VeriSign's New Site Finder Redirects Bad Domain Traffic

VeriSign is now resolving requests for non-existent .COM and .NET domains to an error page that features a search engine that it operates called Site Finder, a move that's quickly raised controversy.

Previously, such bad requests would have resulted in an error that in turn would be handled in different ways by various browsers.

For example, consider a request for the non-existent ww.amazon.co.uk web site. Entering that into Internet Explorer produces an error page saying, "We can't find ww.amazon.co.uk." The page provides an option to search the web using the Microsoft-owned MSN Search service. It's also offers the helpful message, "Did you intend to go to one of these similar Web addresses?" with the correct www.amazon.co.uk site listed as a link.

You can still see the error message shown above in Internet Explorer because the domain I used in the example does NOT end in .COM or .NET. For those domains, a change that VeriSign made on Monday means you'll be redirected to its search engine (if this isn't yet happening for you, it's because it will take a few days for the new system to fully propagate across the web).

The move, only days old, is already proving controversial. VeriSign is being accused of hijacking traffic, though who exactly "owns" the traffic to non-existent domains is entirely unclear.

Indeed, back when Netscape introduced "Smart Browsing," it faced accusations from .COM domain owners that it was somehow robbing them of traffic. For example, prominent blogger Dave Winer at the time was disturbed that those entering just the word "scripting" were not resolved to his web site of scripting.com. My past story from that time, Netscape Smart Browsing Available, Debated, explains the situation in more detail.

Today, it's Internet Explorer that dominates the browser marketshare. IE has its own mechanisms for dealing with bad domains or when a particular page no longer exists (my past story Searching & Navigating Via Internet Explorer covers this, though the RealNames system no longer operates). If anyone is being "robbed" by VeriSign, it's Microsoft -- yet Microsoft itself has come under accusations of somehow robbing people of traffic because of its own resolution systems.

In general, the main concern shouldn't be on who owns the traffic but whether the user experience is being improved. VeriSign argues that it is.

"Like many registries, we are continually exploring how to enhance the internet user experience, and Site Finder does that for millions of users each day. And it reintroduces consistency into the mistyped domain name experience, since Site Finder is implemented uniformly regardless of the particular application," said Christopher Parente, senior manager of naming and directory services with VeriSign.

I've been generally impressed with how Internet Explorer handles things. It remains to be seen whether VeriSign will live up to or exceed that standard. To get an early measure, I tried a few queries:

  • wwwww.amazon.com: MSN failed but VeriSign succeeded in suggesting www.amazon.com as a useful alternative
  • www.serchenginewatch.com: Both MSN and VeriSign succeeded in suggesting www.searchenginewatch.com as a useful alternative
  • ggoogle.com: Both MSN and VeriSign succeeded in listing www.google.com as a useful alternative
  • wwww.quicken.com: Both MSN and VeriSign listed the www.quicken.com site as a useful alternative

Overall, VeriSign certainly appears no worse than what MSN was offering. My main disagreement is that the alternative addresses, presented under the "Did You Mean" heading, appear only after you see a search box. The same is true with MSN. In both cases, it would be better to flip-flop the order.

I do dislike that the VeriSign service feels more commercial than what MSN does. The VeriSign error page offers a "Search Popular Categories" option. Since it was navigational request that originally generated the page, rather than a search request, offering this type of suggestive sell to browse paid listings from Overture feels exploitive rather than useful.

It's important to keep in mind what VeriSign is NOT doing, so let's bullet-point these:

  • It does not hijack any registered domains that are properly configured with DNS servers
  • It does not resolve words entered into an address bar. Words such as "apples" or "google" will continue to be handled however your browser used to handle them
  • It does not resolve 404 Page Not Found errors. These errors are only generated by a web server that is operational. If the web server works -- you can reach it through a proper domain name -- then the new VeriSign service would never kick in
  • It does not work for domains other than those ending in .COM and .NET

Understand that the experience you have when going directly to Site Finder is different than what you'll encounter if you reach it because of a bad DNS resolution. Specifically, going directly to the site will not show you any of the "Did You Mean" results that most browser users will see. Nor can you see these results just by searching at Site Finder.

Instead, to manually trigger them, type this into your browser's address field:

http://sitefinder.verisign.com/lpc?url=ENTER-DOMAIN-NAME-HERE

Now change the ENTER-DOMAIN-NAME-HERE part to whatever you want to test, for instance:

http://sitefinder.verisign.com/lpc?url=adjkdjkdjfdidlajdflaadidladao.com

Be aware that this manual process will show results even for VALID domain names. Don't panic! There's really no reason a normal web surfer would ever see those results if they tried to reach your web site, since they'd only get to the service by entering an invalid .COM or .NET domain.

By the way, to see what MSN Search would do, follow a similar format:

http://search.msn.com/dnserror.aspx?FORM=DNSAS&q=ENTER-DOMAIN-NAME-HERE

As for actual search results from Site Finder, these are paid listings from Overture (marked "Sponsored Results"), with web search results (marked "Web Results") from Inktomi kicking in after Overture results or if there are no Overture results.

While the user experience remains a main concern, the VeriSign move also has raised some other issues, in particular whether the change will have an impact on other internet aspects, such as how mail gets resolved and security issues. You can find a rundown about these issues in some of the stories below. The first two have some reaction from AOL and MSN, and the last ones touch on implementation issues.

Ultimately, it will be interesting to see how MSN and AOL respond. My assumption is that both parties might be able to configure their systems to avoid the new VeriSign errors pages, if they so choose.

I asked MSN if Microsoft could override what VeriSign but didn't get a response to the question. Instead, MSN offered a general comment on the situation.

"MSN remains 100 percent committed to providing our customers with the most relevant search results. VeriSign's decision to redirect traffic from misspelled queries isn't of great concern to us, because the amount of traffic driven to MSN search through misspelled queries is insignificant. We are also focused on generating traffic from satisfied and repeat consumers rather than counting on mistyped query traffic," said MSN product manager Karen Redetzki.