Frequently Asked Questions

Top Questions

What is a gTLD (generic Top Level Domain)?

gTLD is one of the categories for Top-Level Domain Names. It stands for "generic" top-level domain, such as .org, .com, and .net. Other popular categories are ccTLD (country codes), which are managed or controlled by the particular country, and IDNs (Internationalized Domain Names). Domain names are either "open" or "closed": anyone can register for an open domain name, while closed domain names require an application process.

How many TLDs (Top Level Domains) are there today?

As of Q1 2014, there are approximately 328 top level domains. Of these, there are 22 gTLDs (.com, .org, etc.), 294 associated with country codes, and 12 special-purpose TLDs used for testing and infrastructure.

What is a domain name registry? A registrar? A registrant?

A domain name registry maintains and operates the master database for a given top-level domain (TLD), such as .org, .орг, .机构, and .संगठन. The registry ensures that each domain name registered with the associated domain extension is unique so that registrants can use them for their individual chosen purposes without interference or competition. The registry also generates a "zone file", which allows computers to route Internet traffic to and from .org, .орг, .机构, and .संगठन domain names around the world. Public Interest Registry is the registry for the .org, .орг, .机构, and .संगठन TLDs.

Following the Internet compliance rules outlined by the Internet Corporation of Assigned Names and Numbers (ICANN), registries such as Public Interest Registry do not accept domain name registrations directly from the public. Instead, registrars, the "retailers" that essentially register domain names on behalf of registrants, will submit the registration requests to the registries. Registrants are people or organizations that would like to register and use a domain name.

What are the new gTLDs (generic Top Level Domains)?

Beginning in 2013, new domain extensions, or generic Top Level Domains (gTLDs), will change how the world uses the web. People will have the option of choosing memorable and intuitive domain names specific to their online objectives and activities. New TLDs should help consumers know what to expect from the websites they visit, making it easier to find sites relevant to them. These new gTLDs will be launched worldwide, joining the likes of .org, .com, and .net. Among the proposed new gTLDs are .ngo, for Non-Governmental Organisatons, and .ong, the domain name representing the Romance language version of NGO.

How do I become an accredited registrar with Public Interest Registry?

Ensure that your ICANN accreditation is in good standing to include the most recent Registrar Accreditation Agreement (RAA) and other required ICANN documentation. » More information

Use the Online Registrar Management System (ORMS) to submit your application for accreditation with Public Interest Registry. Please contact the Operations team with your request. For specific information see more on becoming a registrar.

Can I register a .org domain name if I am not a 501(c)?

Yes, .org is an open and unrestricted domain. Anyone is allowed to register and use .org domain names.

.org is the home for millions of nonprofit websites, including charitable, artistic, scientific, personal, educational, social, cultural and religious sites. .org sites are run by clubs, incorporated and unincorporated not-for-profit organizations, industry associations, families, individuals, schools, foundations, and more. Even for-profit companies have .org sites devoted to their charitable or volunteer programs.

General Questions

Who is Public Interest Registry?

Public Interest Registry is a nonprofit organization that currently operates the .org, .орг, .机构, and .संगठन and in the future, the .ngo|.ong domains.

As our name implies, we exist to serve the public interest online. Our globally diverse team is committed to providing a stable online platform where everyone has a voice. As an advocate for collaboration, safety and security on the Internet, Public Interest Registry's mission is to empower the global noncommercial community to use the Internet more effectively, and to take a leadership position among Internet stakeholders on policy and other issues relating to the domain naming system.

What are new Top-Level Domain Internationalized Domain Names (IDNs)?

Originally the Root Zone was limited to a set of characters conforming to US-ASCII (American Standard Code for Information Interchange) or "Latin" alphabets. This changed with the introduction of Internationalized Domain Names (IDNs), which introduced top-level domains (TLDs in different scripts and enabled Internet users to access domain names in their own language.

I found a site online that offers your domain names, but it isn't on Public Interest Registry's list of authorized registrars. Why not?

Some registrars that have been accredited by the Internet Corporation for Assigned Names and Numbers (ICANN) have - "resellers". The registrar provides its resellers with the tools, such as back-end systems and customer service, required to register domain names. Using its registrar's systems, the reseller then has the ability to offer domain names to whomever it wishes, such as the general public.

