[michaelt]

The problem is the new gTLDs don't increase the useful supply of domains.

For casual usage like personal blogs and whatnot? Sure, use whatever.

But if I was starting a web-based business and couldn't afford the .com? I'd rename the company before I'd use .xyz - if your business takes off the squatters will notice and raise their prices, so the .com will never be cheaper.

If you got an "urgent e-mail" saying your employer needed you to confirm you're legally allowed to work, and they directed you to experianrtw.app - would you go there and send them a photo of your passport?

[mrsilencedogood]

There are a few options, though. The fact that .io got so popular shows that we are not forever chained to .com. It's just that a lot of the nuTLD options are honestly hilariously bad, most of them are just lame. My personal top picks are ".online" and ".software" with mention to ".network" but they're all WAY too long. I actually use ".cafe" for my personal stuff because it's short and cute. Obviously can't use that for your SV rocketship company though.

Would it have been so hard to sit down and pick a couple short ones - yknow, ones people might actually use?

[politician]

Unfortunately, .io is now also unsafe with the upcoming transfer away from the UK; another cautionary tale for those considering not getting a .com.

I’ve been seeding government and business forms with a .io email address for years (to counter gmail dominance), and I’m quite concerned about the situation now.

[mrsilencedogood]

That's because it's a ccTLD, not because it's not dot-com though. The powers that be could very well decide to just promote it to be a gTLD if they wanted to not destroy stuff for no reason. Actual gTLDs aren't susceptible to the same kinds of issues.

[teddyh]

> The powers that be could very well decide to just promote it to be a gTLD

No, they can’t do that. Every two-letter TLD is defined to be a ccTLD, and nothing else.

[mrsilencedogood]

If they did that anyway, who would stop them? This seems like a great time to make an exception.

[miningape]

Literally, these are arbitrary strings following arbitrary rules. It's time to ditch ICANN and develop a parallel DNS that makes sense for today not the 90s.

[Sander_Marechal]

Yes they can. They did it before after the Soviet Union broke up and they kept the .su TLD. It's still active. I'd argue that keeping around .io is more important than keeping .su around, seeing how many people and businesses use .io domains.

[teddyh]

The Soviet Union ceased to exist. As long as the British Indian Ocean Territory is not breaking up or otherwise dissolving, it still is allocated a ccTLD.

[ArchOversight]

I use .network for my internal network with a proper FQDN. This allows me to get certs for internal services that validate in all browsers.

[yawaramin]

If I got an 'urgent email' I wouldn't go to any domain, I would contact my employer directly and confirm with them before doing anything. The people who would fall for this phishing scam would fall for almost any domain, because it's not about the domain.

[panarky]

Millions of people don't have an employer with an HR department they can call on the phone to confirm that an email is legitimate.

What if your primary source of income is Uber or Doordash or Etsy or Youtube?

[yawaramin]

All of these have support contacts for drivers/dashers/etc. Eg https://help.doordash.com/dashers/s/dasher-support?language=...

[poincaredisk]

What it you get an email from [yourbank].bank? Or if your mother got one?

It's never a single signal, and the more legitimate a domain looks, the bigger a chance is that someone fells victim to a scam.

[dc396]

Bad example. The requirements to register in .bank are quite rigorous (see https://register.bank/eligibility/). Phishers typically go for TLDs that impose far fewer requirements on their registrars.