Everyone else likes to worry about Google’s gathering conflict of interests, but Verisign’s S.P.E.C.T.R.E.-level skills still take some beating. This week, orbiting crypto analysts Ian Grigg and Adam Shostock belatedly pointed out to ICANN that perhaps Verisign couldn’t trusted with .net. Why? Well, Verisign these days offers both top level domains and SSL certificate authentication. They also, with their NetDiscovery service - sell ISPs a complete service for complying with law enforcement surveillance orders. So, if an American court demands an ISP wiretap its customers, and the ISP turns that order over to Verisign to do the dirty: well, Verisign can now fake any domain you want, and issue any temporary fake certificate, allowing even SSLed communications to be monitored. What’s even more fun is that they are - at least in the US - now moving into providing infrastructure for mobile telephony. Yes, NOT EVEN YOUR RINGTONES ARE SAFE. www.ntk.net