Dan's Domain Site | Structure | Country Codes

Dan's Domain Site

Structure: Country Code Domains

In addition to the global top-level domains, there are a whole bunch of two-level domains for the different countries of the world. Some of them let people register directly under them as second-level domains, while others have a more deeply nested structure. Some limit registrations to residents of the appropriate country, while others are open worldwide. Much other variation in domain policy exists.

.us -- finally .USable?

The United States of America's .us domain is registered via nic.us, and has traditionally been subdivided geographically. Other than a few specialized categories such as community colleges and Native American tribes, most users were supposed to register under their hometown, with domains like yourname.shreveport.la.us, so that what you register is a fourth-level domain under your city (or county), state, and country. These are much cheaper to register than the .com domains (often free, though this varies by locality), but are lengthier. However, these domains might be a good choice if you want your site to be geographically identified. Many people register domains like joeschmoe-of-milwaukee.com where joeschmoe.milwaukee.wi.us would have been more logical. The usual objection is that more users are familiar with .com domains, but that's self-fulfilling; of course people won't be familiar with .us domains if nobody ever uses them, but if lots of people start using them as site addresses, public awareness would follow, and people would become better-educated about the hierarchical structure of the domain name system in general.

However, that structure has now changed -- a new registry provider has been selected by contract of the U.S. Department of Commerce (the winning registry is the same one that runs the new .biz TLD), and they are now offering registrations directly at the second level, like yourname.us. They had a trademark-owners-only sunrise phase (similar to that of the .info TLD, but only for owners of U.S. trademarks, not globally), followed by the opening on April 24, 2002, of first-come, first-served registration, for which various registrars took queued requests over the weeks and months preceding that. Names like help.us and with.us have some "cute" subdomain possibilities, like grow.with.us or fool.around.with.us. But don't try anything ending in -r.us... the Toys "R" Us people have a very aggressive legal department. (Some such registrations have been made, and it will be interesting to see if they get sued or challenged.) Check the status of .us registrations with their WHOIS.

A .kids.us subdomain was created by act of Congress, in which only child-friendly sites can register. No act of Congress, however, was needed for the registrant of protozoa.us to offer subdomains for sites that are safe for protozoans; however, that site doesn't seem to be online any more.

The author of the interesting ICANN.Blog has managed to get blog.us, in which he's offering subdomains to "bloggers" (those who provide online journals, referred to as "blogs" as a shorthand for "weblogs").

Wikipedia entry for .us

The Rest of the World

Neustar, the company that runs the .us domain, has recently been placed in charge of China's .cn domain as well, and will be throwing that domain open to registrations without any Chinese nexus requirement. See their site.

Wikipedia entry for .cn

Similarly to .us, Canada had a hierarchical system for its .ca domain, but allowed companies and organizations that are nationwide in scope to register directly under .ca, and province-wide organizations to register within a province subdomain (like .on.ca), instead of making everyone register within a city. In 2000, a new plan liberalized this to allow unlimited registration directly under .ca (as is now being done in .us).

Wikipedia entry for .ca

Both .us and .ca require some sort of connection with their respective countries in order to register there. Individuals wishing to register must be either citizens or residents; multinational corporations need to at least have a contact address in the given country.

Countries other than the United States and Canada rarely used geographical hierarchies; they usually, right off the bat, allowed either direct second-level registration or registered at the third level beneath logical subdivisions like .co.uk and .org.uk for commercial and noncommercial sites in the U.K. respectively. They vary a lot as to the degree, if any, of local presence needed for registration by foreigners.

Note: It seems to be common in domain discussions for people to talk about "the .co.uk top level domain"... this is mistaken terminology. Of course, .uk is the top level domain, with co.uk as a second-level domain within it, alongside org.uk and others. For some unknown reason, this sort of sloppy speaking is most common with regard to the .uk domain; other domains, like .au and .mx, which are similarly subdivided into 2nd-level categories, are usually not spoken of in the same way; people refer to .au as the Australian TLD, not .com.au, but seem to think that .co.uk is the TLD for the United Kingdom.

