Support & FAQs
1. What is .US TLD?
.US is “America’s Address.” It is the official country code top-level domain (ccTLD) for the United States within the global domain name system (DNS).
2. What makes .US unique and why do I need it?
.US is America’s address on the Internet. All U.S. residents, government entities, public service organizations, and businesses can establish an American identity on the Internet with America’s address. (e.g., johnsmith.us, publicservice.us, mycompany.us). .US names are very popular with consumers for applications like email, digital identity, and personal web sites. Government and public interest organizations use .US addresses to enable citizen-centric e-Gov applications and to serve the needs of the American people. Finally, businesses use .US domain names to promote themselves as American companies to inspire consumer confidence and to encourage consumers to “buy American.”
3. Who can register a .US domain name?
Any U.S. citizen or resident, as well as any business or organization, including federal, state, and local government with a bona fide presence in the United States can register a .US domain name. One of the following eligibility requirements must be met:
- A natural person (i) who is a citizen or permanent resident of the United States of America or any of its possessions or territories or (ii) whose primary place of domicile is in the United States of America or any of its possessions, or
- Any entity or organization that is incorporated within one of the fifty (50) U.S. states, the District of Columbia, or any of the United States possessions or territories or (ii) organized or otherwise constituted under the laws of a state of the United States of America, the District of Columbia, or any of its possessions or territories, or
- An entity or organization (including federal, state, or local government of the United States, or a political subdivision thereof) that has a bona fide presence in the United States.
4. What is the price of a .US domain name?
Market-based retail prices for .US domain names are established by .US-Accredited Registrars and their resale channel partners. The pricing structure is an annual subscription fee; multi-year subscriptions are available.
5. Now that I have my .US domain name, how and when can I send and receive email using my new .US address?
Most retail providers of web addresses also provide email services. Your personalized .US email account can typically be (1) set up during the registration process when you register your domain name, or (2) added to your account afterward at the retailer’s website.
6. Where can I register a second level .US domain name?
7. How do I transfer my .US domain name?
Domain name transfers fall in one of two categories:
- Registrant Transfer or Name Change — Each Registrar has unique requirements for making changes to the registrant field of a domain name. Registrants must contact the sponsoring Registrar for information regarding Registrant Name Changes and/or Transfers. The sponsoring Registrar appears in line 3 of each domain name’s WHOIS record (www.whois.us).
- Registrar-to-Registrar Transfer — .US Registry rules require that a domain name be registered for a minimum of 60 days, and be in PAID status with the current sponsoring Registrar before it can be transferred to another Registrar. If your domain name meets these requirements, contact your current sponsoring Registrar and request for the < AUTHINFO > code, which the gaining Registrar needs in order to initiate the transfer process for your domain. Sponsoring Registrars can obtain this code by sending a < DOMAIN_INFO > EPP command to their Registry.
8. What is an <AUTHINFO> code?
An < AUTHINFO > code is a six- to 16-character “password” assigned by a sponsoring Registrar. It identifies your domain name in the Registry. No domain name transfer request can be successfully executed without this password. Registrars are contractually required to provide this code upon registrant request. Registrants are advised to protect their < AUTHINFO > codes to avoid unauthorized transfers of domain names.
9. How will current Delegated Managers be affected?
Delegated Managers continue to play their role in the “locality space.” Currently, no new delegation requests are being accepted. Neustar has worked diligently since 2006 to administer the Delegated Manager and US Locality domain Registrations Agreements and update delegated manager contact information in an effort designed to improve the overall operational efficiency and service to domain name holders within the locality domain space.
11. How do I change a Permanently Reserved .US Domain Name to resolve on the Internet?
A Domain Name that has been established as a Permanent Domain Name Reservation will need to be activated through the purchase of a Lifetime Registration. Please direct questions to: support.us@Neustar.us. If you wish to speak with a customer service representative please call +1 571-434-5728.
12. Who can become a .US-Accredited Registrar?
Any organization that meets the .US Accreditation criteria can be a Registrar for .US domain names. The accreditation documents are posted on the Registrars
section of this web site.
13. What is a reserved name?
A reserved name is a name that is not available for general public registration, and is subject to additional rules, restrictions or processes.
14. Where can I see a list of reserved .US names?
The complete list of reserved names can be found here. Below are the following categories of reserved names:
- All numbers five digits and higher
- All numbers in the format five digits-four digits (zip codes)
- All telephone numbers including toll-free numbers
- Tagged domain names — all labels with hyphens in the third and fourth character positions (e.g. “bq–kn2n4h4b”)
15. Why are some .US names reserved?
Names are reserved to protect important local and national naming resources to reserve spaces within .US for future enhancement of the domain and to protect technical Internet interoperability. Policy changes relative to the reserved list are subject to Department of Commerce review and approval prior to implementation.
