SSL requirements
The HSTS preload list has added these namespaces to its list. Second-level domains under these TLDs will only load on modern browsers with a valid SSL certificate and the web server serving HTTPS.
Registration language requirements
Resellers must present the following information to registrants during the checkout process before registering one of these domains:
- that the domains are more secure because they are HSTS preloaded
- the requirement to configure HTTPS serving so that browsers can load the respective websites
- resources about configuring HTTPS and obtaining an SSL certificate
Resellers can provide this information as an external or internal website or window. The information should include details on configuring HTTPS for browsing or linking to a third-party resource such as Let's Encrypt.
Sample language
We've created a sample notice for resellers that meets all of the listed requirements:
.APP, .DAY, .DEV, .PAGE, .BOO and .RSVP domains are secure domains that require HTTPS for all websites of these TLD types. You can buy your .APP, .DAY, .DEV, .PAGE, .BOO and .RSVP domain name now, but for it to work correctly in any browser, you must first configure HTTPS serving. For more information about setting up HTTPS, including resources to obtain an SSL certificate, please visit [link to reseller page on SSL, or Let's Encrypt].
[Follow by reseller option to add an SSL certificate to cart.]
SSL options
OpenSRS offers a variety of SSL certificates to provide to your clients to complement the purchase of a .APP, .DAY, .DEV, .PAGE, .BOO and .RSVP domain. We also offer SSL Lite certificates for domains meeting the requirements.
Back to top
0 Comments