I was talking about public perception and the ability to change it through marketing; not any actual security.
It's like the difference between ".com" and ".biz", "people" don't understand when something isn't a ".com" and don't trust it. When I say "people" I'm talking about the average non-technical consumer.
That is all.
it isn't likely that we could arrive at a useful definition of some subjective view held by others, so a discussion of "security" as a belief held by others is a waste of list and subscribers. there are broad claims: o zone file security requires registrant data correctness, a claim advanced by the set of actors advancing "WHOIS" policy at icann and elsewhere, o zone file security requires digital signature and little else, a claim implicit in the broad advocacy of dnssec and no other requirement relating to zone files, o zone file security requires registry applicant vetting and little else, a claim implicit in the broad advocacy for vetting and no other requirement relating to zone files, o zone file security requires registry security, and that would be me, channeling for roland on availability as an architecture consequence, followed by the other two legs of the cannonical CIA triad, for distributed systems. pick one or write your own and run with it. the folks at nominet did something useful and generous during the life in hell of the hstld ag, they attempted to cost compliance to the baroque set of requirements the aba/bits salted the mine with before there was an agenda, and the whois fanatics added. they came up with a six figure sum, which if applied to all registries, would put a nice "gold standard" logo on .com, and kill off (the whois fanatics wanted it mandatory on all new registries) all of the registries with less than that amount in wasteful excess annual income. -e