After my last anti-Verisign rant, Paul Hoffman sent me some email and set me straight on a lot of things. One thing he asked me, which I didn't have an answer to, is "Who should run the DNS Root instead?" Paul has a pretty credible answer, in his sweeping ICANN-reform proposal.
The TLD Secretariat could easily be a single person. Her or his allegiance would be first to the root server operators, then to the ccTLDs, and lastly to the gTLDs. A stable, well-respected, international Internet organization would appoint the TLD Secretariat. While there are benefits to having the ITU organize the ccTLD administrators, it would be completely unsuited selecting the TLD Secretariat because it isn't well regarded in the Internet community or by the root server operators. The Internet Society (ISOC) would be a much better choice.
Given ICANN's current penchant for secrecy and closed meetings, the new TLD Secretariat will have a harder time gaining the world's trust. Fortunately, it wouldn't be difficult to make all correspondence to and from the TLD Secretariat a matter of public record. Although this might initially cause some consternation for the commercial registries that have benefited from ICANN's methods, it will build trust in the system.
