i am disappointed to hear these stories about cert, but encourage others with tales to tell to step forward. this is a real eye-opener.
I just had to deal with a minor crisis caused by CERT. They contacted the domain-admin for the *.fi domain, saying they had been informed that the anonymous ftp archive at anon.penet.fi was being used to distribute illegal copies of software. They did *not* contact me directly, nor my service provider. The last time anon.penet.fi was shut down was exactly because of somebody contacting the domain-admin, who happens to be a person working for a competitor to my service provider. Fortunately I could tell them that anon.penet.fi didn't even run ftp at all, easily verifiable by trying to ftp from anon.penet.fi. They did apologize profusely, but somehow that doesn't quite... julf