Jump to content

Verisign

From Wikipedia, the free encyclopedia
(Redirected fromVeriSign)

Verisign, Inc.
Company typePublic
IndustryInternet,communications
FoundedApril 12, 1995;29 years ago(1995-04-12)[1]
FounderJames Bidzos
HeadquartersReston, Virginia,
U.S.
Key people
James Bidzos
(Chairman & CEO)
RevenueIncreaseUS$1.49 billion(2023)
IncreaseUS$1.00 billion(2023)
IncreaseUS$818 million(2023)
Total assetsDecreaseUS$1.75 billion(2023)
Total equityDecreaseUS$−1.6 billion(2023)
Number of employees
908 (2023)
ASNs
Websiteverisign
Footnotes / references
[2]

Verisign Inc.is an American company based inReston, Virginia,that operates a diverse array of network infrastructure, including two of theInternet's thirteenroot nameservers,the authoritative registry for the,.net,and.namegenerictop-level domainsand the.cccountry-code top-level domains,and the back-end systems for the.jobsand.edusponsored top-level domains.

In 2010, Verisign sold its authentication business unit – which includedSecure Sockets Layer(SSL) certificate,public key infrastructure(PKI), Verisign Trust Seal, and Verisign Identity Protection (VIP) services – toSymantecfor $1.28 billion.[3]The deal capped a multi-year effort by Verisign to narrow its focus to its core infrastructure and security business units. Symantec later sold this unit toDigiCertin 2017.[4]On October 25, 2018,NeuStar, Inc.acquired VeriSign's Security Service Customer Contracts.[5]The acquisition effectively transferred Verisign Inc.'sDistributed Denial of Service(DDoS) protection, ManagedDNS,DNS Firewall and fee-based Recursive DNS services customer contracts.[6]

Verisign's formerchief financial officer(CFO) Brian Robins announced in August 2010 that the company would move from its original location ofMountain View,California,toDullesinNorthern Virginiaby 2011 due to 95% of the company's business being on theEast Coast.[7]The company isincorporated in Delaware.[8]

History[edit]

Historical logo

Verisign was founded in 1995 as a spin-off of theRSA Securitycertification services business. The new company received licenses to key cryptographic patents held by RSA (set to expire in 2000) and a time-limited non-compete agreement. The new company served as acertificate authority(CA) and its initial mission was "providing trust for the Internet andElectronic Commercethrough our Digital Authentication services and products ". Prior to selling its certificate business toSymantecin 2010, Verisign had more than 3 million certificates in operation for everything from military to financial services and retail applications, making it the largest CA in the world.

In 2000, Verisign acquiredNetwork Solutionsfor $21billion,[9]which operated the,.netand.orgTLDs under agreements with the Internet Corporation for Assigned Names and Numbers (ICANN) and theUnited States Department of Commerce.Those core registry functions formed the basis for Verisign's naming division, which by then had become the company's largest and most significant business unit.[10]In 2002, Verisign was charged with violation of theSecurities Exchange Act.[11]Verisign divested the Network Solutions retail (domain name registrar) business in 2003 for $100million, retaining thedomain name registry(wholesale) function as its core Internet addressing business.[12]

For the year ended December 31, 2010, Verisign reported revenue of $681 million, up 10% from $616 million in 2009.[13]Verisign operates two businesses, Naming Services, which encompasses the operation of top-level domains and critical Internet infrastructure, and Network Intelligence and Availability (NIA) Services, which encompasses DDoS mitigation, managed DNS and threat intelligence.

On August 9, 2010,Symanteccompleted its approximately $1.28 billion acquisition of Verisign's authentication business, including the Secure Sockets Layer (SSL) Certificate Services, the Public Key Infrastructure (PKI) Services, the Verisign Trust Services, the Verisign Identity Protection (VIP) Authentication Service, and the majority stake in Verisign Japan. The deal capped a multi-year effort by Verisign to narrow its focus to its core infrastructure and security business units.[14]Following ongoing controversies regarding Symantec's handling of certificate validation, which culminated inGoogleuntrusting Symantec-issued certificates in itsChrome web browser,Symantec sold this unit toDigiCertin 2017 for $950 Million.[15]

