PDF version

Acceptable Use Policy

This document outlines the Acceptable Use Policy for our domain query and domain management tools.

WHOIS Acceptable Use Policy

This is the acceptable use policy for the WHOIS.  

The acceptable use requirements are:

  • The maximum query rate is 5 queries per second with a maximum of 1,000 queries per rolling 24 hours.
  • If you exceed the query limits a block will be imposed. For further details regarding blocks please see the detailed instructions for use page.
  • These limits are not per IP address, they are per user.

The website WHOIS is intended for manual queries only. Any automated queries to the website WHOIS will be subject to a block.

This policy includes our standard anti-avoidance clause.

 

WHOIS2 Acceptable Use Policy

The acceptable use requirements are (for WHOIS2 gateways):

The maximum query rate is 100 queries per second with a maximum of 100,000 queries per rolling 24 hours.

For the clients accessing the gateway service the limits are given in the WHOIS acceptable use policy.

Lookup information is aggregated from all gateways and the WHOIS in order to calculate usage for clients.

This policy includes our standard anti-avoidance clause.

 

DAC

Real time DAC Acceptable Use Policy

  • The real time DAC is limited to four simultaneous connections per member, or group of related members. All the limits presented here are aggregated by subscriber.
  • Queries can be sent to the real time DAC without waiting for the previous query to return. The real time DAC will just queue the queries.
  • The maximum query rate is 1,000 queries per rolling 60 seconds recalculated every 5 seconds and a maximum of 432,000 per rolling 24 hours, recalculated every five minutes.
  • If you exceed the query limits a block will be imposed. For further details regarding 'Blocks' please see the Instructions for Use page.

This policy includes our standard anti-avoidance clause.

 

Time delay DAC Acceptable Use Policy

  • The time delay DAC is limited to four simultaneous connections per member, or group of related members. All the limits presented here are aggregated by subscriber.
  • Queries can be sent to the time delay DAC without waiting for the previous query to return.  The time delay DAC will just queue the queries.
  • The daily limit is set at 5x the number of domain names on tag PLUS 200x the highest monthly new registrations figure from the previous 12 months and is capped at 3 million daily queries. This figure is recalculated at midnight on the first day of the month.
  • The daily limit is applied on a rolling 24 hour basis, recalculated every 5 minutes
  • The maximum query rate is 1,000 queries per rolling 60 seconds recalculated every 5 seconds. If your daily limit is greater than 480,000 then your query rate is increased to 3x daily limit /1440
  • If you exceed the query limits a block will be imposed. For further details regarding 'Blocks' please see the Instructions for Use page.

This policy includes our standard anti-avoidance clause.

 

Web Domain Manager Acceptable Use Policy

This is the acceptable use policy for our Web Domain Manager service. As with our acceptable use policies generally, our linking principles apply.

Introduction

We have experienced a number of problems in the past that have required us to prevent or limit certain functionality of our registrar systems.  Our Web Domain Manager has the same controls in place.

Many of the limits given here are combined with certain limits on EPP.  Exceeding limits on one system will trigger a block on both systems.

General use of our Web Domain Manager service

There are generally no specific limits set on the level of use of Web Domain Manager commands, other than the specific limits on the use of the create and delete commands set out below.

Notwithstanding the above, it is not acceptable to use the Web Domain Manager service, or knowingly or recklessly permit others to use the Web Domain Manager service:

  1. so as to interfere with the use of the Web Domain Manager by other customers or authorised users;
  2. in a manner which does, or is designed to, harass or cause a denial-of-service to any other user of the Web Domain Manager service; or
  3. in a manner which causes or is likely to cause an interruption or degradation of, interference with, or disproportionate burden on the operations of the Web Domain Manager service, regardless of whether such interruption, degradation, interference or burden is the result of the registrar’s actions or those of a third party over which the registrar has no control.

If, in Nominet’s reasonable opinion, a registrar is using the Web Domain Manager service in such an unacceptable manner Nominet will take such steps as it deems appropriate to stop the unacceptable use including, but not limited to, suspending, restricting or terminating the registrar’s access to or use of some or all of Nominet’s registrar systems.

