Internet Domain Name Management Rules

Posted on August 24, 2017 Updated on October 16, 2020

Ministry of Industry and Information Technology Decree

No .43

The “Internet Domain Name Management Rules” were deliberated and passed at the 32nd Ministerial meeting of the Ministry of Industry and Information Technology on 16 August 2017, are hereby promulgated, and take effect on 1 November 2017. The “Internet Domain Name Management Rules” (then-Ministry of Information Industry Decree No. 30) promulgated by the then-Ministry of Information Industry on 5 November 2004 are abolished at the same time.

Minister Miao Wei

24 August 2017

Internet Domain Name Management Rules

Chapter I: General Provisions

Article 1: These Rules are formulated in order to standardize domain name services, protect users’ lawful rights and interests, ensure the secure and reliable operation of the Internet domain name system, promote the development and application of Mandarin-language domain names and national top-level domain name domain names, and stimulate the healthy development of the Chinese Internet, on the basis of regulations such as the “Administrative Licencing Law of the People’s Republic of China”, the “State Council Decision on Determining Administrative Licences and Administrative Examination and Approval Programmes that Need to Be Maintained”, etc., and with reference to international Internet domain name management norms. 

Article 2: These Rules shall be followed when engaging in Internet domain name services and their related activities such as operational maintenance, supervision and management within the territory of the People’s Republic of China

Internet domain name services as mentioned in these Rules (hereafter simply named domain name services) refers to engaging in activities such as domain name root server operation and maintenance, top-level domain name operation and management, domain name registration, domain name resolution, etc.

Article 3: The Ministry of Industry and Information Technology implements supervision and management over domain name services nationwide, its main duties and responsibilities are:

(1) Formulating Internet domain name management rules and policies;

(2) Formulating development plans for the Internet domain name system and domain name resources;

(3) Managing domestic domain name root server operating bodies and domain name registration management bodies;

(4) Being responsible for the network and information security management of domain name systems;

(5) Protecting users’ personal information and lawful rights and interests according to the law;

(6) Being responsible for domain name-related international coordination;

(7) Managing domestic domain name resolution services;

(8) Managing other domain name service-related activities.

Article 4: All provincial, autonomous region and municipal telecommunications management bureaus implement supervision and management over domain name services within their administrative areas, their main duties and responsibilities are:

(1) Implementing and enforcing domain name management laws, administrative regulations, rules and policies;

(2) Managing domain name registration service bodies within their administrative areas;

(3) Assisting the Ministry of Industry and Information Technology in conducting management of domain name root server operating bodies and domain name registration management bodies within their administrative areas;

(4) Being responsible for the network and information security of domain name systems within their administrative areas;

(5) Protecting users’ personal information and lawful rights and interests according to the law;

(6) Managing domain name resolution services within their administrative areas;

(7) Managing other domain name service-related activities within their administrative areas.

Article 5: The Chinese Internet domain name system is announced by the Ministry of Industry and Information Industry. On the basis of the actual circumstances of domain name development, the Ministry of Industry and Information Technology may adjust the Chinese Internet domain name system.

Article 6: “.cn” and “.中国” are China’s national top-level domain names.

Mandarin-language domain names are an important component part of the Chinese Internet domain name system. The State encourages and supports technological research and broad application of Mandarin-language domain names.

Article 7: Those providing domain name services, shall abide by relevant State laws and regulation, and conform with relevant technological norms and standards.

Article 8: No organization or individual may impede the secure and stable operation of the Internet domain name system.

Chapter II: Domain name management

Article 9: Those establishing domain name root servers and domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies within the borders, shall obtain corresponding licenses on the basis of these Rules from the Ministry of Industry and Information Technology or provincial, autonomous region and municipal telecommunications management bureau (hereafter generally designated as telecommunication management bodies).

Article 10: Those applying to establish domain name root servers and domain name root server operating bodies, shall meet the following conditions:

(1) Setting up the domain name root server within the borders, and conforming to Internet development-related plans and secure and stable operating requirements for the domain name system;

(2) Being a lawfully established legal person, the said legal person and their main investors and main business management personnel have a good credit record;

(3) Having premises, funding, environments, specialist personnel and technical capabilities to ensure the secure and reliable operation of the domain name root server, as well as information management systems conform to telecommunications management bodies’ requirements;

(4) Having complete network and information security protection measures, including management personnel, network and information security management systems, emergency response plans and related technical and management measures, etc.;

(5) Having the capacity to protect users’ personal information, the capacity to provide long-term services and complete service withdrawal mechanisms;

(6) Other conditions provided in laws or administrative regulations.

Article 11: Those applying to establish a domain name registration management body shall meet the following conditions:

(1) Establishing the domain name management system inside the borders, and holding top-level domain names in conformity with related laws and regulations as well as requirements for the secure and stable operation of domain name systems;

(2) Being a lawfully established legal person, the said legal person and their main investors and main business management personnel have a good credit record; 

(3) Having a perfected business development plan and technical plan, as well as the premises, funding and specialist personnel corresponding to engaging in top-level domain name operations and management, as well as information management systems conform to telecommunications management bodies’ requirements;

(4) Having complete network and information security protection measures, including management personnel, network and information security management systems, emergency response plans and related technical and management measures, etc.;

(5) Having the capacity to conduct real identity information verification and protect users’ personal information , the capacity to provide long-term services and complete services withdrawal mechanisms;

(6) Having complete domain name registration service management structures and supervision mechanisms over domain name registration service bodies;

(7) Other conditions as provided in laws and administrative regulations.