If a site that offers domain names is not on our list of authorized registrars, it may be a reseller. If you look up a domain name in the WHOIS, it will display the name of Public Interest Registry-authorized registrar (not the name of its reseller) in the "Sponsoring Registrar" field.

What are the domain name registration terms?

General Availability terms are 1 - 10 years. Registration term begins when the domain name becomes active. Domains registered during Sunrise will have a minimum period of 5 years.

How do I find out who has registered a domain name?

Anyone may look up information regarding a .org, .орг, .机构, and .संगठन domain name using the WHOIS lookup.

What does it cost to become a registrar for Public Interest Registry?

There are no fees for registrar accreditation, or the registration or update of nameservers.

.org Domain Names

How many .org domain names are there?

More than 10.3 million domain names are currently registered with .org.

What is a .org IDN?

Domain names have generally been limited to characters used in English. An .org IDN refers to the ability to use characters from any language (e.g., á, ç, è, ñ, ö) to register a domain name.

IDNs in .org have non-Latin script to the left of the dot with .org in ASCII to the right of the dot. » More information

.ngo|.ong Domain Names

How will .ngo|.ong differ from .org?

.org is an open domain where anyone can register - individuals, not-for-profits, or corporations - to engage and promote communities. .ngo will be a sponsored top-level domain intended to serve only the Non-Governmental Organisation (NGO) community. It will be an exclusive domain extension for NGOs looking for immediate recognition online and broader opportunities for public engagement, funding, and partnerships. Organisations that are non-governmental, non-commercial and non-criminal qualify to get a .ngo domain, and there will be a validation process associated with registration to ensure that prospect applicants qualify.

Who can register a .ngo|.ong domain name?

Public Interest Registry has been working closely with the NGO community and leading NGO associations around the world to develop a process to validate applicants for a .ngo domain. We believe that working with the NGO community on a global basis is important in both reaching out to the NGO community and validating their inclusion in the .ngo domain.

Seven criteria are used to define an NGO or ONG for the purpose of validation:

  1. Focused on acting in the public interest. Whether in support of education or health, the environment or human rights, members of the .ngo|.ong community work for the good of humankind and/or the reservation of the planet and do not promote discrimination or bigotry.
  2. Non-profit making/non-profit-focused entities. While many NGOs and ONGs engage in commercial activities or generate revenue in support of theirs missions, members of the .ngo|.ong community do not recognize profits or retain earnings.
  3. Limited government influence. Recognizing that many .ngo|.ong organisations have important interactions with government, not least for reasons of funding (which may include receipt of some government funding in support of their programs,) members of the .ngo|.ong community decide their own policies, direct their own activities and are independent of direct government or political control.
  4. Independent actors. Members of the .ngo|.ong community should not be political parties nor should be a part of any government. Participation in the work of a .ngo|.ong is voluntary.
  5. Active Organisations. Members of the .ngo|.ong community are actively pursuing their missions on a regular basis.
  6. Structured. Members of the .ngo|.ong community, whether large or small, operate in a structured manner (e.g., under bylaws, codes of conduct, organizational standards, or other governance structures.)
  7. Lawful. Members of the .ngo|.ong community act with integrity within the bounds of law.

NGOs and ONGs participating as members in the .ngo|.ong community must certify that they adhere to the above .ngo|.ong Eligibility Criteria.

How can I register a .ngo|.ong domain name?

Once the .ngo|.ong domains are available, contact a registrar accredited with Public Interest Registry. It's important to note that both .ngo and .ong are included in one registration. This means, if you register .ngo, the same name will also be registered under .ong automatically, and vice versa.

In order to receive advance information about the launch of. ngo|.ong, visit GlobalNGO.org to submit a free Expression of Interest for a domain name.

How do I make sure no one gets my .ngo|ong domain?

