Why get a .US domain?
A .US domain is perfect for American-based businesses, causes, civic groups, and even individuals or families. You get a unique web address that helps you stand out in ways that highlight your roots in country and community. It’s a great way to differentiate yourself as the Internet becomes more crowded than ever.
What does .US mean?
Two things. First, .US is the “country code” web address for the United States, just as .UK is the country code address for the United Kingdom. .US is overseen by the US Department of Commerce. Second, “US” also has a more personal meaning, referring to people like a family or a group of friends. This newer use of .US opens up whole new possibilities.
How do I buy a .US domain?
What’s a TLD?
A TLD, or top-level domain, is a name at the top of the DNS naming hierarchy. It’s the string of letters following the last (rightmost) “.”. Examples of TLDs include .biz, .com, and .us.
What’s the difference between a registry and a registrar?
.US is a registry. It manages everything related to the .US TLD, in particular matters having to with the domain name system (DNS). A registry maintains a database of all domains in its TLD and ensures the domains can be found by Internet users all over the world. A registrar, on the other hand, is an accredited retailer of domain names, for example, Go Daddy. Registrars sell domain names from any TLD they choose: .US., com., .net, or .co to name a few.
What is WHOIS?
WHOIS provides information on individual domain registrations. The information typically includes the domain name, sponsoring registrar, key dates, name server information, and contact information.
1. What is .US TLD?
.US is “America’s Address.” It is the official country code top-level domain (ccTLD) for the United States within the global domain name system (DNS).
2. What makes .US unique and why do I need it?
.US is America’s address on the Internet. All U.S. residents, government entities, public service organizations, and businesses can establish an American identity on the Internet with America’s address. (e.g., johnsmith.us, publicservice.us, mycompany.us). .US names are very popular with consumers for applications like email, digital identity, and personal web sites. Government and public interest organizations use .US addresses to enable citizen-centric e-Gov applications and to serve the needs of the American people. Finally, businesses use .US domain names to promote themselves as American companies to inspire consumer confidence and to encourage consumers to “buy American.”
3. Who can register a .US domain name?
Any U.S. citizen or resident, as well as any business or organization, including federal, state, and local government with a bona fide presence in the United States can register a .US domain name. One of the following eligibility requirements must be met:
- A natural person (i) who is a citizen or permanent resident of the United States of America or any of its possessions or territories or (ii) whose primary place of domicile is in the United States of America or any of its possessions, or
- Any entity or organization that is incorporated within one of the fifty (50) U.S. states, the District of Columbia, or any of the United States possessions or territories or (ii) organized or otherwise constituted under the laws of a state of the United States of America, the District of Columbia, or any of its possessions or territories, or
- An entity or organization (including federal, state, or local government of the United States, or a political subdivision thereof) that has a bona fide presence in the United States.
4. What is the price of a .US domain name?
Market-based retail prices for .US domain names are established by .US-Accredited Registrars and their resale channel partners. The pricing structure is an annual subscription fee; multi-year subscriptions are available.
5. Now that I have my .US domain name, how and when can I send and receive email using my new .US address?
Most retail providers of web addresses also provide email services. Your personalized .US email account can typically be (1) set up during the registration process when you register your domain name, or (2) added to your account afterward at the retailer’s website.
6. Where can I register a second level .US domain name?
.US domain names are available through Accredited Registrars and their Resellers. To find your ideal .US web address, please click here and register through one of our .US Retail partners.
7. How do I transfer my .US domain name?
Domain name transfers fall in one of two categories:
- Registrant Transfer or Name Change — Each Registrar has unique requirements for making changes to the registrant field of a domain name. Registrants must contact the sponsoring Registrar for information regarding Registrant Name Changes and/or Transfers. The sponsoring Registrar appears in line 3 of each domain name’s WHOIS record (www.whois.us).
- Registrar-to-Registrar Transfer — .US Registry rules require that a domain name be registered for a minimum of 60 days, and be in PAID status with the current sponsoring Registrar before it can be transferred to another Registrar. If your domain name meets these requirements, contact your current sponsoring Registrar and request for the < AUTHINFO > code, which the gaining Registrar needs in order to initiate the transfer process for your domain. Sponsoring Registrars can obtain this code by sending a < DOMAIN_INFO > EPP command to their Registry.
8. What is an <AUTHINFO> code?
An < AUTHINFO > code is a six- to 16-character “password” assigned by a sponsoring Registrar. It identifies your domain name in the Registry. No domain name transfer request can be successfully executed without this password. Registrars are contractually required to provide this code upon registrant request. Registrants are advised to protect their < AUTHINFO > codes to avoid unauthorized transfers of domain names.
