The beauty of the Internet is low barrier of entry for startups with potential. If .secure becomes popular among big guys, startups with similar features will be disadvantaged.
The complicated paperwork will not only drive phishers and scammers away. It also excludes people with little capital but a genuine intent to do business. We already have these barriers:
- Extended Validation SSL
- Merchant Account (including PCI compliance)
- All kinds of trust seals
The cost of these products can be several thousands of dollars every year and they have become pretty much a must-have for anyone who wants to be trusted more easily.
.secure will just impose another barrier, unfortunately.
If you're looking for secure payments, you can always direct customers to a .secure payments handler, in much the same way that Paypal does already. The whole domain wouldn't have to operate under a .secure domain, in fact that would be undesirable as it would diminish the importance of it customer's eyes if every major website is on a .secure domain.
EV SSL can be had for around $300 a year, there's an entire freaking industry that exists around card processing so you don't have to fuss around with PCI nonsense, and I've actually never seen a "trust seal" on a site that wasn't already shady at some point.
That said, .secure seems like a poor solution in search of a problem.
The complicated paperwork will not only drive phishers and scammers away. It also excludes people with little capital but a genuine intent to do business. We already have these barriers:
- Extended Validation SSL
- Merchant Account (including PCI compliance)
- All kinds of trust seals
The cost of these products can be several thousands of dollars every year and they have become pretty much a must-have for anyone who wants to be trusted more easily.
.secure will just impose another barrier, unfortunately.