Article 12: Those applying to establish a domain name registration service body shall meet the following conditions:

(1) Establishing the domain name registration service system, registration database and corresponding domain name resolution systems within the borders;

(2) Being a lawfully established legal person, the said legal person and their main investors and main business management personnel have a good credit record; 

(3) Having the premises, funding and specialist personnel corresponding to engaging in domain name registration, as well as information management systems conform to telecommunications management bodies’ requirements;

(4)  Having the capacity to conduct real identity information verification and protect users’ personal information , the capacity to provide long-term services and complete services withdrawal mechanisms;

(5) Having complete domain name registration service management structures and supervision mechanisms over domain name registration agents;

(6) Having complete network and information security protection measures, including management personnel, network and information security management systems, emergency response plans and related technical and management measures, etc.;

(7) Other conditions provided in laws and administrative regulations.

Article 13: Those applying to establish a domain name root server or root server operating body, or a domain name registration management body, shall submit application materials to the Ministry of Industry and Information Technology. Those applying to establish a domain name registration service body, shall submit application materials to the local provincial, autonomous region and municipal telecommunications management bureau.

The application materials shall include:

(1) The applicant work unit’s basic situation as well as a commitment letter signed by its legal representative to do business sincerely and according to the law;

(2) Materials proving the implementation of effective management of domain name services, including materials proving relevant systems, premises and service capabilities, management rules, agreements signed with other bodies, etc.;

(3) Network and information security protection structures and measures;

(4) Materials proving the applicant work unit’s reputation.

Article 14: Where application materials are complete and conform to statutory forms, telecommunication management bodies shall issue an application acceptance notification letter to the applicant work unit; where application materials are not complete or do not conform to statutory forms, telecommunication management bodies shall notify the applicant work unit on the spot or once in writing within five working days about the complete content they need to supplement; where it is not accepted, they shall issue a non-acceptance notification letter and explain the reasons. 

Article 15 Telecommunication management bodies shall complete inspection within twenty working days from the date of acceptance, and make a decision on granting a licence or not granting a licence. Where a decision cannot be made within twenty working days, with the approval of the responsible person of the telecommunication management body, an extension of ten working days is permitted, and the applicant work unit will be notified about the reasons for the extended time limit. Where it is necessary to organize expert appraisal, the appraisal time is not counted into the inspection period.

Where a licence is granted, corresponding licence documents shall be issued; where a licence is not granted, the applicant work unit shall be notified in writing and the reasons explained.

Article 16: Licences of domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies are valid for a period of five years.

Article 17: Where a change occurs in the name, address, legal representative or other such information of domain name root server operating bodies, domain name registration management bodies or domain name registration service bodies, they shall conduct modification formalities within twenty working days from the day the change occurs with the original licence-issuing body.

Article 18: Where, within a licence’s period of validity, a domain name root server operating body, domain name registration management body, or domain name registration service body plans to terminate corresponding services, they shall notify users in writing thirty days in advance, put forward feasible plans to deal with the aftermath, and submit a written application to the original licence-issuing body.

After the original licence-issuing body receives the application, it shall publish it to society for thirty days. The publication period concludes within sixty days, and the original licence-issuing body shall complete inspection and make a decision. 

Article 19: Where it is required to continue engaging in domain name services when a licence’s period of validity expires, an extension shall be applied for with the original licence-issuing body ninety days in advance; where it is not required to continue engaging in domain name services, the original licence-issuing body shall be notified ninety days in advance, and aftermath work conducted.

Article 20: Where a domain name registration service body entrusts a domain name registration agency body to conduct market sales and other such work, it shall conduct supervision and management of the domain name registration agency body’s work.

Domain name registration agency body entrusted with conducting market sales and other such work shall, in that process, actively indicate the agency relationship, and explicitly clarify the domain name registration service body’s name and agency relationship in the domain name registration service contract.

Article 21: Domain name registration management bodies and domain name registration service bodies shall establish corresponding emergency response back-up systems within the borders and regularly back up domain name registration data.

Article 22: Domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies shall indicate information related to their licence in a clear location on the front page of their website and their business premises. Domain name registration management bodies shall also show a list of domain name registration service bodies with which they cooperate.

Domain name registration agency bodies shall indicate the name of the domain name registration service body for which they are agents in a clear location on the front page of their website and their business premises. 

Chapter III: Domain name services

Article 23: Domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies shall provide secure, convenient and stable services to users.

Article 24: Domain name registration management bodies shall, on the basis of these Rules, formulate domain name registration implementation rules and publish them to society.

Article 25: Domain name registration management bodies shall, conduct domain name registration services through domain name registration service bodies licenced by telecommunication management bodies.

Domain name registration service bodies shall provide services according to the domain name registration service items licenced by telecommunication management bodies, they may not provide domain name registration services for domain name registration management bodies who do not have a telecommunication management body licence.