On 14 December 2021, the Ministry of Justice, Communication and Foreign Affairs of the Tuvalu Government announced on Facebook that they have selectedGoDaddy Registryas the new registry service provider for the domain after Verisign did not participate in the renewal process.[16]

In 2011, Verisign was selected by theGeneral Services Administration(GSA) to operate the registry services for the.govtop-level domain.[17]They continued to operate.govservice until 2023, whenCybersecurity and Infrastructure Security Agency(CISA) choseCloudflareto replace Verisign as the.gov operator.[18]

Verisign's share price tumbled in early 2014, hastened by the U.S. government's announcement that it would "relinquish oversight of the Internet's domain-naming system to a non-government entity".[19]Ultimately ICANN chose to continue VeriSign's role as the root zone maintainer and the two entered into a new contract in 2016.

Naming services[edit]

Security tokenproduced by Verisign

Verisign's core business is its naming services division. The division operates the authoritative domain name registries for two of the Internet's most importanttop-level domains,and.net,and.name.It is the primary technical subcontractor for the.eduand.jobstop-level domainsfor their respective registry operators, which are non-profit organizations; in this role Verisign maintains thezone filesfor these particular domains and hosts the domains from their domain servers. In addition, Verisign is also the contracted registry operator for the country code top-level domain.cc(Cocos Islands).[20]Registry operators are the "wholesalers" of Internet domain names, whiledomain name registrarsact as the “retailers”, working directly with consumers to register a domain name address. It formerly was the contracted registry for.govtop-level domainsas well as for the country code top-level domain.tv (Tuvalu).

Verisign also operates two of the Internet's thirteen "root servers"which are identified by the letters A-M (Verisign operates the “A” and “J” root servers). The root servers form the top of the hierarchicalDomain Name Systemthat supports most modern Internet communication. Verisign also generates the globally recognizedroot zone fileand is also responsible for processing changes to that file once they are ordered byICANNviaIANAand approved by theU.S. Department of Commerce.Changes to the root zone were originally distributed via the A root server, but now they are distributed to all thirteen servers via a separate distribution system which Verisign maintains. Verisign is the only one of the 12 root server operators to operate more than one of the thirteenroot nameservers.The A and J root servers are "anycasted”and are no longer operated from any of the company's own datacenters as a means to increase redundancy and availability and mitigate the threat of asingle point of failure.In 2016, the Department of Commerce ended its role in managing the Internet's DNS and transferred full control to ICANN. While this initially negatively impacted VeriSign's stock, ICANN eventually chose to contract with Verisign to continue its role as the root zone maintainer.

VeriSign's naming services division dates back to 1993 when Network Solutions was awarded a contract by theNational Science Foundationto manage and operate the civilian side of the Internet's domain name registrations.[21]Network Solutions was the sole registrar for all of the Internet's non-governmental generic top-level domains until 1998 when ICANN was established and the new system of competitive registrars was implemented. As a result of these new policies, Network Solutions divided itself into two divisions. The NSI Registry division was established to manage the authoritative registries that the company would still operate, and was separated from the customer-facing registrar business that would have to compete with other registrars. The divisions were even geographically split with the NSI Registry moving from the corporate headquarters in Herndon, Virginia, to nearby Dulles, Virginia. In 2000, VeriSign purchased Network Solutions taking over its role in the Internet's DNS. The NSI Registry division eventually became VeriSign's naming services division while the remainder of Network Solutions was later sold by Verisign in 2003 to Pivotal Equity Group.

Company properties[edit]

Following the sale of its authentication services division in 2010, Verisign relocated from its former headquarters in Mountain View, California, to the headquarters of the naming division inSterling, Virginia(originally NSI Registry's headquarters). Verisign began shopping that year for a new permanent home shortly after moving. They signed a lease for 12061 Bluemont Way inReston,the formerSallie Maeheadquarters, in 2010 and decided to purchase the building in September 2011. They have since terminated their lease of their current space in two buildings at Lakeside@Loudoun Technology Center. The company completed its move at the end of November 2011. The new headquarters is located in theReston Town Centerdevelopment which has become a major commercial and business hub for the region. In addition to its Reston headquarters, Verisign owns three data center properties. One at 22340 Dresden Street in Dulles, Virginia, not far from its corporate headquarters (within the large Broad Run Technology Park), one at 21 Boulden Circle in New Castle, Delaware, and a third in Fribourg, Switzerland. Their three data centers are mirrored so that a disaster at one data center has a minimal impact on operations. Verisign also leases an office suite in downtown Washington, D.C., on K street where its government relations office is located. It also has leased server space in numerous internet data centers around the world where the DNS constellation resolution sites are located, mostly at major internet peering facilities. One such facility is at theEquinixAshburn Datacenter inAshburn, Virginia,one of the world's largest datacenters and internet transit hubs.

