Definitions

What’s a TLD?

A TLD, or top-level domain, is a name at the head of the Domain Name System (DNS) naming hierarchy. It’s the string of letters following the last (rightmost) “.”. Examples of TLDs include .biz, .CO, .club and .US.

What is a ccTLD?

A ccTLD, or country code top-level domain, is a domain extension reserved by a country, sovereign state or territory. Country code top-level domains are typically denoted by only being two characters, like .US, .UK or .DE. There are several ccTLDs that are also used as generic brand domain extensions, or gccTLDs, including .CO, .US, .ME, .WS, .GE or .LY.

What is a registrant?

A registrant is a company, organization or individual who desires to register and use a domain name.

What’s the difference between a registry and a registrar?

A registry maintains a database of all domains in its TLD namespace and ensures domains can be found by Internet users all over the world. A registrar, on the other hand, is an accredited partner of a registry. Registrars sell domain names and other web services to customers. Registrars choose to offer a variety of TLDs like: .US., com., .net, or .CO to name a few.

What is a .US reserved domain name?

A reserved name is a name that is not available for general public registration, and is subject to additional rules, restrictions or processes.

What is WHOIS?

A WHOIS database provides information on individual domain registrations. Every registry is required to maintain a WHOIS database with details about registered domain names as well as contact information about the owners of such names. The information typically includes the domain name, sponsoring registrar, key transaction dates, name server information, and contact information. Information for .US domains may be found at www.WHOIS.us.

General Information

Who is the usTLD Administrator?

Neustar Inc., a leading provider of registry services, manages the .US domain name on behalf of the U.S. Department of Commerce. Neustar, Inc. supports all marketing efforts and operates the technical infrastructure of the .US domain. The company provides full technical, operational, policy, and marketing support.

Who is Neustar?

Neustar Registry is a domain name industry pioneer — Neustar Registry has played a role in the growth and evolution of nearly every aspect of the domain name space. Today Neustar is the world's largest provider of digital naming services, with a dream team of the industry's most passionate leaders, innovators, and influencers.

What is the relationship between the usTLD Admnistrator and ICANN?

As a ccTLD, the usTLD Registry is not bound by ICANN policies, nor does it currently have in place any accountability frameworks or exchange of letters defining any specific accountabilities. This said, we have great respect for the ICANN global consensus process and have implemented many ICANN- supported best practices on policy and procedural matters in developing the .US Top-Level Domain.

We have become a member of ICANN’s ccNSO, which is an independent process that entails developing policies that are binding for ccNSO members within the limits of national law. We will continue to reference and consider ICANN supported policies and watch with interest the evolution of policies and practices as the Departmetn of Commerce continues to define and refine registry policies.

The usTLD registry is deeply committed to ensuring the safety, security and integrity of the .US namespace and will continue to monitor and implement best practices promoted by ICANN and other industry leaders as we move forward.

Can I use .US brand assets on my website?

Yes, provided your company or organization agrees to the marketing guidelines and terms and conditions described in the .US Brand Identity Guidelines. You must agree to the .US Marketing Guidelines in order to download or use any .US collateral. You may find .US marketing assets and resources by clicking here.

Domain Management

How do I buy a .US domain?

You may search and register for your .US idea, business or blog website name by clicking here. Once found, you may register with your preferred .US provider or one of the retailer choices we offer.

Where can I register a .US domain?

.US domains may be registered through any .US accredited registrar or their reseller. A list of .US accredited registrars may be found here.

Who can register a .US domain name?

Any U.S. citizen or resident, as well as any business or organization, including federal, state, and local government with a bona fide presence in the United States can register a .US domain name. One of the following three eligibility requirements must be met:

  1. A natural person (i) who is a citizen or permanent resident of the United States of America or any of its possessions or territories or (ii) whose primary place of domicile is in the United States of America or any of its possessions, or
  2. Any entity or organization that is incorporated within one of the fifty (50) U.S. states, the District of Columbia, or any of the United States possessions or territories or (ii) organized or otherwise constituted under the laws of a state of the United States of America, the District of Columbia, or any of its possessions or territories, or
  3. An entity or organization (including federal, state, or local government of the United States, or a political subdivision thereof) that has a bona fide presence in the United States.

