Skip to main content

Nominet proposes to open - and monitor - 2nd level domains

Posted by malcolm on Monday, October 1st, 2012 at 13:56

Nominet, the operator of the DNS registry for .uk, has issued a consultation on opening the second level for direct registration, allowing domains of the form Nominet will continue to operate and accept new registrations in the third level, for example under and

Nominet is branding this direct registration initiative

Security and monitoring

In 2010 Nominet adopted as part of its mission statement “Delivering a safe and secure .uk”. In furtherance of that objective registrations will be subject to a variety of new security measures:

  • DNSSEC signing of registrations will be mandatory
  • Nominet will apply “routing monitoring of domains for malware and viruses”, and will “notify registrants when their domains is affected and provide advice and guidance on steps that they can take to eliminate the malware or virus”.
  • Nominet will suspend domain registrations in cases where malware or a virus persists on the domain, until such time as it has verified the domain to be malware and virus free.
  • Nominet will also launch a visible “trust mark” that web site operators can use to promote the presence of these security measures.

Nominet’s FAQ gives the opportunity to boost security as the #1 reason to makes these proposals

Q. Why are you proposing to introduce .uk?
A. We believe that this new service can help create and even more trusted online home for British businesses. We how it will help guard against cybercrime (which costs the UK approx £27 billion per year) and play its part in created a trusted space for businesses and consumers.

We know there is market demand. Recent research indicates businesses require effective and convenient tools to ensure the integrity of their online presence and achieve a high degree of customer confidence. Since our inception in 1996, we have been asked several times about whether registrations at the second level would be possible.

— Nominet consultation paper,

FAQ on page 18

Nominet also states

We believe that these measures would provide tools that actively address the UK Government’s Cyber Security Guidance for Business and its Ten Steps to Reduce Cyber-Security Risk, specifically the steps relating to Malware Protection and Network Security to protect against internal and external attack.

— Nominet consultation paper, p. 7

Handing Nominet the right to scan domains for malware and suspend them where it persists is likely to be the most controversial of these proposals. Nominet justifies the proposal by saying

Ensuring internet users’ confidence that visiting domains in will expose them to minimal risk of infection is a key feature of our proposals. As such, we believe that registrants should be required to resolve the infection following notifications as soon as reasonably possible in order to preserve the integrity and trust of the space.

— Nominet consultation paper, p.7

Nominet does not clarify exactly what it means by “monitoring the domain” for malware and viruses. For technical reasons, it might be presumed that the monitoring will be limited to scanning public pages of web sites operated on each domain, but no specifics are given in Nominet’s announcement.

UK postal addresses only

Nominet is proposing that registrations in be limited to registrants with verifiable UK postal addresses where they can be served with notices. It suggests that the registration process might involve it asking for a UK postal address, and then posting a PIN code to address, which must then be resubmitted online in order to complete the registration (page 9).

No re-sale at the third level

Nominet is proposing to prohibit successful applicants from reselling sub-domains created at the third level. Registrants will still be permitted to create sub-domains for their own use.

Its stated reason for this restriction is

“However, we also wish to ensure the integrity of the space and to avoid customer and registrant confusion and would thus seek to minimise abuse and contractually prevent the sale of sub-domains by registrants to third parties.”

— Nominet consultation paper, p.11

Two sunrise periods

When registrations are first launched, Nominet plans to operate not one but two “sunrise periods”, before first-come first-served begins: in the first sunrise period, owners of registered trademarks will have first choice of domains corresponding to their trademarks; in the second, existing registrants with domains in use in the third level, such as and, will have a chance alongside others claiming “unregistered trade mark rights” to claim a corresponding domain, before new applicants.

The future

Nominet is not currently proposing to extend the security and address verification requirements in .uk to existing domains in and

It says:

It would be unfair to retrospectively impose a new suite of features and requirements on or any of our other TLDs. is already very successful and not all of the existing registrants would want or need the features we are proposing to include in the new service. We are expanding the portfolio to provide a greater choice within the respected .uk portfolio for businesses.

On the other hand, some might think that the same justification for restricting resale of sub-domains, that web site visitors might be confused as to whether they are protected by Nominet’s security enforcement procedures, would also apply to If these proposals go ahead, domains under other pre-existing second level domains would be the only domains under .uk that didn’t benefit from Nominet’s security enforcement measures, which might then be said to lead to “confusion” and harm the “integrity” of the “trusted .uk space”.

Nominet’s consultation therefore also asks if respondents believe aspects of this proposal should also be introduced into over time.

Consultation process

Nominet’s consultation is available for comments, which must be received by 7th January 2013.

With over 780 members connecting from over 76 different countries worldwide, LINX members have access to direct routes from a large number of diverse international peering partners.

© London Internet Exchange, 2018 Registered office: London Internet Exchange Limited, 2nd Floor, Trinity Court, Trinity Street, Peterborough PE1 1DA United Kingdom . Registered in England, Number: 3137929
VAT Registration Number: GB 665 9580 82 Head office main telephone number Telephone: +44 (0)1733 207700 Fax: +44 (0)1733 207729

Web Design by Web Design by Bluestorm Design & Marketing

Leave Feedback


This site uses cookies to store information on your computer. Some of these cookies are essential to make our site work and have already been set. By using our site you accept the terms of our Privacy Policy.