There is no system for reserving names. However, ICANN requires that each new gTLD registry have a "Sunrise Period" before the opening of the general availability of registrations. During this period, a trademark holder has the ability to claim a domain name registration corresponding to its trademark. Please note that entities with valid trademarks must first be registered with Trademark Clearinghouse (TMCH). If there is more than one owner of a particular trademark (e.g., in different areas of the world), and more than one claims a registration, the first to apply will get the registration. An NGO that has registered its organisation's name as a trademark will be eligible to take advantage of this process. NGOs that have not registered their names as trademarks will be able to register their name during the general availability on a first-come, first-served basis following the Sunrise Period.

Are DNS Security Extensions (DNSSEC) available for .ngo|.ong?

.ngo|.ong support DNS Security Extensions (DNSSEC). DNSSEC is a secure version of DNS.

Cache poisoning, the unauthorized access and modification of DNS caches to intentionally spoof websites, hijack email, and even steal passwords has been a major vulnerability. DNSSEC ensures cache poisoning is prevented, that DNS data cannot be forged and that data originating from its stated source is not modified in transit.

Public Interest Registry was the first generic Top-Level Domain (gTLD) registry to fully deploy DNSSEC.

What are the registration terms for .ngo|.ong?

General Availability terms are 1 - 10 years. Registration term begins when the domain name is registered. Domains registered during Sunrise will have a minimum period of 5 years.

Is Proxy or Private Registration available?

Proxy or Private Registration is not available with .ngo|.ong.

What are the domain character rules?

For .org, the following rules and restrictions apply: Three (3) character minimum; sixty-three (63) Punycode character maximum; Letters "a" to "z", the numbers "0" to "9" and the hyphen "-" can be used; The following characters are not allowed: ~ @ # $ % ^ & * ( ) + = < > { } [ ] | \ / : ; ‘ , . ?; Hyphens cannot be used in the 1st, 3rd, 4th or last position of the domain name. One and two digit domains have been reserved by the Registry and are not available for registration at launch.

For IDNs, the following rules and restrictions apply: there is a three (3) character minimum for Cyrillic and Hindi. The character minimum for Chinese is currently under review. ZH (Chinese) IDNs have a 14-character native language limit; for Hindi and Cyrillic IDNs, the 63 character limit applies for when it is converted to Puny code (which must be under 63). Mixing of numbers and hyphens with the IDN is permitted. Following characters are not allowed:~ @ # $ % ^ & * ( ) + = < > { } [ ] | \ / : ; ‘ , . ? Hyphens cannot be used in the 1st or last position of the domain name.

Internationalized Domain Names

What is the difference between .org and IDN TLDs?

There are two different types of .org IDNs. The Domain Name System (DNS) initially only supported the Latin characters a through z, A through Z, 0 through 9, and the hyphen. However in 2003 new standards were introduced that enabled the conversion of non-ASCII characters to the left of the dot - these characters could either be Latin letters with diacritics (e.g. ñ or â) or scripts that do not use the Latin alphabet such as Chinese or Cyrillic. The right of the dot (.org) remained in Latin characters.

What has changed with the new generic Top Level Domain (gTLD) IDNs is the addition of a multilingual translation service at the front end (the user's browser) to supplement the DNS. This means that non-Latin characters can now be used on both sides of the dot, providing a completely non-Latin domain name.

Technically, when an IDN is input, the web browser algorithmically converts it into a combination of ASCII characters (known as Punycode). For example, the IDN for McDonald's Russia (макдональдс.рф) is converted to the Punycode equivalent http://xn--80aalb1aicli8a5i.xn--p1ai/. It is this Punycode string that is sent to the name server, and when an IDN is initially registered, it is this Punycode address that is stored within the name server. This is how the domain name is found on the Internet.

How will Public Interest Registry's IDN TLDs be launched?

Public Interest Registry's IDN TLDs: .орг, .机构, and .संगठन, will be launched in two phases: Sunrise and General Availability.

Do .орг, .机构, and .संगठन TLDs offer DNS Security Extensions (DNSSEC)?

As part of ICANN's Pre-Delegation Testing (PDT) of all new gTLDs, it is a requirement that all registries offer and support DNSSEC throughout the lifecycle of all domains. Therefore, .орг, .机构, and .संगठन support DNS Security Extensions (DNSSEC). DNSSEC is a secure version of DNS.

