The entire .app TLD has been added to the HSTS preload list, which means registrants will have to provision and set up SSL certificates in order for their content to be loaded in modern browsers.
The App-Domain is a secure namespace, meaning that HTTPS is required for all .app websites. You can buy your App-Domain now, but in order for it to work properly in browsers you must first configure HTTPS serving.
Bank-Domains and Insurance-Domains protect against phishing.
They use:
-DNSEC
-DMARC
-encryption practices
You can read the technical details at:
http://www.domainregistry.de/... if you scroll down to the chapter concerning Bank-Domains and Insurance-Domains.
Generally spoken:
If your domain -independent of the domain extension- uses a certificate, anycast name server and DNSSEC, your website will not be so vulnerable against attacks.
Hans-Peter Oswald
https://www.domainregistry.de/...
https://www.domainregistry.de/...
https://www.domainregistry.de/...
https://www.domainregistry.de/...
https://www.domainregistry.de/...
https://www.domainregistry.de/...