While the trade group has objected to the new gTLDs because of trademark concerns, the Verisign and PayPal security concerns may indicate even more serious issues, Jaffe said Tuesday. "It would be reckless to move forward until these problems are resolved," he said.
ICANN said it takes the security issues raised by Verisign "very seriously," but the issues are addressed.
"Security of the DNS has always been paramount for ICANN," ICANN CEO Fadi Chehadé said in a statement. "Every issue raised by Verisign in this report has been discussed within the ICANN community during the development of the new gTLD program over the past eight years. The program is operationally on track and I anticipate no delays."
But Verisign said that rolling out multitudes of new gTLDs could cause problems for the DNS Root Zone, the highest level of the Domain Name System (DNS) structure, which contains the numeric IP addresses for all top-level domain names such as gTLDs like .com and .org as well as country code top-level domains like .us and .uk.
"Without a well constructed and well reasoned process model, and at the scale of changes foreseen with the addition of the unprecedented rate of the new gTLDs being added, the entire DNS hierarchy faces the potential for issues at or near the root of the DNS tree, and the fallout from such a change could affect all delegations," Verisign said.
ICANN seems to have taken a very "ICANN-centric role" with the rollout of new gTLDs and has given little consideration for registry operators that will need to prepare for the changes, including dealing with security implications, Verisign said.
"It actually appears as though there is little to no time allotted for operators to adequately prepare," Verisign said.
Loek is Amsterdam Correspondent and covers online privacy, intellectual property, open-source and online payment issues for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to email@example.com