[dns-operations] Happy birthday .ASIA
Florian Weimer
fw at deneb.enyo.de
Tue May 15 05:57:29 UTC 2007
* Edwin Groothuis:
> After listening to Mikko Hypponen at
> http://www.itconversations.com/shows/detail1782.html, I'm more
> wondering on what prevents .bank from popping up.
Some ideas:
(a) There are few banks that operate their own IT. This means that
.bank domains must be issued to non-banks. Probably, this is just
a technical difficulty that can be overcome.
(b) $50,000 per domain name translates to something between
$100,000,000 and $150,000,000 for a country such as Germany. This
is not too far away from the cost of issuing transaction-signing
tokens.
(c) .bank provides a convenient filter criterion for malware, making
data reduction easier. In countries with a modern banking system,
malware is already the more relevant threat as far as actual fraud
is concerned than fake web pages (but it's usually still called
"phishing").
(d) Without browser-side measures, it's unlikely that the new ".bank"
indicator will be recognized reliably by end users. Such browser
UI changes take years to materialize. (Note that some popular
browsers still do not make the URL bar mandatory, leading to
chrome-spoofing vulnerabilities.)
(e) Brand owners generally view new TLDs as a rip-off.
More information about the dns-operations
mailing list