Article 26: “First application, first registration” is implemented for domain name registration services in principle, where related domain name registration implementation rules provide otherwise, those provisions are followed.

Article 27: In order to uphold the national interest and the social public interest, domain name registration management bodies shall establish reserved domain name registration word systems.

Article 28: Domain names registered and used by any organization or individual may not contain the following content:

(1) Content violating the basic principles determined in the Constitution;

(2) Content harming national security, divulging State secrets, subverting the national regime, or destroying national unity;

(3) Content harming the country’s honour and interest;

(4) Content inciting ethnic hatred or ethnic discrimination, or destroying ethnic unity;

(5) Content destroying State religious policies, propagating heresy and feudal superstition;

(6) Content disseminating rumours, upsetting social order, or destroying social stability;

(7) Content disseminating obscenity, sex, gambling, violence, homicide or terror, or inciting crime;

(8) Content insulting or slandering other persons, or harming other persons’ lawful rights and interests.

(9) Other content prohibited by laws and administrative regulations.

Domain name registration management bodies and domain name registration service bodies may not provide services to domain names containing content listed in the previous Paragraph.

Article 29: Domain name registration service bodies may not use fraudulent, coercive or other such improper means to require other persons to register domain names. 

Article 30: Domain name registration service bodies providing domain name registration services shall require domain name registration applicants to provide domain name holders’ real, accurate and complete identity information and other such domain name registration information.

Domain name registration management bodies and domain name registration service bodies shall check the veracity and completeness of domain name registration information.

Where domain name registration applicants provide inaccurate or incomplete domain name registration information, domain name registration service bodies shall require correction. Where applicants do not correct the matter or provide untrue domain name registration information, domain name registration service bodies may not provide domain name registration services to them.

Article 31: Domain name registration service bodies shall publish domain name registration service content, time limits and fees, to ensure service quality, and provide public inquiry services of domain name registration information.

Article 32: Domain name registration management bodies and domain name registration service bodies shall store and protect users’ personal information according to the law. Without user agreement, users’ personal information may not be provided to other persons, except where laws and regulations provide otherwise.

Article 33: Where a change occurs in domain name holders’ contact method and other such information, they shall conduct domain name registration information modification formalities within thirty days after the change with the domain name registration service body.

Where domain name holders transfer domain names to other persons, the assignee shall abide by domain name registration-related requirements. 

Article 34: Domain name holders have the right to choose or change domain name registration service bodies. Where a domain name registration service body is changed, the original domain name registration service body shall cooperate with the domain name holder to transfer their domain name registration-related information. 

Without proper reason, domain name registration service bodies may not impede domain name holders’ changing domain name registration service bodies.

Article 35: Domain name registration management bodies and domain name registration service bodies shall establish complaints acceptance mechanisms, and publish complaints acceptance methods in a clear location on the front page of their website and their business premises.

Domain name registration management bodies and domain name registration service bodies shall handle complaints timely; where they cannot be handled timely, the reasons and handling period shall be explained.

Article 36: In the provision of domain name resolution services, relevant laws, regulations and standards shall be observed, corresponding technical, service and network and information protection capabilities possessed, network and information security protection measures implemented, daily domain name resolution records recorded and preserved according to the law, daily records and modification records maintained, and resolution service quality and resolution system security guaranteed. Where it involved commercial telecommunications business, a telecommunications business licence shall be obtained according to the law.

Article 37: In the provision of domain name resolution services, it is prohibited to alter resolution information without authorization. 

No organization or individual may maliciously direct domain name resolution towards other persons’ IP addresses.

Article 38: In the provision of domain name resolution services, it is prohibited to provide domain name aliasing for domain name with content listed in Article 28 Paragraph I of these Rules.

Article 39: Of those engaging in Internet information services, the domain names they use shall conform to laws, regulations and the relevant requirements of telecommunication management bodies, and may not use domain names to conduct unlawful acts.

Article 40: Domain name registration management bodies and domain name registration service bodies shall cooperate with relevant State departments conducting inspection work according to the law, and adopt measures such as cessation of resolution, etc. against domain names where unlawful acts occur according to telecommunication management bodies’ requirements.

Where domain name registration management bodies and domain name registration service bodies discover the domain names to which they provide services publish or transmit information of which the publication or transmission is prohibited by laws and administrative regulations, they shall immediately adopt measures in response, such as deletion, cessation of resolution, etc., prevent the spread of the information, preserve relevant records, and notify the matter to relevant departments.

Article 41: Domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies shall abide by relevant State laws, regulations and standards, implement network and information security protection measures, deploy the necessary network and telecommunications emergency response equipment, establish and complete technical network and information security monitoring  methods and emergency response structures. When a network or information incident occurs on a domain name system, it shall be reported to the telecommunication management body within 24 hours.

When required for national security and to deal with emergencies or incidents, domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies shall submit to the uniform commands and coordination of telecommunication management bodies, and abide by telecommunication management bodies’ management requirements. 

Article 42: Where any organization or individual believes that a domain name registered or used by another person harms their lawful rights and interests, they may apply for mediation with a domain name dispute settlement body or file a lawsuit with a People’s Court according to the law.

