There are actually 3 separate problems (maybe more?):
1. Obvious technical problems (sudden disappearance of NXDOMAINS the main one) screwing up non-HTTP traffic.
2. If you remove your name servers for a com/net domain instead of your site going dead - which you may actually WANT to do - Verisign now gets the traffic.
3. Verisign is now presenting a copyrighted page when an unregistered phrase is entered - possibly problems with existing TM terms that are not registered as domains ( the IP lawyers have been strangely silent so far) and Verisign may be able to claim rights through prior-use to any phrases that someone wants to TM in the future.
4. Anticompetitive - Verisign are monetising traffic (via pay-per-click affiliation) for non-existing domains. If someone wants to compete with them in the same arena, they have to first figure out exactly WHICH non-existing domain needs to be registered (whereas Verisign KNOWS which ones are producing traffic) then PAY Verisign $6 per annum per domain for the privilege to compete with them. Verisign has zero cost per domain. And you can bet your aunty that as soon as they get their butt kicked over this, they'll form a subsidiary, take a look at the data they collected during this test period, and register all the domains that will produce more than $6 per annum in click revenue.
Verisign needs to have the com/net contract PULLED for this little stunt. I doubt ICANN will do it, without pressure from Doc and FTC.
OK. 4 problems.
Add another point to the list - grave security concerns (IMHO) regarding mistyped email addresses. Ok so at the moment they have a bogus SMTP server which rejects any mail you try to send it, but whats to say that they won't sneakily change this in future to accept messages (or certain messages) and only reject the messages AFTER the data phase of the SMTP transaction, instead of before, as it does at the moment. The end user sees the incorrectly addressed mail bounce back, shrugs their shoulders and re addresses it, meanwhile verisign could easily have a copy of that message, if they so desired. Why should the whole world trust verisign to keep rejections of mis-addressed email confidential when they can't be trusted not to pull a stunt like this in the first place ? At the very least it causes unnecessary traffic as a mailserver does a DNS lookup on a bogus domain, thinks that it exists, tries to send to verisign's server, and gets a reject instead of just seeing right away that the domain doesn't exist after the DNS lookup. Other things that have been broken by this include some spam filtering techniques - Most mailservers reject incomming mail when the return address is a non existant domain, (a surprising amount of spam attempts to do this) now all .net and .com domains are "valid" according to a simple DNS lookup done by the mailserver, so this is no longer effective. One thing that affected SpamAssassin is that the RBL dorkslayers (and orbs as well I think) which had been defunct for some time suddenly "sprang to life" as every DNS lookup under the dorkslayers domain suddenly started returning an ip address instead of NXDOMAIN, causing every message to match as if they were blacklisted... This madness must stop..... *sigh* Regards, Simon