Generic TLDs threaten name collisions, information leakage

As the Internet Corporation for Assigned Names and Numbers (ICANN) continues its march toward the eventual approval of hundreds, if not more than a thousand, generic top-level domains (gTLDs), security experts are warning that some of the proposed names could weaken network security at many companies.

Generic TLDs threaten name collisions, information leakage

Two major issues could cause problems for companies: If domain names that are frequently used on a company's internal network--such as .corp, .mail and .exchange--become accepted gTLDs, then organizations could inadvertently expose data and server access to the Internet. In addition, would-be attackers could easily pick up certificates for domains that are not yet assigned and cache them for use in man-in-the-middle attacks when the specific gTLD is deployed.

Generic TLDs threaten name collisions, information leakage | Dark Reading