Article 43: Where one of the following circumstances is present with a registered domain name, the domain name registration service body shall cancel it, and notify the domain name holder:

(1) The domain name holder applies for domain name cancellation;

(2) Domain name holders submitted false domain name registration information;

(3) It shall be closed on the basis of a People’s Court judgment, or a domain name dispute settlement body verdict;

(4) Other circumstances where laws and administrative regulations provide for cancellation. 

Chapter IV: Supervision and inspection

Article 44: Telecommunication management bodies shall strengthen supervision and inspection of domain name services. Domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies shall accept and cooperate with supervision and inspection by telecommunication management bodies.

Domain name service sectoral self-discipline and management is encouraged, public supervision of domain name services is encouraged.

Article 45: Domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies shall, according to telecommunication management bodies’ requirements, regularly report business development situations, operations security situations, network and information security responsibility situation, the complaints and dispute handling situation and other such information.

Article 47: When telecommunication management bodies carry out supervision and inspection, they shall examine the materials submitted by domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies, and inspect the situation of their executing laws, regulations and relevant provisions of telecommunication management bodies.

Telecommunication management bodies may entrust specialized third-party bodies to conduct relevant supervision and inspection activities.

Article 47: Telecommunication management bodies shall establish credit-recording structures for domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies, and enter their violations of these Rules and the administrative punishment they receive into the credit file.

Article 48: Telecommunication management bodies conducting supervision and inspection may not impede the regular commercial and service activities of domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies, they may not accept any fees, and may not leak the domain name registration information they learn.

Chapter V: Punitive provisions

Article 49: Where, in violation of the provisions of Article 9 of these Rules, a domain name root server or domain name root server operating body, domain name registration management body or domain name registration service body is established without a licence or authorization, telecommunication management bodies shall, on the basis of the provisions of Article 81 of the “Administrative Licensing Law of the People’s Republic of China”, adopt measures to stop the matter, and in view of the gravity of circumstances, issue a warning or a fine of more than 10.000 Yuan but less than 30.000 Yuan.

Article 50: Where, in violation of the provisions of these Rules, a domain name registration management body or domain name registration service body commits one of the following acts, the telecommunication management body will order correction within a limited time on the basis of their duties and powers, and in view of the gravity of circumstances, impose a fine of 10.000 Yuan or more but less than 30.000 Yuan, and publish the matter to society:

(1) Providing domain name registration services to unlicensed domain name registration management bodies, or conducting domain name registration services through unlicensed domain name registration service bodies;

(2) Not providing services according to the licenced domain name registration service items;

(3) Not checking the veracity and completeness of domain name registration information;

(4) Obstructing domain name holders to change domain name registration service bodies without proper reason.

Article 51: Where, in violation of the provisions of these Regulations, domain name resolution services are provided and one of the following acts committed, the telecommunication management body will order correction within a limited time, and may, in view of the gravity of circumstances, impose a fine of 10.000 Yuan or more but less than 30.000 Yuan, and publish the matter to society;

(1) Altering domain name resolution information without authorization or maliciously directing domain name resolution towards other persons. IP addresses;

(2) Providing domain name aliasing for domain name with content listed in Article 28 Paragraph I of these Rules;

(3) Not implementing network and information security protection measures;

(4) Not recording and preserving daily domain name resolution records according to the law, maintaining daily records and modification records;

(5) Not dealing with domain names where unlawful activities according to requirements.

Article 52: Where the provisions of Article 17, Article 18 Paragraph I, Article 21, Article 22, Article 28 Paragraph II, Article 29, Article 31, Article 32, Article 35 Paragraph I, Article 40 Paragraph II or Article 41 of these Rules are violated, the telecommunication management body will order correction within a limited time on the basis of their duties and powers, may additionally impose a fine of 10.000 Yuan or more but less than 30.000 Yuan, and publish the matter to society.

Article 53: Where laws or administrative regulations provide otherwise on relevant unlawful conduct, the provisions of those laws and administrative regulations are implemented. 

Article 54: Where any organization or individual registers or uses domain names in violation of the provisions of Article 28 Paragraph I of these Rules, constituting a crime, criminal liability will be prosecuted according to the law; where the matter does not constitute a crime, relevant departments will punish the matter according to the law.

Chapter VI: Supplementary provisions

Article 55: The meaning of the following terms in these Rules is:

(1) Domain name: refers to a hierarchically structured character indication to identify and locate a computer on the Internet, corresponding with that computer’s IP address.

(2) Mandarin-language domain name: refers to a domain name using Mandarin characters.

(3) Top-level domain name: refers to the first-level name of the root node in the domain name system.

(4) Domain name server: refers to servers with domain name system root node functioning (including mirror servers).

(5) Domain name root server operating body: refers to a body that lawfully obtained a licence and undertakes domain name root server operations, maintenance and management work.

(6) Domain name registration management body: refers to a body that lawfully obtained a licence and undertakes top-level domain name operations and management work. 

(7) Domain name registration service body: refers to a body that lawfully obtained a licence, accepts domain name registration applications and completes the registration of a domain name in the top-level domain name database.

