> It is worth noting that if we are to "pass judgement against" Verisign > there are at least half-dozen other TLDs that blazed the trail. We just > overlooked them because of their size as compared to .NET and .COM. when people started beating on my phone ringer about wildcards yesterday evening, and screaming for patches to bind to somehow make it all better, i asked "but other tld's do this, what's the big deal?" as near as i can figure it, the problem is one of expectation. if someone signs up for .nu they know there'll be a wildcard there before they sign, and they can take appropriate precautions (like only using it for web or e-mail, and not naming hosts under that tld). the expectations for .com and .net to not have wildcards were all set many years ago, and it's the violation of those expectations that's got people angry enough to publish patchware about it. -- Paul Vixie