Generic TLDs Threaten Name Collisions and Information Leakage

CowboyRobot writes: As the Internet Corporation for Assigned Names and Numbers (ICANN) continues its march toward the eventual approval of hundreds, if not more than 1,000, generic top-level domains (gTLDs), security experts warn that some of the proposed names could weaken network security at many companies. Two major issues could cause problems for companies: If domain names that are frequently used on a company's internal network — such as .corp, .mail, and .exchange — become accepted gTLDs, then organizations could inadvertently expose data and server access to the Internet. In addition, would-be attackers could easily pick up certificates for domains that are not yet assigned and cache them for use in man-in-the-middle attacks when the specific gTLD is deployed.

So let's replace the current DNS with our own.

[Gavin Scott]

Personally I think the whole TLD thing is silly and unnecessary to begin with.

We should be able to come up with plenty of alternative mechanisms either for scoped naming schemes that actually make sense, or even some un-scoped global namespace convention that would eliminate the need for the .com and whatnot entirely.

And then what? Well, why not simply start an alternative DNS, or an entirely new from-scratch naming system based on the decades of experience with the current DNS? There's nothing magical abou