Cache poisoning, the unauthorized access and modification of DNS caches to intentionally spoof websites, hijack email, and even steal passwords has been a major vulnerability. DNSSEC ensures cache poisoning is prevented, that DNS data cannot be forged and that data originating from its stated source is not modified in transit.

Public Interest Registry was the first generic Top Level Domain registry to fully deploy DNSSEC for .org.

Are there any geographic or industry restrictions on who can register .орг, .机构, and .संगठन TLDs?

There are no restrictions based on geography. Registrants are not required to demonstrate non-profit status.

What is the lifecycle for the domains in .орг, .机构, and .संगठन?

The .орг, .机构, and .संगठन domain names will follow the same lifecycle rules as other existing domains such as .org. The phases of the lifecycles are:

  • Domain creation
  • 5-day Add Grace Period
  • Registration period
  • Domain expiration
  • 0-45 days Auto-Renew Grace Period
  • Domain Deletion
  • 30-day Redemption Grace Period
  • 5-day Pending Delete Period

How do I become an accredited registrar for .орг, .机构, and .संगठन?

Ensure that your ICANN accreditation is in good standing to include the most recent Registrar Accreditation Agreement (RAA) and other required ICANN documentation. » More information

Use the Online Registrar Management System (ORMS) to submit your application for accreditation with Public Interest Registry. Please contact the Operations team with your request. For specific information see more on becoming a registrar.

DNS Security (DNSSEC)

What is DNS Security (DNSSEC)?

DNSSEC is an addition to the Domain Name System (DNS) protocols; it is designed to add security to the DNS to protect it from certain attacks, such as any data modification attack (e.g. cache poisoning). It is a set of extensions to DNS, which provide origin authentication of DNS data, data integrity and authenticated denial of existence.

The Domain Name System Security Extensions (DNSSEC) as described in [RFC4033], [RFC4034], and [RFC4035] define new records and protocol modifications to DNS that permit security-aware resolvers to validate DNS Resource Records (RRs).

What does DNSSEC protect against?

DNSSEC is designed to protect Internet resolvers (clients) from forged DNS data, such as that created by DNS cache poisoning. Currently, a DNS resolver sends a query out to the Internet and then accepts the first response it receives, without question. If a malicious system were to send back an incorrect response, the resolver would use this address until its cache expired. This is bad enough if it's a single user's computer that gets this bad data, it's much worse if it's another name server that answers queries for an ISP - affecting thousands of users.

How does DNSSEC protect against this attack?

Each piece of a domain's DNS information has a digital signature attached to it. When a user enters the domain in a browser, the resolver, using keys in a similar manner to TLS/SSL, verifies the signature. If it does not match, the resolver discards the response and waits for another.

DNSSEC ensures that the information in the response you receive is the same information the registrant of the domain name wants you to receive. When a registrant registers a domain name on the Internet, they will also be able to have the domain name secured via DNSSEC. By sending in additional information to their registrar, registrants can "sign" a domain name, thus ensuring that all DNS responses are digitally signed via DNSSEC. By checking the digital signature, a DNS resolver is able to check if the information is identical (correct and complete) to the information the registrant wants you to receive.

What does it mean that you have signed the zone?

Zone-signing is the process of cryptographically signing the authoritative data within a zone file. This process adds new records to the zone, which allows resolvers to verify the origin, authenticity and integrity of the DNS responses. .org, .орг, .机构, and .संगठन zones have been, and any future new gTLDs will be, NSEC3 (RFC 5155) signed.

What does the administration of a DNSSEC signed zone entail?

Administration of a DNSSEC signed zone is more complex than that of an unsigned zone. Zone maintenance in the non-DNSSEC environment simply involves changing records as required and updating the serial number of the zone with each change. In many networks this is an automated process. However, in the DNSSEC environment this action alone would result in the invalidation of the zone data. Therefore, in addition to updating records and serial numbers the zone itself must be resigned. Care must be taken to keep keys and signatures current and not let signatures expire. If the zone is compromised either by malicious intent or neglect, the Zone Data Administrator must take actions to restore the zone's place in the DNSSEC authentication chain.