(8) Domain name registration agency body: refers to a body that is entrusted by domain name registration service bodies to accept domain name registration applications, and indirectly complete domain name registration in the top-level domain name database.

(9) Domain name management system: refers to the main information system required by domain name registration management bodies to conduct top-level domain name operations and management work within the borders, and includes registration management systems, registration databases, domain name resolution systems, domain name information inquiry systems, identity information inspection systems, etc.

(10) Domain name aliasing: refers to the transfer of a visit of one domain name to another domain name and IP address or online information service connected with or directed by that domain name.

Article 56: The time periods provided in these Rules, except where working days are determined, are all natural days.

Article 57: Those conducting domain name services without obtaining corresponding licences before these Rules took effect, shall conduct licensing formalities according to the provisions of these Rules within 12 months from the date these Regulations take effect.

For domain name root server operating bodies, domain name registration management bodies and domain name registration service bodies that already obtained a licence before these Rules took effect, the provisions of Article 16 of these Rules shall apply to the period of validity of their licence, the period of validity will be computed form the day these Rules take effect.

Article 58: These Rules take effect on 1 November 2017. The “Chinese Internet Domain Name Management Rules (then-Ministry of Information Industry Decree No. 30) promulgated on 5 November 2004 are abolished at the same time. Where inconsistencies exist between these Rules and relevant provisions promulgated before these Regulations took effect, these Rules shall be implemented.

中华人民共和国工业和信息化部令

第　43　号

《互联网域名管理办法》已经2017年8月16日工业和信息化部第32次部务会议审议通过，现予公布，自2017年11月1日起施行。原信息产业部2004年11月5日公布的《中国互联网络域名管理办法》（原信息产业部令第30号）同时废止。
部　长　　苗　圩
2017年8月24日

互联网域名管理办法

第一章　总　　则

第一条　为了规范互联网域名服务，保护用户合法权益，保障互联网域名系统安全、可靠运行，推动中文域名和国家顶级域名发展和应用，促进中国互联网健康发展，根据《中华人民共和国行政许可法》、《国务院对确需保留的行政审批项目设定行政许可的决定》等规定，参照国际上互联网域名管理准则，制定本办法。
第二条　在中华人民共和国境内从事互联网域名服务及其运行维护、监督管理等相关活动，应当遵守本办法。
本办法所称互联网域名服务（以下简称域名服务），是指从事域名根服务器运行和管理、顶级域名运行和管理、域名注册、域名解析等活动。
第三条　工业和信息化部对全国的域名服务实施监督管理，主要职责是：
（一）制定互联网域名管理规章及政策；
（二）制定中国互联网域名体系、域名资源发展规划；
（三）管理境内的域名根服务器运行机构和域名注册管理机构；
（四）负责域名体系的网络与信息安全管理；
（五）依法保护用户个人信息和合法权益；
（六）负责与域名有关的国际协调；
（七）管理境内的域名解析服务；
（八）管理其他与域名服务相关的活动。
第四条　各省、自治区、直辖市通信管理局对本行政区域内的域名服务实施监督管理，主要职责是：
（一）贯彻执行域名管理法律、行政法规、规章和政策；
（二）管理本行政区域内的域名注册服务机构；
（三）协助工业和信息化部对本行政区域内的域名根服务器运行机构和域名注册管理机构进行管理；
（四）负责本行政区域内域名系统的网络与信息安全管理；
（五）依法保护用户个人信息和合法权益；
（六）管理本行政区域内的域名解析服务；
（七）管理本行政区域内其他与域名服务相关的活动。
第五条　中国互联网域名体系由工业和信息化部予以公告。根据域名发展的实际情况，工业和信息化部可以对中国互联网域名体系进行调整。
第六条　“.CN”和“.中国”是中国的国家顶级域名。
中文域名是中国互联网域名体系的重要组成部分。国家鼓励和支持中文域名系统的技术研究和推广应用。
第七条　提供域名服务，应当遵守国家相关法律法规，符合相关技术规范和标准。
第八条　任何组织和个人不得妨碍互联网域名系统的安全和稳定运行。

