Is the .to (Tonga) domain completely rogue and should be removed?

Thus spake Barry Shein

Well, maybe you missed the part about the website for the San
Francisco Consulate of the Kingdom of Tonga (which the US State Dept
lists as their official presence in the US) being an advertisement for
a software company.

It was all part of a picture that the .to domain may have ceased to
serve as a country TLD for the Kingdom of Tonga.

What if a country ceased to exist entirely and the domain they were
using was hijacked by some random, unrelated entity for their own
malicious purposes? Would that justify decommissioning the TLD
(meaning, removing it from the root servers)?

Here, at last, is a useful question. What _is_ the basis for the
activation of an ISO 3166 2-letter ccTLD; that is, how does one get on
and off ISO's list?

-- jra