Controversies[edit]

2001: Code signing certificate mistake[edit]

In January 2001, Verisign mistakenly issued two Class 3code signingcertificates to an individual claiming to be an employee ofMicrosoft.[22]The mistake was not discovered and the certificates were not revoked until two weeks later during a routine audit. Because Verisign code-signing certificates do not specify a Certificate Revocation List Distribution Point, there was no way for them to be automatically detected as having been revoked, placing Microsoft's customers at risk.[citation needed]Microsoft had to later release a special security patch in order to revoke the certificates and mark them as being fraudulent.[23]

2002: Domain transfer law suit[edit]

In 2002, Verisign was sued fordomain slamming– transferring domains from other registrars to themselves by making the registrants believe they were merely renewing their domain name. Although they were found not to have broken the law, they were barred from suggesting that a domain was about to expire or claim that a transfer was actually a renewal.[24]

2003: Site Finder legal case[edit]

In September 2003, Verisign introduced a service calledSite Finder,which redirected Web browsers to a search service when users attempted to go to non-existentor.netdomain names.ICANNasserted that Verisign had overstepped the terms of its contract with theU.S. Department of Commerce,which in essence grants Verisign the right to operate theDNSforand.net,and Verisign shut down the service. Subsequently, Verisign filed a lawsuit against ICANN in February 2004, seeking to gain clarity over what services it could offer in the context of its contract with ICANN. The claim was moved from federal to California state court in August 2004.[25]In late 2005, Verisign and ICANN announced a proposed settlement which defined a process for the introduction of new registry services in theregistry. The documents concerning these settlements are available at ICANN.org.[26]The ICANN comments mailing list archive[27]documents some of the criticisms that have been raised regarding the settlement. Additionally, Verisign was involved in thesexmatter[clarification needed]decided by theNinth Circuit.[28]

2003: Gives up.orgdomain[edit]

In keeping with ICANN's charter to introduce competition to the domain name marketplace, Verisign agreed to give up its operation of.orgtop-level domain in 2003 in exchange for a continuation of its contract to operate,which, at the time had more than 34 million registered addresses.

2005: Retains.netdomain[edit]

In mid-2005, the existing contract for the operation of.netexpired and five companies, including Verisign, bid for management of it. Verisign enlisted numerous IT and telecom heavyweights including Microsoft, IBM, Sun Microsystems, MCI, and others, to assert that Verisign had a perfect record operating.net.They proposed Verisign continue to manage the.netDNS due to its critical importance as the domain underlying numerous "backbone" network services. Verisign was also aided by the fact that several of the other bidders were based outside the United States, which raised concerns in national security circles. On June 8, 2005, ICANN announced that Verisign had been approved to operate.netuntil 2011. More information on the.netbidding process is available atICANN.[29]On July 1, 2011, ICANN announced that VeriSign's approval to operate.net was extended another six years, until 2017.[30]

2010: Data breach and disclosure controversy[edit]

In February 2012, Verisign revealed that their network security had been repeatedly breached in 2010. Verisign stated that the breach did not impact theDomain Name System(DNS) that they maintain, but would not provide details about the loss of data. Verisign was widely criticized for not disclosing the breach earlier and apparently attempting to hide the news in an October 2011 SEC filing.[31][32]

Because of the lack of details provided by Verisign, it was not clear whether the breach impacted the certificate signing business, acquired by Symantec in late 2010. Some, such as Oliver Lavery, the Director of Security and Research for nCircle, doubted whether sites using Verisign SSL certificates could be trusted.[31]

2010: Web site domain seizures[edit]

