[akerl_]

“You can just move to your own <other TLD>” isn’t even remotely plausible. Any site with worthwhile traffic isn’t going to just forklift to a new TLD and convince all their users to switch over. Imagine if .com was considered untrustworthy and suddenly every user in the US had to use google.othertld, facebook.othertld, etc.

[topranks]

Yeah but if .com is untrustworthy then the game is up.

The operator of .com can use their control over it to get a valid TLS cert issued by any number of CAs.

So the situation is no different currently, trust in the DNS is essential.

[tptacek]

Again if that's true then the game is up, because the USG obviously controls .COM; they theatrically demonstrate that every time they take down a piracy site. But, spoiler! The game turns out not to be up.