I was talking about public perception and the ability to change it
through marketing; not any actual security.
It's like the difference between ".com" and ".biz", "people" don't
understand when something isn't a ".com" and don't trust it. When I
say "people" I'm talking about the average non-technical consumer.
That is all.
it isn't likely that we could arrive at a useful definition of some
subjective view held by others, so a discussion of "security" as a
belief held by others is a waste of list and subscribers.
there are broad claims:
o zone file security requires registrant data correctness, a
claim advanced by the set of actors advancing "WHOIS" policy
at icann and elsewhere,
o zone file security requires digital signature and little else,
a claim implicit in the broad advocacy of dnssec and no other
requirement relating to zone files,
o zone file security requires registry applicant vetting and
little else, a claim implicit in the broad advocacy for vetting
and no other requirement relating to zone files,
o zone file security requires registry security, and that would
be me, channeling for roland on availability as an architecture
consequence, followed by the other two legs of the cannonical
CIA triad, for distributed systems.
pick one or write your own and run with it.
the folks at nominet did something useful and generous during the life in
hell of the hstld ag, they attempted to cost compliance to the baroque
set of requirements the aba/bits salted the mine with before there was an
agenda, and the whois fanatics added. they came up with a six figure sum,
which if applied to all registries, would put a nice "gold standard" logo
on .com, and kill off (the whois fanatics wanted it mandatory on all new
registries) all of the registries with less than that amount in wasteful
excess annual income.