[ic] Verisign -- please vote with your feet!
pvinci at vinciguerra.com
Sat Sep 27 19:29:24 EDT 2003
On Sat, 27 Sep 2003 15:50:02 -0400, Mike Heins wrote
> Dear Interchange Users,
> In the nearly seven years this list has existed, I have not often
> used it as a soapbox. I guess I am now.
> I have stopped using all Verisign products, period.
> * Where I once had (either myself or with clients) a hundred or more
> domains registered with them, now I have zero. Any time I find someone
> registered at Verisign, I immediately suggest a move to another
> registrar, and I donate my time to help them do it at my
> * I used Thawte since I first heard about them, approximately 1997,
> partly because they were not Verisign. When they were bought by
> Verisign, I felt they kept some of their integrity, so I kept using
> them. At this point, though, I have switched to Comodo and will no
> longer renew certificates with Thawte, and will no longer generate
> a CSR for them. And certainly not for the Verisign brand itself.
> * I wrote a Signio client for Interchange, which eventually became
> the PayFlowPro module. I regret that, and I never recommend PayFlowPro.
> Many of you may realize I have despised them for years; but they have
> now gone far beyond the bounds of civilized behavior.
> If I find anything else which is owned by Verisign, I will stop using
> it. I will no longer work on any part of Interchange which supports a
> Verisign product. Though I wouldn't be so insensitive as to do it
> unilaterally, I will suggest that we remove the Interchange Signio/PayFlowPro
> module from Interchange, and move it to a separate site or a contrib
> Verisign obviously believes they are above the law and they believe they
> don't need to conduct themselves with respect toward other people. They
> routinely abuse trust by sending promotional email to people who have
> specifically requested not to receive it.
> And now the ultimate abuse of trust -- they hijack the Internet; the
> NXDOMAIN DNS response existed for a reason, and now you won't get it
> when you request a non-existent .net or .com domain.
> I no longer consider them trustworthy to sign HTTPS certificates, and
> have revoked all of their root certs in my browser. I may allow some
> stores using their certs to sell to me, but I will have to OK the
> certificate every time it is presented and I will send them feedback
> that I don't appreciate them supporting pirates.
> Please don't help Verisign run roughshod over everyone in the
> world. Please stop using Verisign products.
The problem is, at I see it, that Verisign effectively owns the .com and .net
space. Its unlikely people are going to abandon .coms and .nets over this and
verisign knows this. Its been rumored that they are currently recieving $1M+
/ day for planting overture bugs in visitors browsers. With incentives like
that, its unlikely its coming down any time soon. So, the BIND patch solution
seems to be the only REAL workable solution in the short term.
> Best Regards,
> Mike Heins
> interchange-users mailing list
> interchange-users at icdevgroup.org
More information about the interchange-users