It's not actually necessary for an entity to be a real country in order to have a country code. Antarctica has the .aq domain (active sites in that domain include scott.aq and esouth.aq). Another not-really-a-country with a country code is the Palestinian Authority, with .ps (they used to have a site at gov.ps, but it hasn't worked lately, maybe because of all the problems they've been having at their headquarters these days). The European Union is about to inaugurate a .eu domain. There's a big debate going on about whether to terminate the still-existent .su domain for the Soviet Union.

In the wake of the regime change in Iraq, its .iq top level domain might finally be placed into service, after years of being in limbo (its current delegated manager is a company in Texas whose owner is in jail facing Federal charges of supporting terrorism). CITRI, a British-based organization formed to assist in rebuilding Iraq's communications infrastructure, wishes to take over the domain, if it can get ICANN (via its IANA function) to agree to this; it then plans on auctioning off domains (high.iq might be desirable for members of Mensa) in order to fund its Iraqi projects. However, the U.S. government must sign off on all top-level domain changes, and the Bush administration might have ideas of their own about the development of the Iraqi domain.

Wikipedia entry for .iq


Since most developed countries other than the United States have well-used domain suffixes familiar to their Internet-connected citizens, it's a real shame that companies worldwide seem to be picking up "dot-com-itis" these days and forsaking their native domain in favor of cluttering the .com namespace even more (even as the United States finally gets with the worldwide system and makes the .us domain easily usable). Even governmental entities of various countries, with well-established namespaces in their own top level domain, are succumbing to the temptation to get inappropriate .com domains for themselves; or, worse, to sue companies that already have addresses they want, like barcelona.com, which the city of Barcelona reverse-hijacked from a U.S.-based commercial owner via both the ICANN dispute process and the courts. The government of New Zealand tried to grab newzealand.com in this manner, unsuccessfully, and ended up paying the huge sum of $500,000 (about $1 million in New Zealand dollars) to buy it, coming under criticism for wasting taxpayer money this way. (Their proper namespace in govt.nz doesn't cost them anything!)

In India, the grandson of Mahatma Gandhi, Tushar Gandhi, made impassioned pleas in favor of local Internet sites using the .in country code to further national pride, but this mostly fell on deaf ears; hardly anyone there used it. (It would help, for starters, if the Indian domain registration authority would have a more visible Web site... I tried nic.in, the normal traditional address for registration authorities in a given domain, but found that this address is a general Indian government portal with no mention of domain registration. Eventually I found an actual .in registration site at domain.ncst.ernet.in, but it doesn't work any more as of 2005; the current site is at inregistry.in.) Those sites in India that did use .in addresses, mostly government and academic, seemed more often than not to ignore the ostensible logical structure of the .in domain (.gov.in, .ac.in, etc.) and use subdomains of the organization that provided their network connectivity or Web development services, so you see an awful lot of Web addresses ending in .nic.in and .ernet.in. However, in 2005, registrations became available directly at the second level of .in, and seem to be popular, so maybe they'll finally be used.

Wikipedia entry for .in

"Repurposed" Country Codes

Some country-code domains are open to registrations from people having no connection with that country, and this can be used as a revenue source by small countries with little need for the namespace domestically. Tonga (.to) is one such domain that's available to people worldwide. Turkmenistan made its .tm domain available internationally, with particular appeal to companies with trademarks ("tm"), but registrations have been put on hold after the Turkmenistan government objected to some "obscene" domains being registered. (Apparently, according to an article on this issue, those not-so-funloving Turkmen (and Turkwomen?) found even "girls.tm" and "pizza.tm" to be "obscene"; I'm not really sure why, unless they mean something radically different in their native language.) More recently, Tuvalu's .tv domain was sold (actually leased for a 10-year period) to an American company for millions of dollars, and they're now auctioning off the most desirable names there rather than just letting anyone grab them cheaply like other registrars generally have done. There are similar registries at .fm and .am, belonging to the Federated States of Micronesia and Armenia respectively.