Can I now update my domain name with DNSSEC records?

Please contact your registrar to implement DNSSEC for your domain. For a list of .орг, .机构, and .संगठन accredited registrars as well as .org DNSSEC accredited registrars, click here.

How do I deploy DNSSEC?

The latest versions of BIND and NSD are DNSSEC aware, usually by simply setting a configuration-option. For end user applications, such as web browsers and email applications, you should contact your software provider. For more information on how to deploy DNSSEC, visit the DNSSEC Deployment website and DNSSEC HOWTO, a tutorial in disguise

What are some of the benefits of DNSSEC?

  • DNSSEC zones prevent man-in-the-middle attacks. Any customer with a DNSSEC-aware resolver will not be at risk from this attack.
  • DNSSEC is backwards compatible with the existing DNS infrastructure. Customers that are not using DNSSEC will not see any adverse effect. While they won't get the protection, they'll continue to access domain names just as they always have.
  • DNSSEC is the foundation of providing the safe and secure Internet of the future, including secure web browsing and adding additional security services to a wide variety of Internet services (e.g., email, voice-over-IP, etc.).

The DNS is a critical Internet infrastructure protocol and virtually everything that users do on the Internet depends on it. Protecting the DNS to ensure that users are connecting with the services they expect to be communicating with is the foundation of a safe and secure Internet.

What are high level concerns for registrars for DNSSEC?

  • You must actively maintain the extra DNSSEC data, including securing the DNSSEC private key data used to sign zones.
  • If the key information is compromised, you must take immediate action to rollover (replace) the key.
  • You may have to educate your customers on how to make their software DNSSEC-aware.
  • There have been a few reported cases of bugs in network gear, such as routers, switches, and wireless access points that require end-users to upgrade their network gear in order to resolve signed domain names.

What is a DNS resolver?

A DNS resolver is the program on a user's computer that sends the query to the DNS. Once a response is received, the resolver returns the response back to the end user's application. A validating resolver is a resolver that checks the digital signatures created and made available by domain name owners who want to protect their domains.

What is a key?

In DNSSEC the keys come in pairs — a private key (held only by the signer of the zone, which is usually the DNS operator who may be the registrar if you are providing DNS services to your customers) and a public key (distributed to the public through the DNS). The private part of the key pair is used to sign the zone. Validating resolvers use the public part of the key pair to validate the digital signature created when the zone is signed.

What is a key rollover?

A key rollover occurs whenever it is necessary to change the private key used to sign a zone or the public key used to validate a zone. This can occur for planned or unplanned reasons. Planned rollovers occur as an ordinary part of key management procedures, similar to changing a password on a regular basis. Unplanned rollovers occur whenever a private key has been compromised.

How does a scheduled rollover help prevent key compromise?

DNSSEC uses several mathematical formulas (cryptography) to "sign" a zone. These signatures are subject to cryptanalysis. It is therefore possible for an attacker to learn the private key in a key pair even though that key has never been disclosed, either through "brute force" or other types of attacks. Every attack requires time to complete. Periodically changing the key decreases the length of time an attacker has to attempt the compromise.

What are the notifications for a key rollover in DNSSEC?

Under ordinary circumstances key rollovers are not visible to end-users. The transition from one key to another is handled automatically by the DNS and validating resolvers, as long as the actual zone signer properly manages the key pairs and enters the changing keys in to the DNS as needed.

How is a DNSSEC registration different from a typical domain registration (without DNSSEC)? What additional data are collected?

A DNSSEC registration must include the public key information. This information is put in to a Delegation Signer (DS) record (either by the DNS operator or perhaps the registrar) and submitted to the registry by the registrar using the DNS Security extensions for EPP. Click here for more info.

What are additional resources for DNSSEC?

The DNSSEC and DNSSEC Deployment websites are both excellent resources to learn more about DNSSEC.

WHOIS Lookup Service

My registrar is requesting that I renew my domain name, but according to the WHOIS, it has been renewed for one year. What's going on?