9. How will current Delegated Managers be affected?
Delegated Managers continue to play their role in the “locality space.” Currently, no new delegation requests are being accepted. Neustar has worked diligently since 2006 to administer the Delegated Manager and US Locality domain Registrations Agreements and update delegated manager contact information in an effort designed to improve the overall operational efficiency and service to domain name holders within the locality domain space.
11. How do I change a Permanently Reserved .US Domain Name to resolve on the Internet?
A Domain Name that has been established as a Permanent Domain Name Reservation will need to be activated through the purchase of a Lifetime Registration. Please direct questions to: support.us@Neustar.us. If you wish to speak with a customer service representative please call +1 571-434-5728.
12. Who can become a .US-Accredited Registrar?
Any organization that meets the .US Accreditation criteria can be an Accredited Registrar partner for .US domain names. The accreditation process and criteria may be found by emailing us at Admin@about.us
13. What is a reserved name?
A reserved name is a name that is not available for general public registration, and is subject to additional rules, restrictions or processes.
14. Where can I see a list of reserved .US names?
The complete list of reserved names can be found here. Below are the following categories of reserved names:
- All numbers five digits and higher
- All numbers in the format five digits-four digits (zip codes)
- All telephone numbers including toll-free numbers
- Tagged domain names — all labels with hyphens in the third and fourth character positions (e.g. “bq–kn2n4h4b”)
15. Why are some .US names reserved?
Names are reserved to protect important local and national naming resources to reserve spaces within .US for future enhancement of the domain and to protect technical Internet interoperability. Policy changes relative to the reserved list are subject to Department of Commerce review and approval prior to implementation.
16. Why does my domain name have the term “unknown contacts” in the WHOIS?
Neustar began administering the .US top-level domain space in November 2001. Much of the data that existed prior to then was either incomplete or, in some cases, nonexistent. Therefore, when we completed the .US WHOIS to include locality-based domains, it reflected (and continues to reflect) the incomplete data, and needs to be updated by the registrant. Refer to FAQ 17 for more information.
17. How do I update/change my .US Locality Domain Name information that is reflected in the WHOIS database?
With all of the .US locality based domains now displayed in a public WHOIS, we request that you provide us with the information listed below for any contact and name server changes. This process protects your domain name data from being accessed by an unauthorized party.
- Signed letter (city/organization letterhead) requesting the update or change.
- A completed template (txt): signed and notarized by a notary public.
- .US Domain Registration Agreement
If your domain is a 3rd level, and you have not already done so, you must submit a signed copy of the Delegated Manager Agreement instead of the .US Domain Registration Agreement. Send your completed paperwork via regular mail to:
.US Locality Registry
Neustar Customer Service
1650 Lyndon Farm ct.
Louisville, KY 40223
Upon receipt of your original properly endorsed documents, we will complete the requested updates and issue you a password to make future changes without having to send us the above paperwork again, unless it is for a different domain name. If you lose your password, you must submit the paperwork again for any desired changes to your domain name.
18. How long does it take to process my contact or nameserver change request?
If all information is filled out correctly and we have received the authorized documents, these are generally processed in 3 to 5 business days.
19. Which locality domains are included in the .US WHOIS?
Second-, third-, fourth-, fifth- and sometimes sixth-level domain names are included.
20. I have a third/fourth/fifth/sixth-level locality .US domain name, but I can’t find it in the .US WHOIS. How can I correct this?
First, check in WHOIS for the delegated manager of the parent of your domain name. You can also send us (support.us@Neustar.us) an email, along with your domain name, and we will advise on whom to contact.
21. Can I place the .US logo on my personal/political/noncommercial website?
Yes, provided your company or organization agrees to the marketing guidelines and terms and conditions described in the .US Brand Identity Guidelines. You must agree to the .US Marketing Guidelines in order to download or use any .US collateral. You may find .US marketing assets and resources by clicking here.
22. What is PendingDelete Status?
When deleted, all domains that have been registered for more than 5 days are initially placed on PendingDelete status before being purged from the Registry database and made available for registration. The exception to this rule is domains that are deleted within the first 5 days of the initial registration. These domains will be purged immediately, and not be placed in PendingDelete status. Domains remain on PendingDelete status for a period of 35 days before being purged, unless they are “redeemed” by the sponsoring registrar. This period is known as the Redemption Grace Period (RGP). See below for more information on RGP and domain redemptions.