Use of create commands on already registered names

The combined use of the following commands and operations must not exceed 1,000 in any rolling 24 hour period:

  • EPP create commands on domains that already exist
  • EPP check commands on domains registered to other tags
  • Web Domain Manager create operations on domains that already exist

These limits are set per registrar and our other linking principles apply and are hereby incorporated into this Acceptable Use Policy.  If exceeded, all tags for that registrar will be blocked from making new registrations and from using the check command for 24 hours.

Modifications and queries will still be permitted.  If the requests do not cease as a result then we may block all access for that registrar.  The block will be automatically lifted upon expiry of the 24-hour period.

Use of the delete and investigation lock operations

The instructions for use of the delete and investigation lock operations clearly state their intended use.  Any other use of these commands is misuse and may lead to blocking and/or having the commands selectively blocked, disabled or withdrawn.

In order to protect our systems we impose a limit on the sum total of delete and investigation lock operations on new registrations.  The delete and investigation lock operations are limited to 5 or 5% of uninvoiced registrations, whichever is higher, within the following effective period:

  • From the 1st of the month to the 7th of the month, the limits are calculated back to the beginning of the previous month.
  • From the 8th of the month to the end of the month, the limits are calculated back to the beginning of the same month.  (This means domain names deleted or locked between the 1st and 7th are counted in two consecutive months)

If this limit is exceeded, the delete and investigation lock operations are automatically disabled for new registrations on that tag.  These operations will remain disabled until:

  • the registrar has registered enough domain names to permit further operations under the 5% limit or
  • midnight on the 7th of the following month when the limit is automatically reset.

If you need to delete or lock more domain names than the limit allows, then please contact us at hostmaster@nominet.org.uk.

Other prohibited uses

Other prohibited uses of the Web Domain Manager include, but are not limited to:

  • unlawful use (i.e. in breach of statute, contractual obligations, duty of care etc)
  • fraudulent use
  • defamatory use
  • damage or disruption to Nominet's systems
  • infringement of Nominet's intellectual property

Any action taken which is likely to endanger any part of the domain name system, our systems or our internet connections, or any failure to comply with this Acceptable Use Policy will result in a block and possible suspension of the Registrar from use of the Web Domain Manager service.

 

Linking principles

Many of the limits given here are combined with certain limits on the EPP.  Exceeding these limits will trigger a block across the EPP and the Web Domain Manager.

We also may link tags together when calculating the above limits.  This policy is covered by our standard anti-avoidance clause which is hereby incorporated into this Acceptable Use Policy.

Further escalation

Tags that necessitate persistent blocking will be contacted and dealt with under the Registrar Agreement and Good Practice Terms.

EPP Acceptable Use Policy

This is the acceptable use policy for our EPP service. As with our acceptable use policies generally, our linking principles apply.

Introduction

We have experienced a number of problems in the past that have required us to prevent or limit certain functionality of our registrar systems.  Our EPP system has the same controls in place.

Many of the limits given here are combined with certain limits on the Web Domain Manager.  Exceeding limits on one system will trigger a block on both systems.

General use of our EPP service

There are generally no specific limits set on the level of use of EPP commands, other than the specific limits on the use of the create, check and delete commands set out below.

Notwithstanding the above, it is not acceptable to use the EPP service, or knowingly or recklessly permit others to use the EPP service:

  1. so as to interfere with the use of the EPP by other customers or authorised users;
  2. in a manner which does, or is designed to, harass or cause a denial-of-service to any other user of the EPP service; or
  3. in a manner which causes or is likely to cause an interruption or degradation of, interference with, or disproportionate burden on the operations of the EPP service, regardless of whether such interruption, degradation, interference or burden is the result of the registrar’s actions or those of a third party over which the registrar has no control.

If, in Nominet’s reasonable opinion, a registrar is using the EPP service in such an unacceptable manner Nominet will take such steps as it deems appropriate to stop the unacceptable use including, but not limited to, suspending, restricting or terminating the registrar’s access to or use of some or all of Nominet’s registrar systems.

Use of create command on already registered names

The acceptable limits are set per registrar, per rolling 24 hours and apply to the create command attempted on names that already exist. In addition these are aggregated with the Web Domain Manager create operations on domain names registered on other tags.