16. Why does my domain name have the term “unknown contacts” in the WHOIS?
Neustar began administering the .US top-level domain space in November 2001. Much of the data that existed prior to then was either incomplete or, in some cases, nonexistent. Therefore, when we completed the .US WHOIS to include locality-based domains, it reflected (and continues to reflect) the incomplete data, and needs to be updated by the registrant. Refer to FAQ 17 for more information.
17. How do I update/change my .US Locality Domain Name information that is reflected in the WHOIS database?
With all of the .US locality based domains now displayed in a public WHOIS, we request that you provide us with the information listed below for any contact and name server changes. This process protects your domain name data from being accessed by an unauthorized party.
If your domain is a 3rd level, and you have not already done so, you must submit a signed copy of the Delegated Manager Agreement instead of the .US Domain Registration Agreement. Send your completed paperwork via regular mail to:
.US Locality Registry
Neustar Customer Service
1650 Lyndon Farm ct.
Louisville, KY 40223
Upon receipt of your original properly endorsed documents, we will complete the requested updates and issue you a password to make future changes without having to send us the above paperwork again, unless it is for a different domain name. If you lose your password, you must submit the paperwork again for any desired changes to your domain name.
18. How long does it take to process my contact or nameserver change request?
If all information is filled out correctly and we have received the authorized documents, these are generally processed in 3 to 5 business days.
19. Which locality domains are included in the .US WHOIS?
Second-, third-, fourth-, fifth- and sometimes sixth-level domain names are included.
20. I have a third/fourth/fifth/sixth-level locality .US domain name, but I can’t find it in the .US WHOIS. How can I correct this?
First, check in WHOIS for the delegated manager of the parent of your domain name. You can also send us (support.us@Neustar.us
) an email, along with your domain name, and we will advise on whom to contact.
21. Can I place the .US logo on my personal/political/noncommercial website?
Yes, provided the conditions stated in the .US Brand Identity Guidelines
are sufficiently met. Contact support.us@Neustar.us
to request a zipfile containing a variety of .US logos in different sizes; the zipfile also contains a document detailing terms and conditions for the use of the .US logo.
22. What is PendingDelete Status?
When deleted, all domains that have been registered for more than 5 days are initially placed on PendingDelete status before being purged from the Registry database and made available for registration. The exception to this rule is domains that are deleted within the first 5 days of the initial registration. These domains will be purged immediately, and not be placed in PendingDelete status. Domains remain on PendingDelete status for a period of 35 days before being purged, unless they are “redeemed” by the sponsoring registrar. This period is known as the Redemption Grace Period (RGP). See below for more information on RGP and domain redemptions.
23. What is the Redemption Grace Period (RGP)?
The Redemption Grace Period is the 35 days following the deletion of a domain. The purpose of RGP is to allow registrars and/or registrants to correct for inadvertent deletions. During the first 30 days of the Redemption Grace Period, registrars may request the Registry to redeem a deleted domain, and thus restore it to its original disposition prior to deletion. Redemptions may NOT be performed during the final 5 days of the RGP. The whois record indicates if a domain is eligible for redemption. Domains that are eligible are marked “PendingDelete (RESTORABLE)”. A domain that is “PendingDelete (SCHEDULED FOR RELEASE)” cannot be redeemed. All redemption requests must be submitted through your registrar.
24. How can I obtain a list of domains scheduled for release?
Reports containing domains scheduled for release can be found here.
25. What is DNSSEC?
DNSSEC stands for Domain Name System (DNS) Security Extensions, which enable DNS clients (resolvers) to (1) validate origin authentication of DNS data; (2) confirm data integrity; and (3) authenticate denial of existence.
26. What problem does DNSSEC solve?
DNSSEC helps to prevent DNS cache poisoning. Cache poisoning is a corruption of the DNS that enables the spread of viruses, worms, and other malicious files/content. Cache poisoning occurs when data is provided to a caching name server that did not originate from an authoritative Domain Name System (DNS) source. Once a DNS server receives non-authentic data and caches it for future use, it will then supply that non-authentic data to its client servers. The impact of cache poisoning on end users is that they may be directed to IP addresses they did not intend to reach, and may not be aware of the associated risks.
27. What problem does DNSSEC NOT solve?
DNSSEC does not solve Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks on any system. DNSSEC does not prevent incorrect data entry into a zone (if the IP address is entered wrong, it will not be corrected). DNSSEC’s improvement to other applications is limited to ensuring that applications get correct/authenticated information (such as addresses) and nothing more. Phishing attacks are still possible through carefully crafted email and spam delivery, sensitive information such as credit card numbers on a web server are not protected by DNSSEC.
28. How does DNSSEC work?
DNSSEC uses cryptographic electronic signatures to determine the authenticity of data. DNS clients that are DNSSEC-enabled will validate any DNS response received by automatically checking the authenticity of the cryptographic signatures. If the signatures are missing or don’t match, the response is not validated and the DNS will not pass the false information on to the user.
