Computerworld

Internal-use SSL certificates pose security risk for upcoming domain extensions

The practice of issuing SSL certificates for internal domain names with unqualified extensions could endanger the privacy and integrity of HTTPS communications for upcoming generic top-level domains ...
ZDNet

Slow clap: Internal certificates can hijack gTLDs

Domain name squatting could become more than an inconvenience due to an oversight on how internal site certificates can be used on generic top level domains (gTLDs) without necessarily being the owner ...