ICANN has picked the TLD string that it will recommend for safe use behind corporate firewalls on the basis that it will never, ever be delegated.

The string is .internal, and the choice is now open for public comment.

It’s being called a “private use” TLD. Organizations would be able to use it behind their firewalls safe in the knowledge that it will never appear in the public DNS, mitigating the risk of public/private name collisions and data leakage.

.internal beat fellow short-lister .private to ICANN’s selection because it was felt that .private might lure people into a false sense of security.

While it’s unlikely that anyone was planning to apply for .internal as a commercial or brand gTLD in future, it’s important to note that when it makes it to the ICANN reserved list all confusingly similar strings will also be banned, un