.tk, belonging to the island nation of Tokelau, is giving away "free" domains (supposedly in keeping with the tribal values of that island where everything is shared), but there are lots of catches attached, and many of the "good names" are reserved to be registered at a price.

Wikipedia entry for .tk

Since some of the country codes are two-letter words in English or other languages, this has been taken advantage of by various people who have set up "redirection services" under addresses like go.to, here.is, i.am, start.at, or for Spanish-speaking people, pagina.de and espacio.de. The idea is to follow such an address with your site name: http://go.to/mysite, which is set up to redirect to your real site address. Many of these addresses are available free, but you're at the mercy of the service that provides the redirect, which could go out of business or impose a really annoying popup ad on visitors.

The television networks and other things that get .tv domains could be in trouble in a few years -- the island of Tuvalu is in the process of sinking into the ocean due to global warming, and its population already has plans to evacuate. If the country stops existing, then that will open the debate about whether its domain should be deleted, just as that debate is now progressing over the .su (Soviet Union) domain. Thus, .tv registrants should probably keep up on what happens to .su as an advance warning about what might happen to them.

Wikipedia entry for .tv

DNS Server Requirements

The global TLDs (.com, etc.) require two DNS server addresses in the registration record (a primary and a secondary), but the registrars don't actually check that those servers respond to requests for the domain; you can get away with registering domains with anybody's server in the record, though they won't actually work unless whoever's in charge of that server sets up the DNS over there. Country code domains can vary in their requirements. The Mexican domain registrar, for instance (.mx), requires only one DNS server address, but actually checks it during the registration process to make sure it responds to requests for that domain, so you need to get your hosting provider to set up DNS before you register the domain. I actually kind of like this requirement; it ensures some degree of purposefulness and cluefulness on the part of anyone registering a domain, keeping out the rabble somewhat like the requirement to know Morse code to get a ham radio license keeps that at a higher plane than the open-to-all CB. This may be one of the reasons there is less cybersquatting and other domain abuse in the .mx domain than in the global ones (but then again it may just be that cybersquatters and domain abusers, even when they're Mexican, don't care as much about .mx addresses as .com ones...)


As with other domain names, there have been some conflicts over country code domains; see my conflicts page on foreign domains.

One interesting conflict occurred in 2000 as ICANN got set to launch new top level domains. As one of the proposals (ultimately accepted) was for a .biz domain (for businesses), a company in St. Louis sued ICANN, claiming to have obtained contract rights from the country of Belize to operate its .bz country code registry, and that a .biz domain would be confusingly similar to it and hence a violation of trademark law. ICANN disagreed strongly with this claim, saying that .bz was for the use of the country of Belize, not to stand for "business", that country code domain registries were delegated the responsibility of running such registries, but didn't own the domains involved, that the U.S. Patent and Trademark Office has specifically denied the trademarkability of top level domains, and that the complaining company wasn't even the current delegated operator of the Belize TLD. The court refused to issue an injunction to stop the .biz domain, but I don't know what happened with the case since then.

A 2005 decision under the UDRP made the assertion (under "Factual Background", so it's supposedly factual, according to the panel, not just an assertion of the complainant and/or respondent) that the .nu domain was "own[ed] and operate[d]" by WorldNames, Inc. and NU Domain Ltd, despite the apparently established principle that top level domains are not "owned" by anybody; in this case, .nu is delegated to Internet Users Society - Niue, which in turn lets the companies in question operate the registry, but they don't own it. However, the statement in question isn't actually legally binding; it's only an "aside" in a case that was not over the ownership of the TLD (it was actually a dispute over nudomain.com, ruled to be an infringement of the registry's trademark on ".nudomain"), and UDRP panels are not actual courts of law in any case.

Wikipedia entry for .nu

There's also an ongoing debate about ICANN taking control of the country code domains, most of which existed long before ICANN was around, and many of which resent having a US-based organization be able to dictate rules and demand payments from them. In 2001, the .au country code domain (Australia) was taken away from its long-standing operator, an individual associated with a university, and given to an Australian nonprofit group founded to operate that domain. This has been controversial; see some discussion. Since then, the new organization has agreed to sign an agreement with ICANN, and ICANN had a (now closed) forum section to discuss it.

