Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

New gTLDs in 2026: what it means for domain trust


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: ICANN’s 2026 new gTLD round will add another wave of domain namespaces, with more than 1,200 new options introduced in the last expansion and registry operators expected to prove both financial and technical capability, according to DigiCert. Domain identity, DNS, PKI, and email authentication now have to be governed as one trust surface, not separate teams.

NHIMG editorial — based on content published by DigiCert: The next wave of new gTLDs is coming in 2026

Questions worth separating out

Q: How should security teams govern new gTLDs as part of digital trust?

A: Security teams should treat each domain as a governed identity asset, not a standalone technical asset.

Q: Why do new gTLDs increase identity governance complexity?

A: New gTLDs increase complexity because each additional namespace adds delegation, provider dependency, and trust verification work.

Q: What breaks when domain governance is split across different teams?

A: When domain governance is split, teams can make isolated changes that undermine the larger trust model.

Practitioner guidance

What's in the full article

DigiCert's full blog covers the operational detail this post intentionally leaves for the source:

  • The registry service provider evaluation context behind the 2026 application round
  • How UltraDNS, DigiCert ONE, and Valimail are positioned together in the domain trust stack
  • The practical scale implications of supporting more than 120 top-level domains
  • The article's own framing of how domain, identity, and email authentication converge

👉 Read DigiCert's analysis of the 2026 new gTLD round and digital trust →

New gTLDs in 2026: what it means for domain trust?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

New gTLD expansion turns the domain into an identity governance object. The article frames domain names as more than addressability, and that is the correct security lens. Once a domain becomes an anchor for trust, discoverability, and brand representation, it starts behaving like a governed identity asset rather than a static technical label. The implication is that IAM, security architecture, and digital trust teams need a shared operating model for domain ownership.

A few things that frame the scale:

  • Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
  • 91.6% of secrets remain valid five days after the targeted organisation is notified, which shows how slowly identity-related trust issues are often remediated in practice.

A question worth separating out:

Q: Who should be accountable for domain trust controls and delegation?

A: Accountability should sit with a named business owner and a named technical owner, supported by security and infrastructure governance. The organisation must be able to show who approved the domain, who operates it, and who can change it. That clarity matters because trust failures at the domain layer often cross team boundaries.

👉 Read our full editorial: New gTLDs in 2026 raise the stakes for domain identity



   
ReplyQuote
Share: