By David McGuire
washingtonpost.com Wednesday, September 4, 2002; Page E05
VeriSign Inc. was threatened yesterday with the loss of its right to sell ".com" domain names if it fails to clean up its public database that records who owns which Web sites.
The Internet Corporation for Assigned Names and Numbers (ICANN), which manages the Internet's global addressing system, said VeriSign, owner of the largest and first commercial dot-com registrar, "blatantly ignored" its obligation to fix inaccuracies in its "Whois" database, citing 17 violations over the past 18 months.
ICANN said that while all of the 150 registrars occasionally have inaccurate entries, VeriSign's Dulles-based Network Solutions unit "has exhibited a pattern of persistent violations of its contractual obligations to take reasonable steps to correct inaccurate or incomplete Whois data in spite of repeated requests and reminders by ICANN."
VeriSign is the first registrar to be threatened with the loss of its right to sell registrations, ICANN said.
The company will correct the violations immediately, spokesman Brian O'Shaughnessy said. But he objected to ICANN's saying that 17 violations established a pattern of abuse. VeriSign maintains more than 10 million Internet addresses, he noted.
"It's like holding a few grains of sand in your hand and calling it a beach," O'Shaughnessy said. "We're going to correct these because we take our obligations seriously, [but] calling it a pattern and dictating that it's cavalier is an unfair characterization."
All accredited Internet registrars are required to maintain publicly available Whois databases, which often provide the only clues to the identities of Web sites' operators. Although registrars are not obligated to verify the accuracy of the information in their databases, they must remedy any incorrect entries brought to their attention.
ICANN, in its formal notice to VeriSign, said that "in many cases it appears that [the firm] simply ignores the complaints." In one case that ICANN cited, VeriSign failed to correct an entry in which a domain name was registered to a "Toto," who listed "the yellow brick road, Oz, KS" as a street address.
VeriSign has 15 working days to fix the errors, or ICANN said it may terminate the company's accreditation agreement.
ICANN spokeswoman Mary Hewitt said it wasn't the violations themselves that were ICANN's main source of concern, but rather VeriSign's attitude toward rectifying its mistakes.
"How many notices do we give before it becomes an issue?" Hewitt asked. "Other registrars usually address these issues rapidly."
ICANN also announced yesterday the establishment of an online form that people can use to report faulty Whois data. The organization will also establish a tracking system to notify registrars of reported inaccuracies.
In addition to being the largest registrar, or retailer, of .com names, VeriSign is the sole registry, or wholesaler, of names ending in .com, .net and .org. It's VeriSign's retail rights, not its wholesale responsibilities, that are at risk under this complaint.
In its function as a registry, VeriSign charges Internet registrars (including its own registrar unit) a flat annual fee of $6 for every .com name they sell to customers. Registrars, in turn, charge consumers varying annual fees to maintain their Internet addresses. VeriSign's registrar charges its customers $35 a year.
VeriSign used to have a government-approved monopoly over wholesale and retail sales of .com names. But in 1998, the Commerce Department, which maintains control of the Internet's authoritative "root server," commissioned the nonprofit ICANN to inject competition into the addressing sector. The root server is the master list of Net addresses ending in "top-level" domains including .com, .net and .org.
ICANN has since accredited dozens of new address retailers and has approved the creation of several new domains to spur competition at the wholesale level.
ICANN and VeriSign clashed often during the early stages of ICANN's existence as they bickered over the means for introducing competition to the addressing industry. After VeriSign signed accreditation deals with ICANN in 1999, the entities appeared to enter a truce. But hostilities flared again in August, when VeriSign joined with other Internet registries in urging the federal government to scale back ICANN's powers.
In addition to operating its extensive addressing business, Mountain View, Calif.-based VeriSign is one of the world's largest Internet security companies. But the dot-com downturn has taken its toll. The company earlier this year laid off more than 400 employees and reported a $4.8 billion loss in the quarter ended June 30, on revenue of $317 million. Its stock closed yesterday at $6.53 per share.