23. What is the Redemption Grace Period (RGP)?
The Redemption Grace Period is the 35 days following the deletion of a domain. The purpose of RGP is to allow registrars and/or registrants to correct for inadvertent deletions. During the first 30 days of the Redemption Grace Period, registrars may request the Registry to redeem a deleted domain, and thus restore it to its original disposition prior to deletion. Redemptions may NOT be performed during the final 5 days of the RGP. The whois record indicates if a domain is eligible for redemption. Domains that are eligible are marked “PendingDelete (RESTORABLE)”. A domain that is “PendingDelete (SCHEDULED FOR RELEASE)” cannot be redeemed. All redemption requests must be submitted through your registrar.
24. How can I obtain a list of domains scheduled for release?
Reports containing domains scheduled for release can be found here.
25. What is DNSSEC?
DNSSEC stands for Domain Name System (DNS) Security Extensions, which enable DNS clients (resolvers) to (1) validate origin authentication of DNS data; (2) confirm data integrity; and (3) authenticate denial of existence.
26. What problem does DNSSEC solve?
DNSSEC helps to prevent DNS cache poisoning. Cache poisoning is a corruption of the DNS that enables the spread of viruses, worms, and other malicious files/content. Cache poisoning occurs when data is provided to a caching name server that did not originate from an authoritative Domain Name System (DNS) source. Once a DNS server receives non-authentic data and caches it for future use, it will then supply that non-authentic data to its client servers. The impact of cache poisoning on end users is that they may be directed to IP addresses they did not intend to reach, and may not be aware of the associated risks.
27. What problem does DNSSEC NOT solve?
DNSSEC does not solve Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks on any system. DNSSEC does not prevent incorrect data entry into a zone (if the IP address is entered wrong, it will not be corrected). DNSSEC’s improvement to other applications is limited to ensuring that applications get correct/authenticated information (such as addresses) and nothing more. Phishing attacks are still possible through carefully crafted email and spam delivery, sensitive information such as credit card numbers on a web server are not protected by DNSSEC.
28. How does DNSSEC work?
DNSSEC uses cryptographic electronic signatures to determine the authenticity of data. DNS clients that are DNSSEC-enabled will validate any DNS response received by automatically checking the authenticity of the cryptographic signatures. If the signatures are missing or don’t match, the response is not validated and the DNS will not pass the false information on to the user.
29. What’s the process for implementing DNSSEC?
Neustar has implemented DNSSEC at the .US TLD registry level. Our .US-accredited registrars are now able to register DNSSEC information on their customers’ behalf in the .US registry.
30. Does DNSSEC at the TLD registry-level impact the signing of the root zone, and vice-versa?
Neustar’s signing of the .US TLD zone does not impact or interfere with the signing of the root zone. With a signed .US TLD, the introduction of a signed root zone will be a seamless transition that will not require any incremental development work by registrars and registrants who support and utilize DNSSEC in .US prior to the root zone signing.
31. When did DNSSEC become available to .US registrars?
Neustar opened up the DS signing capabilities to all .US registrars on June 7th, 2010. Please contact Neustar Registrar Support at email@example.com for more information. NOTE: Neustar also enabled DNSSEC for .BIZ on August 1, 2010.
32. Are registrars required to implement DNSSEC?
.US accredited registrars are not required to implement DNSSEC at this time. Support for DNSSEC is optional but recommended to help secure and prevent cache poisoning in the .US domain.
33. When will DNSSEC be available to registrants?
.US registrants should contact their registrar of record to determine if their registrar already supports DNSSEC.
34. How is a DNSSEC query formed?
A DNSSEC query is formed by a DNS resolver. Recent versions of BIND have already been forming DNSSEC queries but have not been reacting to the resulting DNSSEC responses. In order to react to the DNSSEC responses in a way that makes use of DNSSEC, resolvers need to be configured with a DNSSEC public key. Currently, resolvers of US domains need to have the root DNSSEC public key.
35. How does a registrant sign a zone?
If the registrant is using a DNS managed service provider, they should contact the provider for instructions to how turn on DNSSEC. If the registrant is operating their own DNS set up, there are a number of steps to perform. First, make sure the tools in use are DNSSEC compatible. This may mean upgrading the DNS software. Second, after preparing and documenting a plan, create cryptographic key pairs and enter them in the zone. Third, run a DNSSEC zone signer (dependent on the tools in use) to generate the first signed zone. The process of signing will have to be repeated as the signatures will have a limited lifetime. The final step is to publish the zone.
36. Where can more information on DNSSEC be found?
The best general collection of information on DNSSEC can be found at this website: www.dnssec.net