Last updated: 
1 day 2 hours ago
Blog Manager
One of Janet’s activities is to monitor and, where possible, influence regulatory developments that affect us and our customer universities, colleges and schools as operators of large computer networks. Since Janet and its customer networks are classified by Ofcom as private networks, postings here are likely to concentrate on the regulation of those networks. Postings here are, to the best of our knowledge, accurate on the date they are made, but may well become out of date or unreliable at unpredictable times thereafter. Before taking action that may have legal consequences, you should talk to your own lawyers. NEW: To help navigate the many posts on the General Data Protection Regulation, I've classified them as most relevant to developing a GDPR compliance process, GDPR's effect on specific topics, or how the GDPR is being developed.

Group administrators:

Nominet direct.uk announcement

Thursday, November 28, 2013 - 08:55

[updated 27th November following Nominet's answers to my questions]

After two rounds of consultation, Nominet have announced that they will be proceeding with a scheme to allow the creation of domains directly under .uk. The background paper doesn’t contain full details, but it’s clear that this third proposal represents a further simplification on those previously discussed on. Indeed as far as I can see the only difference from existing .co.uk domains is that anyone applying for a .uk domain will need to provide a UK postal address through which they can be contacted. However there’s no longer a requirement that this be the applicant’s own address: a forwarding address appears to be fine.

Pretty much the only restriction on what second-level domain you can apply for is if the name already existed as a third level domain on 28th October 2013. In that case the holder of that domain gets five years to decide whether they want the direct.uk one and it can’t be registered by anyone else while they are thinking about it. Although Nominet's Q&A document answers "who exactly will be offered the shorter .uk domain" by saying "All domains..." I've now been informed that that only applies to second-level domains managed by Nominet, so hierarchies including .police.uk, .nhs.uk and .ac.uk will have no rights over equivalent second-level domains. [Nominet’s Q&A document answers "who exactly will be offered the shorter .uk domain" by saying "All domains that were current on 28th October 2013...", so it seems that holders of example.ac.uk should now benefit from this, having apparently been excluded from priority in the previous consultation. However if example.co.uk or example.org.uk existed on the cut-off date then the holder of that domain gets the five-year option (.co.uk takes precedence, not the longest-held domain as in the previous consultation).] A small number of names that have existed in .gov.uk have also been reserved permanently, though Nominet are still discussing with the Cabinet Office some names on this list that appear more likely to be interpreted as generic terms than as former Government departments.

Nominet’s vision seems to be that existing .co.uk and .org.uk holders will migrate to the equivalent .uk domain when they next re-brand, so that over the next five years those two domains will gradually migrate to an undifferentiated .uk namespace. Names under .uk should cost the same as under .co.uk (a considerable reduction from the original proposal). So the decision on whether to migrate is likely to depend on whether organisations see greater benefit in advertising a name at the second level or the indication of status that’s provided by the existing third-level domain.

In our response to the second consultation we pointed out the risk of confusion between new and existing second level domains. The announcement doesn’t seem to mention any restriction on registering second level domains confusingly similar to existing ones, nor to be exerting any control over third level domains that may be created within them. This contrasts with ICANN’s approach to new top level domains, where successful applicants are restricted in their ability to create sub-domains that may infringe trademarks. [I’m checking with Nominet whether I’ve missed something.] Apparently there will be some contractual restrictions on selling sub-domains within the new second level, but these were vague in the second consultation and no further information is available.

The headline of the original consultation was the creation of a new, more secure, .uk domain. As announced in the last consultation round, the security proposals have been moved into a separate workstream developing measures intended to be available to all .uk domains. A little more about these security proposals has now been announced: they include options for "domain-locking", "additional security controls when accessing Nominet’s registry systems", "identifying when security-related issues are adversely affecting a domain", and a "data visualisation and analysis tool". Surprisingly there doesn’t seem to be anything about DNSSEC there, unless it’s hidden in one of the bullets about "working alongside others". The original consultation was strongly encouraging adoption of DNSSEC, so it’s sad to see that leave the headlines.