On November 29, 2010, theU.S. Immigration and Customs Enforcement(U.S. ICE) issued seizure orders against 82 web sites withInternet addresses that were reported to be involved in the illegal sale and distribution of counterfeit goods.[33]As registry operator for,Verisign performed the required takedowns of the 82 sites under order from law enforcement.[34]InformationWeekreported that "Verisign will say only that it received sealed court orders directing certain actions to be taken with respect to specific domain names".[35]The removal of the 82 websites was cited as an impetus for the launch of "the Dot-P2P Project"[36]in order to create a decentralized DNS service without centralized registry operators. Following the disappearance ofWikiLeaksduring the following week[37]and its forced move to wikileaks.ch, a Swiss domain, theElectronic Frontier Foundationwarned of the dangers of having key pieces of Internet infrastructure such as DNS name translation under corporate control.[38]

2012: Web site domain seizure[edit]

In March 2012, the U.S. government declared that it has the right to seize domains ending in,.net,.cc,.tv,.name,and.orgif the companies administering the domains are based in the U.S. The U.S. government can seize the domains ending in,.net,.cc,.tv,and.nameby serving a court-order on Verisign, which manages those domains. The.orgdomain is managed by theVirginia-based non-profitPublic Interest Registry.In March 2012, Verisign shut down the sports-betting site Bodog after receiving a court order, even though the domain name was registered to a Canadian company.[39]

References[edit]

