David Mazieres wrote:

How can you say there are no routers? The verification process is a confirmation E-mail message. To intercept this you must compromise a router, a nameserver, or the host on which the domain administrator reads mail. Since there often are multiple domain administrators on different networks, I stand my my statement that it would require multiple active attacks, etc.

The confirmation message is sent to the address requesting an update. This could be anyone. To take a real example, my dxm.org domain was modified by hostmaster@best.com - neither the existing admins, nor root@dxm.org received any confirmation, as the request was sent from another address. The InterNIC does NOT require domain update requests to be sent by admins - that is, in fact, the simplest level of authentication that will be introduced by the InterNIC Guardian Object. Rishab