When a domain name reaches its expiration date and is not renewed by the registrar, the registry system performs an auto-renew on the domain name. The auto-renew extends the expiration date for one year whether or not the registrar has received payment from the registrant. For example:

Example.org, example.орг, example.机构, or example.संगठन, is set to expire on April 25, 2004. The following events will occur:

  1. The registry auto-renews domain names the day after they expire. If the registrar does not renew this domain name with their registry prior to April 25, the registry will auto-renew the domain name for one year on April 26.
  2. The registry auto-renews domain names the day after they expire. Therefore, on April 26, the registry will auto-renew the domain name for one year.
  3. On April 26, the new expiration date will read April 25, 2005.
  4. The registrar then has 45 days during which they may delete the registration and receive a credit for the registry fee.

To verify if your domain name has recently been auto-renewed, Ccheck the "Last Update Date" field in WHOIS. If this field states that your domain name was last updated the day after it expired, your name probably was auto-renewed.

Why does the your WHOIS display the auto-renewed expiration date instead of the original expiration date?

The registry WHOIS system pulls the expiration date from our registry database. Because the auto-renewal process is conducted daily in the registry database, WHOIS will publish the auto-renewed dates If the registrant does not renew the registration with his/her registrar, the registrar may delete the registration in the registry database.

When I use the WHOIS portal for search, why do I receive the "WHOIS LIMIT EXCEEDED" error message?

Public Interest Registry has introduced rate-limiting logic on the WHOIS Port 43 server and similar rate-limiting logic on the Public Interest Registry website.

Public Interest Registry monitors all IP addresses accessing the WHOIS Port 43 server. All traffic is logged, and rate-limit validation logic is applied to limit access by any given IP address to a maximum of four queries per minute. If a unique IP address exceeds the limit, the query will be stopped, and the error message will be displayed.

Public Interest Registry accredited registrars who submit queries through the web-based WHOIS search mechanism are limited to 50 queries per minute.

Why is Public Interest Registry limiting WHOIS Port 43 access for the general public?

Public Interest Registry is committed to protecting the rights and privacy of registrants of our domain names. The previously unlimited access to Port 43 led to abuses by speculators and data miners, often using automated programs to make inquiries. Rate-limiting logic was introduced to reduce this.

Domain Name Anti-Abuse Policy

Why did Public Interest Registry issue this policy?

This policy addresses significant potential harm to Internet users. Abuses that may be prevented include identity theft, harm to children, and an erosion of trust in the Internet by users. Public Interest Registry enforces its terms of service to registrars to prevent abuse across our domain for the benefit of all users.

What authority does Public Interest Registry have to enforce the abuse policy?

The Domain Name Anti-Abuse policy is enacted under the clear, long standing, contractual authority of Public Interest Registry pursuant to Section 3.6.5 of every Public Interest Registry Registry-Registrar Agreement.

How will this policy affect registrants?

It is our goal that only those who abuse the domain system and engage in illegal or fraudulent activity will be affected by this policy. Ordinarily, there should be no change in your relationship with your registrar or the operation of your domain.

How does Public Interest Registry protect registrants?

Public Interest Registry takes every possible step to ensure registrants are protected. While security best practices prevent Public Interest Registry from publicly stating how we investigate reports of abuse, our goal is always to protect registrants. Domains suspected as abusive will be investigated. Public Interest Registry works closely with the registrar to ensure the appropriate action is taken to resolve the abuse. If it appears a website has been compromised Public Interest Registry will take steps in accordance with our Abuse Policy to prevent further abuse.

Does the Abuse Policy deal with alleged violations of trademark or other intellectual property rights?

No. This policy addresses the illegal and abusive use of domain names of a technical nature. It is not a substitute for current remedies to resolve intellectual property disputes involving domain names and websites. This policy does not replace the ICANN Uniform Dispute Resolution Policy (UDRP).

Who do I contact if I suspect a .org, орг, .机构, or .संगठन domain is being abused?

If you are the registrant and it is your own domain name, please contact your registrar. If you suspect abuse on a .org, орг, .机构, or .संगठन domain you may contact abuse(at)pir(dot)org.

Redemption Grace Period

What is the Redemption Grace Period (RGP)?

