ICANN to Prohibit Redirect of DNS Misses

Iljitsch van Beijnum at Ars has news of a well substantiated draft memo that would forbid top level domain operators from re-directing to a page of their own when a name server lookup fails.  The problem originally garnered much attention when Verisign introduced their Site Finder offering which obscured failed domain name look ups with a helpful error page that also happened to carry ads.  Verisign’s motivation was pretty transparently the ad revenue they were able to rake in essentially for free and they ultimately backed down after mass criticism over the practice.

As the article notes, what all the expert input boils down to is that re-directing on a lookup failure breaks DNS, denying machines on the network the ability to legitimately tell when a domain doesn’t exist.

This memo, should it move forward into policy, wouldn’t stop a similar practice by some ISP’s like Verizon.  The difference, as the article explains, is that re-direction by an ISP usually carries an opt-out and as long as the top level servers work as expected, a determined user can stand up their own DNS server that bypasses any sort of re-direction or any other sort of tinkering with DNS resolution requests.

2 Replies to “ICANN to Prohibit Redirect of DNS Misses”

  1. this can’t come too soon, I hate it when Verizon or T-Home or anyone does this redirect… it’s breaking a service whose behavior is set in an RFC.

  2. The memo, if it becomes policy, would only affect the operators of the top level domains, like .com, .net and .org. It wouldn’t stop Verizon or T-Home from doing this.

    However, as the article points out, at least if the TLD servers behave as they are supposed to, then you can use a DNS other than your ISP’s if you do not like their re-direct shenanigans.

Leave a Reply

Your email address will not be published. Required fields are marked *