Initial (anonymous) author of TFA here:
Do not blame Verisign for issuing a temporary signature certificate without verification: this is stated clearly in their Level 1 certificate statuses and will sure be found with many other certificate issuers. The issue is completely on Apple for trusting a certificate of that kind for an over-the-air update. That kind of certificate is issued without any verification so you could have it delivered to any name you wanted, including your target's IT department. As mentioned in the article Apple should not use Safari's keychain to check the trust chain.
As mentioned in one of the posts below, this is a chicken-and-egg issue that has no obvious solutions. While making an OTA update process secure is a really hard problem, I do believe that Apple has not really looked into all the consequences of their choices. They have released a newer OTA protocol version with iPhone OS 3 which may be harder to subvert than this one.