Foreign-Language Domains

The expansion of the DNS to character sets outside the "US-ASCII" letters and numbers is a hot topic these days. This isn't technically related to country code domains (while these new "internationalized" domains may be used in country codes, they're also being used in global TLDs such as .com), but it does relate to making the domain name system more international in nature.

Over a period of many years, a set of standards were established to allow domains to be registered using characters in the multilingual Unicode character set, which are encoded as sequences of normal ASCII characters so that 中国互联网络信息中心.cn translates to xn-fiqa61au8b7zsevnm8ak20mc4a87e.cn. Thus, at the "back end" of the DNS, the addresses are handled as normal ASCII-based domains, but, in a supporting browser, the user can type in the addresses in a language using other characters.

After some limited earlier testing, this type of internationalized domains finally started to be deployed in 2004. At first, they were just in a handful of TLDs, including specialty ones like .museum, and were limited to particular languages' characters. However, by early 2005, registrations were available in the major top level domains using a broad variety of characters.

Unfortunately, this quickly hit a snag, when it turned out that such unrestricted registrations can be used fraudulently to imitate other sites. Somebody demonstrated this with this link, which looks like it goes to paypal.com, but actually the "a" is a Cyrillic character "а" which looks just the same but has a different code position in the Unicode character set. If your browser supports IDNs, the link above will go to a fake site (in this case created by researchers and completely harmless, but it could have been created by con artists trying to steal your password) that looks, in the address bar, like it's the PayPal site.

As a result of this (an exploit that was actually warned about earlier, but ignored until now), browser makers are scrambling to deal with it. Mozilla originally announced they were disabling internationalized domain names altogether until they had a better fix, but later changed to displaying them in the address bar in their ASCII-encoded forms, which are ugly but not mistakeable for normal English-language addresses. Eventually they plan on implementing a more permanent solution, involving on-screen warnings of the type of characters in use in an address.

Ironically, Microsoft avoided this issue by not getting around to implementing IDNs in their browser yet, so for a change people could talk about security risks that only affected users of other browsers such as Mozilla.

ICANN has been doing some tests of international-character-based top level domains. (More coverage.)

Alternative Foreign-Language Domains

Some companies didn't wait for a standard for international domains to develop before attempting to deploy their own proprietary techniques to achieve a similar thing.

A company called I-DNS claims to be making available domain registration in foreign languages using character sets that aren't legal for traditional domain names. They do this by using servers that translate such "foreign domains" to ASCII character strings. I'm not sure what special software the user might have to have to use these; they're probably not as "universal" as normal domains. And the resulting translated domains, like L6FDP645L316L7DFL40D.L16CL3F8, seem to have top-level domains like .L16CL3F8 (an ASCII encoding of a Chinese string that presumably means something similar to .com), which don't actually exist in the "official" domain name system. This is still an experimental system which might catch on in countries where it's useful, but could fragment the domain name system if it does. There's already a heated political conflict, as the Chinese government wants monopoly rights to domains in the Chinese language worldwide. That's not really fair; they have control, properly, of the .cn country-code domain, but shouldn't have any specific control of any other domain, even if it's in Chinese, any more than England should have control of anything worldwide that's in the English language.

There are other, incompatible schemes in progress for internationalized domain names, some of which only work on particular browsers, and thus aren't really a full part of the Internet. There is a forum area on the ICANN site to discuss this topic. One scheme for internationalized domains used the now-defunct RealNames resolution system (the same one used for XTNS, discussed on the alternate roots page), which only worked for users of Microsoft Internet Explorer, leaving other browser users out of luck and also preventing use for such things as e-mail and FTP. More recently, Verisign got into some controversy by re-routing DNS requests for domains containing invalid characters to their own servers which inform the user of the need to download a plug-in program to use such domains.


Country Code Registries

Other Information, Discussions, Etc.


This page was first created 14 Mar 2001, and was last modified 21 Sep 2013.
Copyright © 2001-2013 by Daniel R. Tobias. All rights reserved.