FWIW: To: The Department of Homeland Security Sent (via dhs.gov site form) Dated: 21 Sep 2003 14:24:37 -0000 Category: Security Threats Message: Threat to the stability and predictability of the Internet infrastructure: Verisign is solely and exclusively responsible for the maintenance (and therefore stability) of the root GTLD domain name servers for .com and .net top level domains. Verisign has recently "wildcarded" address records in such a way that attempts to access nonexistant (ie unregistered or mistyped) domain names results in a redirection to a Verisign site at sitefinder.verisign.com. This obviously profit-motive-driven act is not only in violation of certain terms of its contract with ICANN, but has had a destabilizing effect on the network operators community who expect the Internet name service to operate in a designed and predictable way. DHS would be well advised to consider the potential threat that Internet unpredictability has on this country's cyber infrastructure and to seriously consider the relocation of root server responsibility to non-profit-motive-driven organizations. We are all too busy maintaining stable environments to have to consider reactions and countermeasures to Verisign's autonomous and arrogant behavior.