Will proxy registrations, sometimes called "domain privacy” be alllowed on my .US domain name?

Proxy, or privatized registrations, are not permitted under current policy.

The .US TLD has an ongoing interest in ensuring that its top-level domain is administered in a secure manner and that the information contained within .US is reliable, accurate, and up-to date. One of the mechanisms to ensure the integrity of the .US namespace is the through the collection of true registrant information. The .US Registry employs an algorithm to detect the inadvertent or intentional registration of proxy, anonymous and/or private domain name registrations, and enforces a registrar’s obligation to not offer such services to .US domain name registrants.

Are Internationalized Domain Names (IDNs) offered in .US?

.US does not currently offer IDN registrations, however we suggest you periodically check the official .US website for updates.

Why are some .US domain names reserved?

Names are reserved to protect important local and national naming resources to reserve spaces within .US for future enhancement of the domain and to protect technical Internet interoperability. Policy changes relative to the reserved list are subject to Department of Commerce review and approval prior to implementation.

The .US domain name I am looking for is unavailable and appears reserved. Where can I see a list of reserved .US domain names and policies?

The complete list of reserved names can be found here. Below are the following categories of reserved names:

  • All numbers five digits and higher
  • All numbers in the format five digits-four digits (zip codes)
  • All telephone numbers including toll-free numbers
  • Tagged domain names — all labels with hyphens in the third and fourth character positions (e.g. “bq–kn2n4h4b”)

How do I change a Permanently Reserved .US Domain Name to resolve on the Internet?

A .US domain name that has been established as a Permanent Domain Name Reservation will need to be activated through the purchase of a Lifetime Registration. Please direct questions to our .US customer support at: support.us@neustar.us.

How do I transfer my .US domain name?

Domain name transfers fall in one of two categories:

  • Registrant Transfer or Name Change — Each registrar has unique requirements for making changes to the registrant field of a domain name. Registrants must contact the sponsoring registrar for information regarding Registrant Name Changes and/or Transfers. The sponsoring registrar appears in line 3 of each domain name’s WHOIS record (www.whois.us).
  • Registrar-to-Registrar Transfer — .US Registry rules require that a domain name be registered for a minimum of 60 days before it can be transferred to another registrar. If your domain name meets these requirements, contact your current sponsoring registrar and request for the < AUTHINFO > code, which the gaining registrar will use to initiate the transfer process for your domain.

What is an code?

An < AUTHINFO > code is a six- to 16-character “password” assigned by your sponsoring registrar to be used during domain name transfers. It identifies your domain name in the Registry. No domain name transfer request can be successfully executed without this password. Registrars are contractually required to provide this code upon registrant request. Registrants are advised to protect their < AUTHINFO > codes to avoid unauthorized transfers of their domain names.

What is the Redemption Grace Period (RGP)?

The Redemption Grace Period (RGP) is the 35 days following the deletion of a .US domain name. The purpose of RGP is to allow registrars and/or their registrants to correct for inadvertent deletions. During the first 30 days of Redemption Grace Period, registrars may request the Registry to redeem a deleted domain, and thus restore it to its original status prior to deletion. Redemptions may not be performed during the final 5 days of RGP. The WHOIS record indicates if a domain is eligible for redemption. Domains that are eligible are marked “PendingDelete (RESTORABLE)”. A domain that is “PendingDelete (SCHEDULED FOR RELEASE)” cannot be redeemed. All redemption requests must be submitted through your registrar.

What is PendingDelete Status?

When deleted, all domains that have been registered for more than 5 days are initially placed on PendingDelete status before being purged (or dropped) from the Registry database and made available for registration. The exception to this rule is domains that are deleted within the first 5 days of initial registration. These domains will be dropped immediately, and not be placed in PendingDelete status. Domains remain on PendingDelete status for a period of 35 days before being dropped, unless they are “redeemed” by the sponsoring registrar. This period is known as the Redemption Grace Period (RGP). See below for more information on RGP and domain redemptions.

