At 3:54 PM -0400 10/8/03, Steven M. Bellovin wrote:
In these days of corporate malfeasance scandal coverage, you'd think that Verisign's tactics would have whetted the appetite of some bright investigative reporter for one of the major publications.
For all that I'm critical of wildcards in TLDs -- I spoke at the meeting yesterday, and my slides are on my Web page -- I don't think there are any issues of malfeasance. No one has been looting Verisign's coffers, they're not cooking the books, etc. I see three issues: is this technically wise, did Verisign have the right to do this under their current contract with ICANN, and should they have such a right. I don't see anything resembling dishonesty.
Steve, I think that's a fair summary. They are being an aggressive business, and perhaps an aggressive business isn't the right steward for a TLD. In my "10,000 foot view," I tried to distinguish what the ideal should have been -- and maybe should be reflected in future contracts -- versus what did happen. There's an old quote that applies to some extent, "Never attribute to malice what can be adequately explained by stupidity." I'm not saying the contract drafters were stupid, but they were under time pressure, couldn't foresee future operational contingencies, etc. Nevertheless, we may have a legal situation not completely unlike the recent issues with do-not-call. When a judge ruled additional legislation was needed, it was passed and signed in what was close to an all-time record. Now, Verisign has a contract, but, if they continue to be disruptive, there are options. It is my hope that Verisign will moderate.