RGP is a service that allows the registrar to restore a domain name that has been unintentionally deleted. This 30-day period begins after a registrar requests that the registry delete a domain name. When a domain name is in RGP, its status is listed as PENDING DELETE RESTORABLE and HOLD.

When a domain name enters RGP, it is removed from the registry zone file. As a result, any Internet services supported by the domain name will be disabled (e.g., email or a website). The registrant must act IMMEDIATELY if the domain name is to be restored.

After the 30-day RGP, the domain name enters the Redemption Hold Period (RHP).

What is the Redemption Hold Period (RHP)?

If a registrar deletes a domain name and does not request that the domain name be restored during the 30-day RGP, it enters RHP. RHP lasts for five days, and during this time the domain name is locked and unable to be restored. After five days, it becomes available for re-registration. Once the domain name enters RHP, the prior registrant cannot request a restore. When a domain name is in RHP, its status is listed as PENDING DELETE SCHEDULED FOR RELEASE and HOLD. The domain is returned to the zone file during this period. If the Restore Report is not received from the registrar within 5 days, the domain is returned to a new 30-day RGP with status of: PENDING DELETE RESTORABLE.

What is the Restore Lock Period (RLP)?

Once a registrar formally requests to restore a domain name, the registrar must submit a Restore Report to Public Interest Registry within five days to fully restore the domain name from RGP. This five day period is referred to as Restore Lock Period (RLP). This means that the registrar cannot use the domain name until a restore report has been submitted and accepted. During this period the following domain statuses will be applied:

PENDING DELETE RESTORE

UPDATE PROHIBITED

DELETE PROHIBITED

RENEW PROHIBITED

TRANSFER PROHIBITED

How do I know if a domain name is in RGP?

If a domain name is in RGP, the "Status" field in the WHOIS will show the domain name as "PENDING DELETE RESTORABLE and HOLD." All Internet services associated with the domain name will remain disabled.

How do I know if a domain name is in RHP?

If a domain name is in RHP, the "Status" field in the WHOIS will show the domain name as "PENDING DELETE SCHEDULED FOR RELEASE HOLD."

How do I know if a domain name is in RLP?

If a domain name is in RLP, the "Status" field in the WHOIS will show the domain name as PENDING RESTORE.

My domain name has been placed in RGP. How do I redeem it?

If your domain name has been placed in RGP, it is because your registrar requested to delete it. If you wish to redeem the domain name, you must contact your registrar immediately.

The sponsoring registrar for the domain name (as indicated in the WHOIS) is the ONLY registrar that can restore it. We cannot directly restore your domain name -- it can act only on explicit instructions from the sponsoring registrar. Please note that your registrar may charge a fee for restoring the domain name.

How do I know when a domain name will be released for re-registration?

For a domain name to be released for registration, it must complete the 30-day RGP and the five-day RHP. In total, a domain name can be released for re-registration 35 days after it has been deleted by a registrar, provided that there has been no restore request received by the registry during the RGP. To calculate the date a deleted domain name will be available for registration, add 35 days to the "last updated on" date reflected in the WHOIS.

Will my domain name still work if it is in RGP?

No. Once a domain name is placed in RGP, no Internet services for that domain name will work.

Will I still be able to get email if my domain name is in RGP?

No. Once a domain name is placed in RGP, no Internet services for that domain name, including email, will work.

My registrar sent a restore request, but my website and email still aren't working. Why not?

Once a registrar formally requests to restore a domain name, it must provide a special restore report to us within five days. This report must include background documentation and a reason for the restoration. If your registrar does not deliver the report within five days, the registry will return the domain to the RGP status ("Pending Delete - Restorable"), and the domain name once again will not resolve or support Internet services (e.g., website or email).

Why is my registrar charging me to redeem my domain name through RGP?

Public Interest Registry does not determine the fees that registrars charge their customers. However, the registrar incurs extra costs each time it invokes the RGP process. Registrars may charge a fee to restore a domain name through RGP at their discretion. You should contact your registrar to inquire about the fee being charged.

My domain name is in RHP (PENDING DELETE SCHEDULED FOR RELEASE). Why can't I restore it?

