An "anonymous reader" using almost identical language to Verisign public statements, submitted the following to Slashdot: "After .COM and .NET started using a wildcard, the internet community busily started creating patches to various pieces of software to circumvent this. It was said that this was a grave problem to the internet. Several official BIND patches were announced over the next few days. However, it turns out they weren't necessarily too well thought through. Usage of the patch unexpectedly broke at least 7 Top Level Domains, ISC announced 3 weeks later, after users started having problems. The .NAME registry has sent a formal letter to ICANN's Security and Stability Advisory Comittee to warn against using the BIND patch, which they will look into in their next meeting. The intention may have been good, but... Stability? Anyone?" NSI negotiated an agreement with ICANN overseen by the Department of Commerce so it could keep acting as the registry and registrar for .COM and .NET. NSI/Verisign entered into this agreement of its own free will in order to extend its registry and registrar contracts for many years. NSI/Verisign agreed to follow several procedural safeguards, which some other registrar/registries like .NAME didn't. As part of the agreement NSI/Verisign split domain name operations into two parts. The VeriSign COM NET Registry managed the COM and NET registry and zone files. Verisign GRS committed to fair and equitable treatment of all ICANN registrars accreditated by ICANN. The Registry systems are supposed to have "total separation" from other VeriSIgn systems. Quoting their web site: "Since the establishment of the Registry division in 1999, a primary focus of the entire staff has been developing and maintaining effective structural and procedural measures to provide an effective, credible separation between its Registry and affiliated Registrar businesses." The Registry (not the Registrar) is responsible for generating the .COM and .NET zone files from information submitted by all accredited registrars on an equal basis. Assuming Verisign defends its position that wildcards in a top-level zone don't create security or stability problems, how will the Verisign GRS make the wildcard capability available to all ICANN acredited .COM and .NET registrars without creating a conflict of interest? Why shouldn't all ICANN accredited registrars be able to enter wildcards in the .COM and .NET zone files on a equal access basis? Or is the Verisign GRS favoring its corporate sibling by entering special information in the .COM or .NET zone files for its sibling's benefit without offering the same capability to all other registrars. Registry Code of Conduct http://www.icann.org/tlds/agreements/verisign/registry-agmt-appi-com-25may01...