> Which will be a different domain, often administered by different people, because it's being used for the company's public infrastructure rather than its internal network.
Wat?
I've worked at 3-IT-person academic departments, 30-person start-ups, and 3000-person publicly traded corporations, and I've always seen the same domain used internally and externally.
The only exception is where I'm currently at, where the dumbasses who were here previously (and set things up initially) decided to use .local—instead of the sane thing, which would have been to peal off a sub-domain of the public domain we already have. I'd like to know which illegal substance they were using when that decision was made.
It's common for the people administering a company's public website and mail servers to be different people than the ones administering desktops and printers and Active Directory.
And the last of those is a major contributor to this since it wants to take over the domain it's on. You can solve this by delegating a subdomain to it, but now your internal use domain is longer, and there are security implications to this because now unrelated internal systems may e.g. have access to cookies set for the public website. Or have the ability to issue dynamic DNS updates, so an attacker who compromises a random low-level internal system can point a name inside the company's public domain to their own servers and even potentially have a TLS certificate issued to it via ACME, even if the public infrastructure hasn't been compromised.