Once the 30-day RGP for a domain name has passed, it cannot be restored. RHP serves as a notice period for registrars regarding the pending availability of the domain name.

Will I be charged a renewal fee in addition to the RGP fee itself? Do I lose any time that remained on my registration?

If the domain name has expired before it is deleted and enters RGP and then it is restored, the registrar's account is debited for the RGP fee and the one-year renewal fee. If the domain name has NOT expired prior to deletion and entering RGP and then it is restored, the registrar's account is debited the RGP fee, but the renewal fee is charged only if a "renew" is requested explicitly or the domain was deleted within the 45-day Auto-Renew Grace Period. When at all commercially reasonable, the domain name will be reinstated, with temporary restrictions, within five calendar days of the restore request. It is up to each registrar whether to charge the registrant for the renewal fee in addition to an RGP fee.

Where can I find more information about the ICANN requirements for RGP?

Refer to the ICANN website and search for "Redemption Grace Period". Please also refer to RFC 3915 for more information.

Disputes and Problems

My domain name was not renewed and deleted. Now it is registered to another. Can I get it back?

You must contact your registrar or reseller to determine if anything can be done.

How do I transfer my domain name to a new host? A new registrant? A new registrar?

To transfer your domain name to a new registrar or registrant:

  • Obtain the authorization code (auth code) from the current sponsoring registrar of the domain name. Please consult the WHOIS search to find out who the sponsoring registrar is.
  • After you receive your auth code, supply it to the registrar to whom you wish to transfer the domain name.
  • The new registrar should then initiate the transfer. Once initiated, the transfer will be completed within five 24-hour periods.
  • Public Interest Registry advises that you change your auth code after a transfer. You can do this through the new registrar.
  • The registrant should update the contact information through the sponsoring registrar. Public Interest Registry cannot do this for you; you must do it through the registrar.

I want to transfer my domain name, but my registrar is asking for an authorization code (auth code). What is it, and where can I get it?

The auth code is a six-to-16-character code assigned by the current sponsoring registrar that serves as a password for the domain. Auth codes are asecurity measure that ensures that only the owner of the domain name can make transfers.

If you do not know your auth code, you can obtain it from your registrar. Registrars are contractually required to provide the auth code upon the request by the registrant.

Registrars can obtain the auth code for their domain names by sending a request to the registry. Registrars are able to obtain auth codes only for the domain names that they manage.

Can Public Interest Registry confirm the auth code my registrar gave me?

No, but the registrar you are transferring to can verify the auth code.

Who can tell me why my domain name isn't working?

Your registration may have expired. When you register a domain name, you can register it for one to 10 years. When your registration expires, the registry will auto-renew the domain name for one year and debit your registrar's account for the renewal fee. If your registrar does not receive your registration payment, your registrar can take one of several actions, including deleting or placing your domain name on "hold". These actions will remove your domain name from the zone file, and all Internet services, including email, for that domain name will cease.

If the registrar deletes your domain name, you have 30 days from the date of deletion to contact your registrar to restore and renew it. See FAQs about the Redemption Grace Period for more information.

I need the username and password for my domain name. How do I obtain them?

Each registrar and reseller uses a unique contact management system to manage usernames and passwords for each registrant. Please contact your registrar or reseller directly to obtain this information.

How do I backorder a domain name?

There are third parties that offer this service. Please contact your registrar or reseller for information on how to place a backorder on a domain name.

How do I make changes to my domain name, including adding name servers or making Domain Name System (DNS) changes?

To make changes to your domain name, including changing name servers, renewing your domain name, transferring or deleting a domain name, please contact your registrar or reseller, who will then put the request through to the registry. Public Interest Registry, like all domain name registries, is not authorized to change records directly for registrants.

My domain name is listed as ‘Inactive'. Why?

Any domain name that does not have at least two name servers associated with it is listed as "Inactive". This means that the domain name will not resolve on the Internet. Once you add two name servers through your registrar, the Inactive status will be taken off, and the domain name will resolve.

I made changes to my domain through my registrar. Why are the changes not reflected on WHOIS?

Registrars are responsible for updating the registries' systems with all changes. If the information for your domain name has not been updated at the registry, please contact your registrar or reseller.