This excerpt taken from the VRSN 10-Q filed May 12, 2008.
Services offered by our ISG rely on public key cryptography technology that may compromise our systems security.
Services offered by our Internet Services Group depend on public key cryptography technology. With public key cryptography technology, a user is given a public key and a private key, both of which are required to perform encryption and decryption operations. The security afforded by this technology depends on the integrity of a users private key and that it is not lost, stolen or otherwise compromised. The integrity of private keys also depends in part on the application of specific mathematical principles known as factoring. This integrity is predicated on the assumption that the factoring of large numbers into their prime number components is difficult. Should an easy factoring method be developed, the security of encryption products utilizing public key cryptography technology would be reduced or eliminated. Furthermore, any significant advance in techniques for attacking cryptographic systems could also render some or all of our existing public key infrastructure (PKI) services obsolete or unmarketable. If improved techniques for attacking cryptographic systems were ever developed, we would likely have to reissue digital certificates to some or all of our customers, which could damage our reputation and brand or otherwise harm our business. In the past there have been public announcements of the successful attack upon cryptographic keys of certain kinds and lengths and of the potential
misappropriation of private keys and other activation data. This type of publicity could also hurt the public perception as to the safety of the public key cryptography technology included in our digital certificates. This negative public perception could harm our business.