The limit is: 

•    The combined number of EPP create commands on names that already exist and Web Domain Manager create operations attempted on names that already exist must not exceed 1,000 in any 24 hour period.

If exceeded, all tags for that registrar will be blocked from making any new registrations for 24 hours, but the domain check operation, modifications and queries (for domains on their tag) will be permitted.  The registrar will be notified of the block in the EPP create response.

If the requests do not cease as a result then we may block all access for that registrar. The block will be automatically lifted upon expiry of the 24-hour period

 

Use of check command

In order to protect our systems, we impose a limit on the number of check commands in a 24 hour period. The check command is limited to 5000 requests and is measured from midnight to midnight. If the limit is exceeded, the check command is automatically disabled and will remain so until the following midnight.

Use of the delete and investigation lock operations

The instructions for use of the delete and investigation lock operations clearly state their intended use.  Any other use of these commands is misuse and may lead to blocking and/or having the commands selectively blocked, disabled or withdrawn.

In order to protect our systems we impose a limit on the sum total of delete and investigation lock operations on new registrations.  The delete and investigation lock operations are limited to 5 or 5% of uninvoiced registrations, whichever is higher, within the following effective period:

  • From the 1st of the month to the 7th of the month, the limits are calculated back to the beginning of the previous month.
  • From the 8th of the month to the end of the month, the limits are calculated back to the beginning of the same month.  (This means domain names deleted or locked between the 1st and 7th are counted in two consecutive months)

If this limit is exceeded, the delete and investigation lock operations are automatically disabled for new registrations on that tag.  These operations will remain disabled until:

  • the registrar has registered enough domain names to permit further operations under the 5% limit or
  • midnight on the 7th of the following month when the limit is automatically reset.

If you need to delete or lock more domain names than the limit allows, then please contact us at hostmaster@nominet.org.uk.

Linked tags

This policy is covered by our standard anti-avoidance clause, which may mean that we link tags together when calculating the above limits.

Simultaneous connections

Each tag is limited to six simultaneous connections to the EPP service.  The IP addresses used by each tag must be set in advance through our online service.  If more than six connections are opened, then the oldest connection will be forcibly closed.

 

Anti-avoidance and Connected Persons

Introduction

One way in which the Acceptable Use Policy Principles can be compromised is if we believe users are separate, when in fact they are acting together (and, for example, pooling their limits).

Each of the acceptable use policies for individual services includes the terms below which deal with 'connected persons' or 'related persons', so that action can be taken in these cases. This will usually be to record the tags, subscriptions etc. as being linked, and therefore subject to a lower overall limit than would have been applied to a similar number of non-connected persons. This linking will usually apply to all services, not just the service that brought the links to our attention, and may be published in the future.

For links to our Acceptable Use Policies, see the contracts index page, which lists the relevant documents.

Connected Persons

A person is 'connected' to another person if:

  1. they are the same person, have the same Nominet account, or have connected memberships under the voting rights policy;
  2. they make any declaration that they are connected or when challenged by us they fail to make a declaration in the reasonably required legal form that they are not connected;
  3. they have social, family, ownership or business links (directly or indirectly) which mean that they either:
    1. do not appear to operate truly independently of one another, or
    2. it could reasonably be assumed that they will not operate truly independently of one another; or
  4. the object or effect of their activities is such that we reasonably think that not linking them would compromise one or more of the AUP Principles.

For the purposes of (2) we may decide that two parties are not connected even if one declares that they are, if the other disputes this and our investigations support the denial (so, for example, you cannot just declare that you are linked to another person and then use all their limit up to disrupt their business).

For the purposes of (3) there is a strong presumption that:

  • group companies (or other businesses) are connected to other businesses in the group;
  • a company and its employees/officers/partners are connected to one another;
  • members of the same family group are connect to each other (including in-laws, co-habitees, civil partners, adopted children and others who may not have a relationship by blood but who are part of the family group); and
  • a business owned, run or ultimately controlled by one member of a family is connected to a business owned, run or ultimately controlled by another member of the same family.

The final decision rests with us. When deciding whether to link people under (2) to (4) above, we will take into account the AUP principles.