How do I find a list of .US domains scheduled to be released from the Registry?

A list of upcoming .US domain deletions can be obtained from our .US Expiration Reports found here.

What should I do if someone infringes on a trademark I own with a .US domain name?

If you believe that your trademark rights are being infringed upon by someone who has registered a .US domain name, you can contact the domain owner directly by finding their contact information on the .US WHOIS <>. If direct contact does not resolve the conflict, then you have the option to utilize the usTLD Rapid Suspension Dispute Policy (usRS) or the usTLD Dispute Resolution Policy (usDRP) which have been implemented by the usTLD Administrator for domain dispute resolution.

How can I get access to the .US zone file?

To obtain access to the .US Zone file, you must complete, sign and return the .US Zone File Access Agreement. For additional information, including the ability to exectue the agreement please contact .US support at support.US@neustar.us

Domain Security

What is the .US Registry doing about Domain Name abuse such as phishing, malware, and spam?

The .US Registry has implemented Neustar, Inc.’s procedures to rapidly take down any website in cases where phishing, pharming, malware, or other significant security threats have been identified. We are also reviewing procedures and policies to quickly suspend domains in instances where serial cyber-squatting can be established.

What is DNSSEC?

DNSSEC stands for Domain Name System (DNS) Security Extensions, which enable DNS clients (resolvers) to (1) validate origin authentication of DNS data; (2) confirm data integrity; and (3) authenticate denial of existence.

What problem does DNSSEC solve?

When implemented end-to-end, DNSSEC protects end users from exposure to DNS cache poisoning. Cache poisoning is a corruption of the DNS that enables the spread of viruses, worms, and other malicious files/content. Cache poisoning occurs when data is provided to a caching name server that did not originate from an authoritative Domain Name System (DNS) source. Once a DNS server receives non-authentic data and caches it for future use, it will then supply that non-authentic data to its client servers. The impact of cache poisoning on end users is that they may be directed to IP addresses they did not intend to reach, and may not be aware of the associated risks.

What problem does DNSSEC NOT solve?

DNSSEC does not solve Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks on any system. DNSSEC does not prevent incorrect data entry into a zone (if the IP address is entered wrong, it will not be corrected). DNSSEC’s improvement to other applications is limited to ensuring that applications get correct/authenticated information and nothing more. Phishing attacks are still possible through carefully crafted email and spam delivery. Sensitive information such as credit card numbers on a web server are encrypted via secure socket layers (SSL), and not through DNSSEC.

How does DNSSEC work?

DNSSEC uses cryptographic electronic signatures (referred to as public and private keys) to determine the authenticity of data. DNS clients that are DNSSEC-enabled will validate any DNS response received by automatically checking the authenticity of the cryptographic signatures. If the key is missing or not recognized, the response is not validated and the DNS will not pass the false information on to the user.

What’s the process for implementing DNSSEC?

At this time, DNSSEC is fully deployed on the usTLD and is accepting submissions known as DS records, since July 15, 2010. .US accredited registrars will be able to register DNSSEC information on their customers’ behalf. For more information on how to submit DS records, please contact your specfic domain name provider.

Is there a requirement that registrars implement DNSSEC?

.US accredited registrars are not required to implement DNSSEC. Support for DNSSEC is optional but recommended to help secure and prevent cache poisoning in the .US namespace.

Is DNSSEC available to .US web address holders?

The .US TLD implemented DNSSEC in its namespace in June 2010. However, .US web address holders should contact their sponsoring registrar or domain name provider to determine if and when DNSSEC is supported.

How does a customer sign a .US zone with DNSSEC?

