems check for the existence of an email message sender's purported domain name in order to support an inference as to whether a piece of mail has been forged. (Mail from, say, is likely spam, if doesn't exist.) Due to Site Finder, some filtering systems conclude that all domains exist, rendering this method of filtering ineffective. (IAB Architectural Concerns on the Use of DNS Wildcards)
    2. Effects on monitoring systems. Many host monitoring services check for the existence of a domain name, host name, web site, or other service in order to monitor the performance and uptime of such services. Due to Site Finder, these monitoring systems tend to conclude that services are operational even when they are not. (IAB Architectural Concerns on the Use of DNS Wildcards)
    3. Effects on SOAP communications between automated systems on the Internet. (Verisign DNS Changes & Soap over HTTP, Details)

      Here too, VeriSign recommends that software authors take "appropriate corrective actions." (Site Finder Application Developer's Guide, page 6)

  4. Unexpected consequences for trademark holders and those who seek to protect their distinctive marks and Web sites. In the past, a trademark holder could be confident that requests for a Web site would only provide Web content if the corresponding domain name had been registered. But with Site Finder, all Web site requests in .COM and .NET yield results, causing concerns of dilution and confusion for firms that had previously taken solace from the fact that the names at issue had not been registered. This concern is particularly pronounced as to domains that have previously been the subject of UDRP, ACPA, or other disputes. John Berryhill describes this problem, and offers additional details and specific examples, in a submission to the International Trademark Association's TMtopics list.

  5. Transmission of personally identifiable information to Site Finder, and possible tracking of such information.
    1. Effect on privacy of web browsing. Site Finder receives and, by examination of the code of the pages returned to users, appears to track information about a user's Web browsing. All information described below is sent to Omniture through a "web bug" (JavaScript code), which provides tracking services to VeriSign. (Site Finder Is Leaking Data)
      1. Site Finder sets a cookie on a user's computer, sufficient to track that user over time.
      2. When a user requests a Web site on a nonexistent domain name, Site Finder tracks the name of the site requested.
      3. If the user requests a specific directory and file on the site, Site Finder tracks this information also.
      4. When a user sends a HTTP GET to a nonexistent site, as might take place in case of a typo in a site's HTML code, Site Finder tracks this information.
    2. Site Finder receives email addresses of users who attempt to send mail to invalid domain names, as well as the email addresses of their intended recipients. (Site Finder: The Technical, Legal & Privacy Concerns) However, according to VeriSign staff, Site Finder does not store or track these addresses.

  6. Unexpected implementation. Site Finder's introduction came as a surprise to users, network operators, and Web site administrators.
    1. To the extent that advance preparations could have mitigated the harms described above, such measures were impossible for lack of notice.
    2. To the extent that regulatory authorities or competitors might have sought to prevent the introduction of Site Finder, whether through contractual provisions or through legal remedies, such measures were also impossible in advance.

  7. Upstaging other companies' business models.
    1. Site Finder reduces web traffic to MSN, whose MSN Search service previously provided error messages to users of Internet Explorer who requested nonexistent domains.
    2. Site Finder competes directly with firms including Netster, Ultimate Search, and others to register expiring, unused, or otherwise undesired domains, earning revenue from users' visits and click-throughs. Site Finder has a significant advantage over these firms, in that they must register and pay for the domains on which they offer sponsored links and other content, while Site Finder obtains this traffic without fee. However, this factor is somewhat mitigated by the ability of Netster and kin, upon payment of an ordinary domain name registration fee, to obtain any .COM or .NET domain that is not currently registered and that is therefore displaying Site Finder content.

  8. Impermissible use of VeriSign market position. VeriSign's contracts to run the .COM and .NET registry do not anticipate VeriSign operating a Site Finder service, nor do they anticipate VeriSign receiving the profits accruing from such a service. To the extent that the negotiated registry prices reflect a reasonable profit to VeriSign, any additional profits to VeriSign above and beyond the negotiated prices constitute a windfall not anticipated by the contracts. (Lauren Weinstein on VeriSign Profits)


Last Updated: October 7, 2003 - Sign up for notification of major updates and related work.