.app Domain Registration Policy

Registrars must provide notification to alert prospective registrants to the requirement of HTTPS on .app names in order for domains to work in web browsers. This notification must be clearly and conspicuously disclosed as part of the registration flow prior to purchase. It must be distinct and not embedded in other terms of service, nor require the registrant to follow a link to obtain the information.

The following information must be included as part of the notice to all registrants:

  • That .app is an encrypted by default namespace;
  • The requirement to configure HTTPS serving so that browsers can load .app websites; and
  • Resources about configuring HTTPS and obtaining an SSL certificate
  • Information may be linked as part of an external or internal website or window, and
  • Registrars may provide their own information about configuring HTTPS browsing or link to third party resources

Any registrant of a letter/letter two-character ASCII label represents that it will take steps to ensure against misrepresenting or falsely implying that the registrant or its business is affiliated with a government or country-code manager if such affiliation, sponsorship or endorsement does not exist.