If the customer is using a DNS managed service provider, they should contact the provider for instructions to turn on DNSSEC. If the customer is operating their own DNS set up, there are a number of steps to perform. First, make sure the tools in use are capable of DNSSEC. This may mean upgrading the DNS software. Second, after preparing and documenting a plan, create cryptographic key pairs and enter them in the zone. Third, run a DNSSEC zone signer (dependent on the tools in use) to generate the first signed zone. The process of signing will have to be repeated as the signatures will have a limited lifetime. The final step is to publish the zone. The managed service provider should be able to provide guidance along the way.

Where can more information be found on DNSSEC?

A general collection of information on DNSSEC can be found here.

.US Locality Management

How do I register a new .US Locality Domain Name?

The .US Locality Domain Name Registration Agreement sets forth the terms and conditions governing a Registrant’s use of registered .US locality domain name(s) for which Neustar is the Delegated Manager and by which Neustar governs all Delegated Managers. Neustar is currently unable to process new third-level domain name requests. For new fourth- or fifth- level domain requests connected to your current approved .US Locality, pleae contact .US Customer Support at support.us@neustar.us.

How long does it take to process my locality domain name contact or nameserver change request?

If all information is filled out correctly and we have received the authorized documents, these are generally processed in 3 to 5 business days.

How do I update/change my .US Locality Domain Name information that is reflected in the WHOIS database?

With all of the .US locality based domains now displayed in a public WHOIS, we request that Registrants provide us with the information listed below for any contact and name server changes. This process protects your domain name data from being accessed by an unauthorized party.

  1. Signed letter (city/organization letterhead) requesting the update or change.
  2. .US Domain Registration Agreement
  3. If your domain is a 3rd level, and you have not already done so, you must submit a signed copy of the Delegated Manager Agreement instead of the .US Domain Registration Agreement. Send your completed paperwork via regular mail to:

    .US Locality Registry
    Neustar Customer Service
    1650 Lyndon Farm ct.
    Suite 300
    Louisville, KY 40223

Upon receipt of your original properly endorsed documents, we will complete the requested updates and issue you a password to make future changes without having to send us the above paperwork again, unless it is for a different domain name. If you lose your password, you must submit the paperwork again for any desired changes to your domain name.

Why does my locality domain name have the term “unknown contacts” in the WHOIS?

Neustar began administering the .US top-level domain space in November 2001. Much of the data that existed prior to that time was either incomplete or, in some cases, nonexistent. Therefore, when we updated the .US WHOIS to include locality-based domains, it reflected the incomplete data, and needs to be updated by the registrant.

Which locality domains are included in the .US WHOIS?

Second-, third-, fourth-, fifth- and sometimes sixth-level domain names are included.

I have a third/fourth/fifth/sixth-level locality .US domain name, but I can’t find it in the .US WHOIS. How can I correct this?

First, check in WHOIS for the delegated manager of the parent of your domain name. You can also send us an email at support.us@neustar.us, along with your domain name, and we will advise on whom to contact.

Can I become a .US Locality Delegated Manager?

Delegated Managers continue to play their role in the “locality space.” Currently, no new delegation requests are being accepted. Neustar has worked diligently since 2006 to administer the delegated manager and .US Locality domain Registrations Agreements and update delegated manager contact information in an effort designed to improve the overall operational efficiency and service to domain name holders within the locality domain space.

Registrars & Resellers

Who can become a .US-Accredited Registrar?

Any organization that meets the .US Accreditation criteria can become an Accredited Registrar partner for .US domain names. The accreditation process and criteria may be found by emailing us at Admin@about.us.

Which Registry Services Provider (RSP) does the .US Registry use for its technical provisions?

The Department of Commerce has chosen Neustar as its administrator for all .US registry services including technical, marketing, policy and operational support. Neustar Registry is the world's largest provider of digital naming services and has provided the platform for .US domain name registrars since 2002. As a domain industry pioneer, Neustar has played a role in the growth and evolution of nearly every aspect of the domain name space.

Where can I find technical support in relation to my .US accreditation?

For technical support for .US Registrars or Resellers, please contact your Neustar Relationship Manager or .US customer support at support.us@neustar.us.