the more i think about this, the more i am inclined to consider a second trusted root not (easily) attackable by the usg, who owns the root now,
This particular domain grab had nothing to do with the root or ICANN. If you look at the name servers and WHOIS of the domains that were seized, you can easily see that the USG served papers on Verisign, who did what the papers told them to, because they're the .COM registry. Anyone who registers a .COM really shouldn't be surprised to find out that Verisign is headquartered in California, and is 100% subject to US law, not to mention still having a side agreement with DoC about .COM due to its history. For several decades the USG has made it crystal clear that they do not mess with ccTLDs, not even ones for countries they don't like such as .CU and .IR. If you want a USG-proof domain, use a ccTLD. I am somewhat more concerned about the possiblity that the government would have a mandatory do-not-resolve list for networks in the US. That would be unlikely to stand up in court, viz. the quick failure of the Pennsylvania child porn IP blacklist, but the process would be painful while it unfolded. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly