so Icann who is mainly responsable for this because she refused to listen to the security community and sold several of the domainextensions that were untill now soleley used for internal networks like .intra has now put together a whole resource about domainname collision
which is nice - but doesn't excuse her for taking this decision in the first place
"A name collision occurs when an attempt to resolve a name used in a private name space (e.g. under a non-delegated Top-Level Domain, or a short, unqualified name) results in a query to the public Domain Name System (DNS). When the administrative boundaries of private and public namespaces overlap, name resolution may yield unintended or harmful results.
Name collisions are not new. The introduction of any new domain name into the DNS, whether a generic TLD, country code TLD or second-level domain name, creates the potential for name collision. However, queries for un-delegated TLDs at the root level of the DNS have received renewed attention because certain applied-for new TLD strings could be identical to name labels used in private networks. A secure, stable and resilient Internet is ICANN's number one priority. Therefore, we've made a commitment to the Internet community to launch a substantial effort to mitigate and manage name collision occurrence
the problem is that many purely internal networks with networknames will now sometimes have problems because the same domainname has been sold to someone else (for example bayer.intra can exist hidden and on the web)