第二章　域名管理

第九条　在境内设立域名根服务器及域名根服务器运行机构、域名注册管理机构和域名注册服务机构的，应当依据本办法取得工业和信息化部或者省、自治区、直辖市通信管理局（以下统称电信管理机构）的相应许可。
第十条　申请设立域名根服务器及域名根服务器运行机构的，应当具备以下条件：
（一）域名根服务器设置在境内，并且符合互联网发展相关规划及域名系统安全稳定运行要求；
（二）是依法设立的法人，该法人及其主要出资者、主要经营管理人员具有良好的信用记录；
（三）具有保障域名根服务器安全可靠运行的场地、资金、环境、专业人员和技术能力以及符合电信管理机构要求的信息管理系统；
（四）具有健全的网络与信息安全保障措施，包括管理人员、网络与信息安全管理制度、应急处置预案和相关技术、管理措施等；
（五）具有用户个人信息保护能力、提供长期服务的能力及健全的服务退出机制；
（六）法律、行政法规规定的其他条件。
第十一条　申请设立域名注册管理机构的，应当具备以下条件：
（一）域名管理系统设置在境内，并且持有的顶级域名符合相关法律法规及域名系统安全稳定运行要求；
（二）是依法设立的法人，该法人及其主要出资者、主要经营管理人员具有良好的信用记录；
（三）具有完善的业务发展计划和技术方案以及与从事顶级域名运行管理相适应的场地、资金、专业人员以及符合电信管理机构要求的信息管理系统；
（四）具有健全的网络与信息安全保障措施，包括管理人员、网络与信息安全管理制度、应急处置预案和相关技术、管理措施等；
（五）具有进行真实身份信息核验和用户个人信息保护的能力、提供长期服务的能力及健全的服务退出机制；
（六）具有健全的域名注册服务管理制度和对域名注册服务机构的监督机制；
（七）法律、行政法规规定的其他条件。
第十二条　申请设立域名注册服务机构的，应当具备以下条件：
（一）在境内设置域名注册服务系统、注册数据库和相应的域名解析系统；
（二）是依法设立的法人，该法人及其主要出资者、主要经营管理人员具有良好的信用记录；
（三）具有与从事域名注册服务相适应的场地、资金和专业人员以及符合电信管理机构要求的信息管理系统；
（四）具有进行真实身份信息核验和用户个人信息保护的能力、提供长期服务的能力及健全的服务退出机制；
（五）具有健全的域名注册服务管理制度和对域名注册代理机构的监督机制；
（六）具有健全的网络与信息安全保障措施，包括管理人员、网络与信息安全管理制度、应急处置预案和相关技术、管理措施等；
（七）法律、行政法规规定的其他条件。
第十三条　申请设立域名根服务器及域名根服务器运行机构、域名注册管理机构的，应当向工业和信息化部提交申请材料。申请设立域名注册服务机构的，应当向住所地省、自治区、直辖市通信管理局提交申请材料。
申请材料应当包括：
（一）申请单位的基本情况及其法定代表人签署的依法诚信经营承诺书；
（二）对域名服务实施有效管理的证明材料，包括相关系统及场所、服务能力的证明材料、管理制度、与其他机构签订的协议等；
（三）网络与信息安全保障制度及措施；
（四）证明申请单位信誉的材料。
第十四条　申请材料齐全、符合法定形式的，电信管理机构应当向申请单位出具受理申请通知书；申请材料不齐全或者不符合法定形式的，电信管理机构应当场或者在5个工作日内一次性书面告知申请单位需要补正的全部内容；不予受理的，应当出具不予受理通知书并说明理由。
第十五条　电信管理机构应当自受理之日起20个工作日内完成审查，作出予以许可或者不予许可的决定。20个工作日内不能作出决定的，经电信管理机构负责人批准，可以延长10个工作日，并将延长期限的理由告知申请单位。需要组织专家论证的，论证时间不计入审查期限。
予以许可的，应当颁发相应的许可文件；不予许可的，应当书面通知申请单位并说明理由。
第十六条　域名根服务器运行机构、域名注册管理机构和域名注册服务机构的许可有效期为5年。
第十七条　域名根服务器运行机构、域名注册管理机构和域名注册服务机构的名称、住所、法定代表人等信息发生变更的，应当自变更之日起20日内向原发证机关办理变更手续。
第十八条　在许可有效期内，域名根服务器运行机构、域名注册管理机构、域名注册服务机构拟终止相关服务的，应当提前30日书面通知用户，提出可行的善后处理方案，并向原发证机关提交书面申请。
原发证机关收到申请后，应当向社会公示30日。公示期结束60日内，原发证机关应当完成审查并做出决定。
第十九条　许可有效期届满需要继续从事域名服务的，应当提前90日向原发证机关申请延续；不再继续从事域名服务的，应当提前90日向原发证机关报告并做好善后工作。
第二十条　域名注册服务机构委托域名注册代理机构开展市场销售等工作的，应当对域名注册代理机构的工作进行监督和管理。
域名注册代理机构受委托开展市场销售等工作的过程中，应当主动表明代理关系，并在域名注册服务合同中明示相关域名注册服务机构名称及代理关系。
第二十一条　域名注册管理机构、域名注册服务机构应当在境内设立相应的应急备份系统并定期备份域名注册数据。
第二十二条　域名根服务器运行机构、域名注册管理机构、域名注册服务机构应当在其网站首页和经营场所显著位置标明其许可相关信息。域名注册管理机构还应当标明与其合作的域名注册服务机构名单。
域名注册代理机构应当在其网站首页和经营场所显著位置标明其代理的域名注册服务机构名称。

