In an article out today The Register talks about how things could get screwed up with the new gTLD program.
From the article:
A plan to populate the internet with hundreds or thousands of new top-level domains has security researchers pondering some of the unintended consequences that could be exploited by online criminals. Some of the scenarios aren't pretty.
Consider the mayhem that might result from addresses that end in “exchange,” “mailserver,” “domain,” or other strings that are frequently used to designate highly sensitive resources on corporate and government networks.
If a glitch ever caused an email program or other application to reach one of these external addresses, instead of the internal server carrying the identical host name, the outcome could prove disastrous for the stability of the internet.
“There's going to be a lot of cause for confusion, and it's going to make things a lot more ambiguous than they are today,” said H D Moore, CSO of Rapid7 and chief architect of the Metasploit penetration testing project. “TLDs could break widely used software products.”
An even more dire scenario would arise if online criminals intentionally acquired a strategically named TLD and used the incoming connections to harvest passwords or mount attacks on the connecting clients.
A corporate laptop, for example, that connected to an airport hotspot rather than the normal enterprise network might connect to the domain name “mailserver” controlled by hackers, rather than the trusted internal server by the same name. Similar attacks could be waged with other strings, including “wpad,” “lan,” and “local.”
Read the full article HERE
In the application guidebook for the new gTLD’s one can read that such names like localhost etc etc cannot be registered.
I suggest to have the security “experts” read the documents at : http://www.icann.org/en/topics/new-gtlds/dag-en.htm
Sure not everything mentioned there is not engraved in stone and things might and will change. But TLD’s suggested by the security “experts” already been taken care off.