Tech giant Google are launching the Sunrise period for its .APP new gTLD on 29th March. With the .APP nTLD, Google aim to create a secure destination for businesses to promote their applications by adding the HSTS (HTTP Strict Transport Security) security protocol for all domain names registered under it.
Google say that the Sunrise period for the .APP nTLD will commence from 29th March and go on for 5 weeks until 1st May. They also added that there will be an ‘Early Access’ period and a ‘General Availability’ period following the Sunrise period. The timelines given by them for the same are as follows:
Sunrise period: 29th March to 1st May for trademark holders to register .APP domains.
Early Access period: 1st May to 8th May for anyone to register available .APP domains for an extra fee.
General Availability period: 8th May onwards for anyone to register remaining .APP domains.
After rolling out HSTS for the .GOOGLE TLD, the tech giant claim that securing the .APP TLD was equally necessary. With .DEV, .FOO and other such TLDs in the pipeline, Google added that they will be providing security for the same with HSTS as well.
Explaining this, a spokesperson for Google said:
In 2015 we created the first secure TLD when we added .google to the HSTS preload list, and we are now rolling out HSTS for a larger number of our TLDs, starting with .foo and .dev.
According to Google, the HSTS preload list is inbuilt into all the major browsers such as Chrome, Firefox, Internet Explorer, Edge and Opera. Speaking about this in detail, the spokesperson added:
It consists of a list of hostnames for which browsers automatically enforce HTTPS-secured connections. For example, gmail.com is on the list, which means that the aforementioned browsers will never make insecure connections to Gmail; if the user types http://gmail.com, the browser first changes it to https://gmail.com before sending the request.
This provides greater security because the browser never loads an http-to-https redirect page, which could be intercepted.
Google claim that the use of TLD-level HSTS will allow domains to be secure and in turn bolster the registrations for such TLDs. Emphasizing this, the spokesperson said:
Registrants receive guaranteed protection for themselves and their users simply by choosing a secure TLD for their website and configuring an SSL certificate, without having to add individual domains or subdomains to the HSTS preload list.
Adding an entire TLD to the HSTS preload list is also more efficient, as it secures all domains under that TLD without the overhead of having to include all those domains individually.
In closing, Google said that they also plan to launch the .DEV gTLD in 2018 but the launch date is yet to be decided.