Symantec, a computer security, antivirus, backup and SSL provider, wrote an article about the effect that new generic top-level domains (gTLDs) will have on SSL certificates.
There are already many new gTLDs that have been released by ICANN and there will be potentially over a thousand new gTLDs available in the next couple of years. These include not only new domains like .app, .blog, and .money, but words using non-English characters including Chinese, Korean and Arabic.
There is a big risk on how new gTLDs will impact existing SSL Certificates because of New gTLDs like .corp or .secure. Many companies have an internal network address ending in .corp or .secure. With new gTLDs, the possibility exists that a legitimate internal certificate for an internal network with a name could be moved to an externally facing web service once the new gTLDs go live on the internet.
“The challenge is issuance and network routing, and it is one all public Certificate Authorities (CAs) are working to address. SSL certificates are used not just for external webservers, but for internal secured connections as well on Exchange, Domino, as well as for SDKs and APIs. Additionally, there have been no official rules about what to name hosts on an internal network. Prior to the new ICANN announcements, many CAs already counseled against internal networks with gTLDs that are reserved for DNS, yet still these exist (mycompany.local) for a DMZ or internal network name. Likewise, many companies have an internal network address ending in .corp, which is on the list of newly requested gTLDs.