29. What’s the process for implementing DNSSEC?
Neustar has implemented DNSSEC at the .US TLD registry level. Our .US-accredited registrars are now able to register DNSSEC information on their customers’ behalf in the .US registry.
30. Does DNSSEC at the TLD registry-level impact the signing of the root zone, and vice-versa?
Neustar’s signing of the .US TLD zone does not impact or interfere with the signing of the root zone. With a signed .US TLD, the introduction of a signed root zone will be a seamless transition that will not require any incremental development work by registrars and registrants who support and utilize DNSSEC in .US prior to the root zone signing.
31. When did DNSSEC become available to .US registrars?
Neustar opened up the DS signing capabilities to all .US registrars on June 7th, 2010. Please contact Neustar Registrar Support at email@example.com
for more information. NOTE: Neustar also enabled DNSSEC for .BIZ on August 1, 2010.
32. Are registrars required to implement DNSSEC?
.US accredited registrars are not required to implement DNSSEC at this time. Support for DNSSEC is optional but recommended to help secure and prevent cache poisoning in the .US domain.
33. When will DNSSEC be available to registrants?
.US registrants should contact their registrar of record to determine if their registrar already supports DNSSEC.
34. How is a DNSSEC query formed?
A DNSSEC query is formed by a DNS resolver. Recent versions of BIND have already been forming DNSSEC queries but have not been reacting to the resulting DNSSEC responses. In order to react to the DNSSEC responses in a way that makes use of DNSSEC, resolvers need to be configured with a DNSSEC public key. Currently, resolvers of US domains need to have the root DNSSEC public key.
35. How does a registrant sign a zone?
If the registrant is using a DNS managed service provider, they should contact the provider for instructions to how turn on DNSSEC. If the registrant is operating their own DNS set up, there are a number of steps to perform. First, make sure the tools in use are DNSSEC compatible. This may mean upgrading the DNS software. Second, after preparing and documenting a plan, create cryptographic key pairs and enter them in the zone. Third, run a DNSSEC zone signer (dependent on the tools in use) to generate the first signed zone. The process of signing will have to be repeated as the signatures will have a limited lifetime. The final step is to publish the zone.
36. Where can more information on DNSSEC be found?
The best general collection of information on DNSSEC can be found at this website: www.dnssec.net
37. When and why was the kids.us domain space created?
The Kids.us top-level domain was mandated by Congress a decade ago in the “Dot Kids Implementation and Efficiency Act of 2002,” (Public Law No. 107-317). At the time, Congress envisioned creating a kids.us domain to serve as a haven for material that promotes positive experiences for children and families using the Internet, provides a safe online environment for children, and helps to prevent children from being exposed to harmful material on the Internet.
38. Why, then, is the Kids.us space being suspended?
The National Telecommunications & Information Administation has determined that the kids.us domain is not serving its intended purpose as per the Dot Kids Act [Dot Kids Implementation and Efficiency Act of 2002. See http://www.ntia.doc.gov/files/ntia/publications/ustld_27_jun_2012_mod_012.pdf.
39. Can I still register or renew a Kids.us domain name between now and July 27, 2012 when the suspension becomes effective?
Technically, yes. However, Neustar has already notified registrars of the suspension and registrars have been encouraged to work with existing kids.us registrants to delete all kids.us domain name registrations by no later than June 27, 2013. Therefore, if you register a kids.us domain name prior to July 27, 2012, there is a good chance the domain will be deleted by your registrar in short order but in no event later than July 27, 2013. In addition, Neustar is no longer accepting applications for content review and therefore you will not be able to put any content on a newly registered kids.us domain website.
40. What will happen to my existing kids.us domain name?
In the event you do not proactively delete your kids.us domain name through your kids.us accredited registrar, Your domain name will expire on earlier of the “Domain Expiration date” shown in WHOIS (www.whois.us ), or June 27, 2013.
41.Will I be refunded for my current registration if I proactively delete it before expiration?
For any kids.us domain name that was registered prior to July 13, 2012 that expires after December 31, 2012, Neustar will be providing a refund to your Kids.us Accredited Registrar. Your Kids.us Accredited Registrar has been encouraged, but is not required, to pass through some or all of that refund to its kids.us registrants. . We recommend that you check with your registrar for any possible credits.
42. Will I have first preference to re-register my kids.us domain if the kids.us space ever gets re-established?
Yes. The NTIA has mandated that Neustar keep a record of all current kids.us domain name registrants in the event that the kids.us domain name space is re-established. If it is, you or your organization would be given the first right to your present domain.
43. Where can I find information about the Kids.us domain name space and the content policies Kids.us followed prior to its suspension?
Neustar has archived all of the Kids.us content policies which can be found here