  1. ^"Verisign Company Profile - CNNMoney".CNN Money.Archivedfrom the original on October 10, 2017.RetrievedSeptember 1,2016.
  2. ^"Verisign 2023 Annual Report 10-K".U.S. Securities and Exchange Commission.February 15, 2024.
  3. ^Antone Gonsalves (May 20, 2010)."Symantec To Buy VeriSign Unit For $1.28 Billion – Storage – Disaster".Informationweek.Archivedfrom the original on May 22, 2010.RetrievedJuly 13,2013.
  4. ^"Symantec Plans to Sell This Business for Nearly $1 Billion".Fortune.August 2, 2017.Archivedfrom the original on January 4, 2018.RetrievedMarch 1,2018.
  5. ^"NeuStar Acquires VeriSign - Security Services Customer Contracts | Mergr".mergr.Archivedfrom the original on February 29, 2020.RetrievedFebruary 29,2020.
  6. ^"Neustar Acquires Verisign's Security Services Customer Contracts".home.neustar.Archivedfrom the original on April 19, 2019.RetrievedFebruary 29,2020.
  7. ^Krouse, Sarah (August 27, 2010)."VeriSign shifts headquarters to Virginia".Washington Business Journal.Archivedfrom the original on August 30, 2010.RetrievedMarch 1,2018.
  8. ^"EDGAR Search Results".sec.gov.Archivedfrom the original on October 16, 2018.RetrievedOctober 16,2018.
  9. ^"Verisign acquires Network Solutions for $21B - Mar. 7, 2000".money.cnn.Archivedfrom the original on April 12, 2011.RetrievedApril 12,2011.
  10. ^Kell, John (July 25, 2013)."VeriSign boosts profit 23% on revenue, margins".The Wall Street Journal.Archivedfrom the original on August 1, 2013.RetrievedAugust 24,2013.
  11. ^"The Emerson Firm Announces Class Action Lawsuit Against VeriSign Inc. on Behalf of Investors — VRSN"(Press release). May 16, 2002.Archivedfrom the original on August 7, 2014.RetrievedJuly 19,2013.
  12. ^"VeriSign To Sell Network Solutions, Exit Registrar Business - News - TechNewsWorld".technewsworld.October 17, 2003.Archivedfrom the original on March 18, 2012.RetrievedApril 12,2011.
  13. ^"VERISIGN REPORTS 10% YEAR-OVER-YEAR REVENUE GROWTH IN 2010".Archived fromthe originalon November 2, 2011.RetrievedApril 12,2011.
  14. ^Dealbook (August 10, 2010)."Symantec Acquires VeriSign for $1.28 Billion".Archivedfrom the original on March 2, 2018.RetrievedMarch 5,2017.
  15. ^Raymond, Art (August 3, 2017)."Lehi's DigiCert swallows web security competitor in $1 billion deal".Deseret News.RetrievedMay 21,2020.
  16. ^Allemann, Andrew (December 14, 2021)."GoDaddy wins contract to run.TV, Verisign didn't bid for renewal".Domain Name Wire | Domain Name News.RetrievedSeptember 24,2023.
  17. ^Lipowicz, Alice (February 3, 2011)."GSA selects VeriSign to manage.gov domain name registry".GCN.RetrievedJanuary 16,2023.
  18. ^Murphy, Kevin (January 16, 2023)."Verisign loses prestige.gov contract to Cloudflare".DomainIncite.RetrievedJanuary 16,2023.
  19. ^"VeriSign Inc. (VRSN) Pulled Back After Government Transition".March 18, 2014.Archivedfrom the original on April 13, 2014.RetrievedApril 12,2014.
  20. ^"Registry Agreements".ICANN.Archivedfrom the original on November 6, 2015.RetrievedNovember 30,2015.
  21. ^National Science Foundation"A Brief History of NSF and the Internet".nsf.gov.Archivedfrom the original on November 27, 2015.RetrievedNovember 30,2015.
  22. ^"Microsoft Security Bulletin MS01-017 - Critical: Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard".Microsoft.March 22, 2001.RetrievedApril 29,2021.
  23. ^"Windows Security Update: Verisign Digital Certificates Spoofing Hazard".Microsoft.March 28, 2001.RetrievedJune 30,2012.
  24. ^TheRegister.co.ukArchivedAugust 10, 2017, at theWayback Machine:VeriSign slammed for domain renewal scam
  25. ^"Litigation Documents".ICANN.org. March 26, 2007.Archivedfrom the original on July 12, 2007.RetrievedAugust 21,2007.
  26. ^"ICANN".icann.org.Archivedfrom the original on February 7, 2006.RetrievedFebruary 3,2006.
  27. ^"ICANN Email Archives: [settlement-comments]".forum.icann.org.Archivedfrom the original on February 18, 2006.RetrievedFebruary 3,2006.
  28. ^"Kremen v. Network Solutions, Inc"(PDF).July 25, 2003. Archived fromthe original(PDF)on February 3, 2007.RetrievedAugust 21,2007.
  29. ^"ICANN - Archives - General Information Regarding Designation of the Subsequent.net registry Operator".icann.org.Archivedfrom the original on December 4, 2004.RetrievedDecember 4,2004.
  30. ^"ICANN".icann.org.Archivedfrom the original on October 3, 2015.RetrievedOctober 1,2015.
  31. ^abBradley, Tony (February 2, 2012)."VeriSign Hacked: What We Don't Know Might Hurt Us".PCWorld.Archivedfrom the original on June 11, 2013.RetrievedJuly 13,2013.
  32. ^Albanesius, Chloe (February 2, 2012)."VeriSign Hacked Multiple Times in 2010 | News & Opinion".PCMag.Archivedfrom the original on January 16, 2013.RetrievedJuly 13,2013.
  33. ^"82 Websites removed by DNS removal".Archived fromthe originalon December 2, 2010.RetrievedNovember 12,2010.
  34. ^"Verisign implicated in DNS annulment".Archivedfrom the original on December 1, 2010.RetrievedNovember 12,2010.
  35. ^"Verisign acknowledges DNS removals".Archivedfrom the original on December 6, 2010.RetrievedNovember 12,2010.
  36. ^"Peer-to-peer response to Verisign's DNS removals".Archivedfrom the original on March 28, 2018.RetrievedNovember 12,2010.
  37. ^Arthur, Charles (January 8, 2010)."WikiLeaks under attack: the definitive timeline".the Guardian.Archivedfrom the original on January 17, 2017.RetrievedDecember 18,2016.
  38. ^"EFF warns of Internet chokepoints".Archivedfrom the original on December 5, 2010.RetrievedNovember 12,2010.
  39. ^Kravets, David (March 6, 2012)."Uncle Sam: If It Ends in.Com, It's.Seizable".Wired.RetrievedJune 24,2021.

External links[edit]

Wikimedia Commons has media related toVerisign.
  • Official website
  • Digicert SSL Certificates - formerly from Verisign
  • Oral history interview with James Bidzos,Charles Babbage InstituteUniversity of Minnesota, Minneapolis. Bidzos discusses his leadership of software security firmRSA Data Securityas it sought to commercialize encryption technology as well as his role in creating theRSA Conferenceand founding Verisign. Oral history interview 2004, Mill Valley, California.
  • Business data for Verisign:
Retrieved from "https://en.wikipedia.org/w/index.php?title=Verisign&oldid=1212707828"