第三章　域名服务

第二十三条　域名根服务器运行机构、域名注册管理机构和域名注册服务机构应当向用户提供安全、方便、稳定的服务。
第二十四条　域名注册管理机构应当根据本办法制定域名注册实施细则并向社会公开。
第二十五条　域名注册管理机构应当通过电信管理机构许可的域名注册服务机构开展域名注册服务。
域名注册服务机构应当按照电信管理机构许可的域名注册服务项目提供服务，不得为未经电信管理机构许可的域名注册管理机构提供域名注册服务。
第二十六条　域名注册服务原则上实行“先申请先注册”，相应域名注册实施细则另有规定的，从其规定。
第二十七条　为维护国家利益和社会公众利益，域名注册管理机构应当建立域名注册保留字制度。
第二十八条　任何组织或者个人注册、使用的域名中，不得含有下列内容：
（一）反对宪法所确定的基本原则的；
（二）危害国家安全，泄露国家秘密，颠覆国家政权，破坏国家统一的；
（三）损害国家荣誉和利益的；
（四）煽动民族仇恨、民族歧视，破坏民族团结的；
（五）破坏国家宗教政策，宣扬邪教和封建迷信的；
（六）散布谣言，扰乱社会秩序，破坏社会稳定的；
（七）散布淫秽、色情、赌博、暴力、凶杀、恐怖或者教唆犯罪的；
（八）侮辱或者诽谤他人，侵害他人合法权益的；
（九）含有法律、行政法规禁止的其他内容的。
域名注册管理机构、域名注册服务机构不得为含有前款所列内容的域名提供服务。
第二十九条　域名注册服务机构不得采用欺诈、胁迫等不正当手段要求他人注册域名。
第三十条　域名注册服务机构提供域名注册服务，应当要求域名注册申请者提供域名持有者真实、准确、完整的身份信息等域名注册信息。
域名注册管理机构和域名注册服务机构应当对域名注册信息的真实性、完整性进行核验。
域名注册申请者提供的域名注册信息不准确、不完整的，域名注册服务机构应当要求其予以补正。申请者不补正或者提供不真实的域名注册信息的，域名注册服务机构不得为其提供域名注册服务。
第三十一条　域名注册服务机构应当公布域名注册服务的内容、时限、费用，保证服务质量，提供域名注册信息的公共查询服务。
第三十二条　域名注册管理机构、域名注册服务机构应当依法存储、保护用户个人信息。未经用户同意不得将用户个人信息提供给他人，但法律、行政法规另有规定的除外。
第三十三条　域名持有者的联系方式等信息发生变更的，应当在变更后30日内向域名注册服务机构办理域名注册信息变更手续。
域名持有者将域名转让给他人的，受让人应当遵守域名注册的相关要求。
第三十四条　域名持有者有权选择、变更域名注册服务机构。变更域名注册服务机构的，原域名注册服务机构应当配合域名持有者转移其域名注册相关信息。
无正当理由的，域名注册服务机构不得阻止域名持有者变更域名注册服务机构。
电信管理机构依法要求停止解析的域名，不得变更域名注册服务机构。
第三十五条　域名注册管理机构和域名注册服务机构应当设立投诉受理机制，并在其网站首页和经营场所显著位置公布投诉受理方式。
域名注册管理机构和域名注册服务机构应当及时处理投诉；不能及时处理的，应当说明理由和处理时限。
第三十六条　提供域名解析服务，应当遵守有关法律、法规、标准，具备相应的技术、服务和网络与信息安全保障能力，落实网络与信息安全保障措施，依法记录并留存域名解析日志、维护日志和变更记录，保障解析服务质量和解析系统安全。涉及经营电信业务的，应当依法取得电信业务经营许可。
第三十七条　提供域名解析服务，不得擅自篡改解析信息。
任何组织或者个人不得恶意将域名解析指向他人的IP地址。
第三十八条　提供域名解析服务，不得为含有本办法第二十八条第一款所列内容的域名提供域名跳转。
第三十九条　从事互联网信息服务的，其使用域名应当符合法律法规和电信管理机构的有关规定，不得将域名用于实施违法行为。
第四十条　域名注册管理机构、域名注册服务机构应当配合国家有关部门依法开展的检查工作，并按照电信管理机构的要求对存在违法行为的域名采取停止解析等处置措施。
域名注册管理机构、域名注册服务机构发现其提供服务的域名发布、传输法律和行政法规禁止发布或者传输的信息的，应当立即采取消除、停止解析等处置措施，防止信息扩散，保存有关记录，并向有关部门报告。
第四十一条　域名根服务器运行机构、域名注册管理机构和域名注册服务机构应当遵守国家相关法律、法规和标准，落实网络与信息安全保障措施，配置必要的网络通信应急设备，建立健全网络与信息安全监测技术手段和应急制度。域名系统出现网络与信息安全事件时，应当在24小时内向电信管理机构报告。
因国家安全和处置紧急事件的需要，域名根服务器运行机构、域名注册管理机构和域名注册服务机构应当服从电信管理机构的统一指挥与协调，遵守电信管理机构的管理要求。
第四十二条　任何组织或者个人认为他人注册或者使用的域名侵害其合法权益的，可以向域名争议解决机构申请裁决或者依法向人民法院提起诉讼。
第四十三条　已注册的域名有下列情形之一的，域名注册服务机构应当予以注销，并通知域名持有者：
（一）域名持有者申请注销域名的；
（二）域名持有者提交虚假域名注册信息的；
（三）依据人民法院的判决、域名争议解决机构的裁决，应当注销的；
（四）法律、行政法规规定予以注销的其他情形。

