It's fixable, so fix it
"..all VeriSign SSL products issued on or after December 30 were immune to the attack."
Presumably because they were created using the SHA1 hash? A previous article (http://www.theregister.co.uk/2009/01/07/ssl_security_survey/) states that most issued certificates nowadays use SHA1 instead of the problematic MD5 signatures.
"..If he's wrong and the internet suffers a crippling blow, we'll have VeriSign to thank."
Do we blame locksmiths if burglars develop lockpicking tools? No, we use multiple levels of security for our premises and we use the latest security products as they become available.
The problem will be web-site owners (large corporations, banks, etc) not getting off their fat backsides and upgrading their old MD5 based certificates to SHA1.