I never got around to blogging this post, but it deserves mention. Apologies for that. Been a little busy.
You may know there's an idea to create a new TLD called .bank. The idea is that it would only be available to banks, making phishing more difficult. In my opinion it's a miniscule incremental improvement (among other problems, major banks aren't going to stop doing business on their old TLDs for many years, if ever, and consumers aren't going to stop trusting these TLDs for the same amount of time). eWeek editor Larry Seltzer rightly points out that if you're going to put indications of trustworthiness into the browser, a nice green bar and an EV SSL Certificate are probably the way to go.