第四章　监督检查

第四十四条　电信管理机构应当加强对域名服务的监督检查。域名根服务器运行机构、域名注册管理机构、域名注册服务机构应当接受、配合电信管理机构的监督检查。
鼓励域名服务行业自律管理，鼓励公众监督域名服务。
第四十五条　域名根服务器运行机构、域名注册管理机构、域名注册服务机构应当按照电信管理机构的要求，定期报送业务开展情况、安全运行情况、网络与信息安全责任落实情况、投诉和争议处理情况等信息。
第四十六条　电信管理机构实施监督检查时，应当对域名根服务器运行机构、域名注册管理机构和域名注册服务机构报送的材料进行审核，并对其执行法律法规和电信管理机构有关规定的情况进行检查。
电信管理机构可以委托第三方专业机构开展有关监督检查活动。
第四十七条　电信管理机构应当建立域名根服务器运行机构、域名注册管理机构和域名注册服务机构的信用记录制度，将其违反本办法并受到行政处罚的行为记入信用档案。
第四十八条　电信管理机构开展监督检查，不得妨碍域名根服务器运行机构、域名注册管理机构和域名注册服务机构正常的经营和服务活动，不得收取任何费用，不得泄露所知悉的域名注册信息。

第五章　罚　　则

第四十九条　违反本办法第九条规定，未经许可擅自设立域名根服务器及域名根服务器运行机构、域名注册管理机构、域名注册服务机构的，电信管理机构应当根据《中华人民共和国行政许可法》第八十一条的规定，采取措施予以制止，并视情节轻重，予以警告或者处1万元以上3万元以下罚款。
第五十条　违反本办法规定，域名注册管理机构或者域名注册服务机构有下列行为之一的，由电信管理机构依据职权责令限期改正，并视情节轻重，处1万元以上3万元以下罚款，向社会公告：
（一）为未经许可的域名注册管理机构提供域名注册服务，或者通过未经许可的域名注册服务机构开展域名注册服务的；
（二）未按照许可的域名注册服务项目提供服务的；
（三）未对域名注册信息的真实性、完整性进行核验的；
（四）无正当理由阻止域名持有者变更域名注册服务机构的。
第五十一条　违反本办法规定，提供域名解析服务，有下列行为之一的，由电信管理机构责令限期改正，可以视情节轻重处1万元以上3万元以下罚款，向社会公告：
（一）擅自篡改域名解析信息或者恶意将域名解析指向他人IP地址的；
（二）为含有本办法第二十八条第一款所列内容的域名提供域名跳转的；
（三）未落实网络与信息安全保障措施的；
（四）未依法记录并留存域名解析日志、维护日志和变更记录的；
（五）未按照要求对存在违法行为的域名进行处置的。
第五十二条　违反本办法第十七条、第十八条第一款、第二十一条、第二十二条、第二十八条第二款、第二十九条、第三十一条、第三十二条、第三十五条第一款、第四十条第二款、第四十一条规定的，由电信管理机构依据职权责令限期改正，可以并处1万元以上3万元以下罚款，向社会公告。
第五十三条　法律、行政法规对有关违法行为的处罚另有规定的，依照有关法律、行政法规的规定执行。
第五十四条　任何组织或者个人违反本办法第二十八条第一款规定注册、使用域名，构成犯罪的，依法追究刑事责任；尚不构成犯罪的，由有关部门依法予以处罚。

第六章　附　　则

第五十五条　本办法下列用语的含义是：
（一）域名：指互联网上识别和定位计算机的层次结构式的字符标识，与该计算机的IP地址相对应。
（二）中文域名：指含有中文文字的域名。
（三）顶级域名：指域名体系中根节点下的第一级域的名称。
（四）域名根服务器：指承担域名体系中根节点功能的服务器（含镜像服务器）。
（五）域名根服务器运行机构：指依法获得许可并承担域名根服务器运行、维护和管理工作的机构。
（六）域名注册管理机构：指依法获得许可并承担顶级域名运行和管理工作的机构。
（七）域名注册服务机构：指依法获得许可、受理域名注册申请并完成域名在顶级域名数据库中注册的机构。
（八）域名注册代理机构：指受域名注册服务机构的委托，受理域名注册申请，间接完成域名在顶级域名数据库中注册的机构。
（九）域名管理系统：指域名注册管理机构在境内开展顶级域名运行和管理所需的主要信息系统，包括注册管理系统、注册数据库、域名解析系统、域名信息查询系统、身份信息核验系统等。
（十）域名跳转：指对某一域名的访问跳转至该域名绑定或者指向的其他域名、IP地址或者网络信息服务等。
第五十六条　本办法中规定的日期，除明确为工作日的以外，均为自然日。
第五十七条　在本办法施行前未取得相应许可开展域名服务的，应当自本办法施行之日起12个月内，按照本办法规定办理许可手续。
在本办法施行前已取得许可的域名根服务器运行机构、域名注册管理机构和域名注册服务机构，其许可有效期适用本办法第十六条的规定，有效期自本办法施行之日起计算。
第五十八条　本办法自2017年11月1日起施行。2004年11月5日公布的《中国互联网络域名管理办法》（原信息产业部令第30号）同时废止。本办法施行前公布的有关规定与本办法不一致的，按照本办法执行。