Thoughts on the the new draft rules for dot KE published by the Communications Commission of Kenya (CCK)

As a consequence of the Kenya Communications Act, CCK has drafted a new regime for administering the apex .ke country-code top-level domain (ccTLD). It is still not clear if the CCK has an opinion on arbitrary second-level domain names under .ke from any of the documents, but in addition to a new license for the apex registry (.ke itself) and second-level domain registry (, there are also licensing documents for registrars who will be allowed to lease domains to the general public ( and possibly  

For those who are unaware, registries take on core responsibilities around rules and regulations regarding domains and registries need to be held to very high standards.  Registrars are merely sales organizations that resell (or really, lease) domains from the registry.  Typically, a registry does not sell to the general public and a registrar has no core maintenance or administration role with regards to the domains it sells.

As a background, [generic top-level domains (gTLDs) include .com, .org, .mil, .net, etc...  In addition to the generic domains, each country has a TLD referred to as a country-code TLD (ccTLD): .uk, .ke, .de.  There are also now internationalized domains (IDNs) such as .中国 and .香港.

Thank you to CCK

First off, we should all be thankful to CCK for having a public comment period at all.  It's very atypical for Kenyan government departments to give time for proper feedback.  Sometimes one sees gazetted rules in the newspapers dated one-month back so that they go into effect immediately.  CCK really deserves a round of applause for recognizing that releasing rules in that way is less than ideal.

What's out there?

Visiting Gandi (a registrar, not a registry) to see what TLDs are broadly available is a great way of understanding the current topology of domains globally - and which ones are well represented around the world. Unfortunately, CCK rules continue to deny companies like Gandi from reselling the .ke TLD and therefore, the number of registrations is very low.

Let's analyze some other ccTLDs

Norfolk Island

Norfolk Island (a very small semi-autonomous territory east of Australia) has .nf and allows those domain names to be registered for $1,420 and renewed for $230/year thereafter.  Large multinationals like Google seem to pay up for "google" under any TLD so this is probably a good strategy for a very small country to capitalize on its ccTLD when there is no chance of broad adoption.


Barbados maintains a semi-restricted ccTLD, .bb and has very little uptake - seemingly intentionally.  The rationale for this appears to be that Barbados wants to assert strong authority over the domain name so that end-users know that hosts have met certain criteria in order to have been able to leverage the .bb ccTLD at all. The goal is not to have mass adoption .bb domains in this scenario.


Austria has a long history with its TLD (.at).  It is currently managed as a public-private partnership that was spun out of a loose coalition of Austrian ISPs.  They have a permissive registrar license not requiring registrars to be located in-country and therefore have many sellers of the .at domain name around the world and many registrants.

Thoughts on the CCK Proposal

It is out of the scope of this article to discuss all of what CCK is trying to change with these documents but I'd like to discuss some obvious points:

Arbitrary Second level domains

Although some ccTLDs (.uk) do not allow second-level domains (like, many have moved to allowing second-level domains (like  Second level domains can sell well ( might work or would it be a and earn money for the top-level registry.  They also overcome the often meaningless divisions between companies (, organizations ( and 'others'.  CCK has not made it clear what the future is for second level domains under .ke, but this needs to be a discussion and I would strongly favor second-level domains for .ke in order to increase adoption.  Note that allowing domains like '' does not mean that '' or '' couldn't continue to exist.

Foreign ownership of registrars

Registrars act as an intermediary between the registry (the organization that administers the definitive database of all .ke domains, handles complaints, enforces regulations, etc...) and the domain holder.  Typically, an end-user leases a domain name from a registrar on a renewable annual basis and the registry administers the database.  Unlike many other countries, CCK will require that all registrars be Kenyan-owned. 

Although it's totally reasonable that the dot KE registry be explicitly under Kenyan authority, I don't think it's in the best interest of the industry to force registrars to also be locally domiciled. It may be good for a narrow group of local registrars to protect their business registering domains, it is bad for boosting the overall number of .ke domains registrered.  The vast majority of domain registrars globally are non-Kenyan and excluding them from being able to lease the domains means that .ke will continue to be a niche asset.  Kenya uses foreign contractors for many specialized activities (building airports, laying roads, improving container ports) and there is no reason to treat potential .ke registrars any differently - especially when the cost is impact is a continuing low uptake of the .ke TLD.

Officious requirements

In addition to the exclusion of most of the global registrar industry from participating, the "APPLICATION FOR DOT KE DOMAIN NAME REGISTRY SERVICES PROVIDER AND DOT KE SUBDOMAIN NAME REGISTRAR SERVICES PROVIDERS UNDER THE UNIFIED LICENSING FRAMEWORK" document places myriad burdens on even local registrars including the need to:

  • acquire sworn affidavits
  • pay by check without accepting credit card or mPesa
  • submit paperwork in-person rather than via mail (or better, via electronic means)

Note: It's been pointed out to me that my determination might be wrong.  This document may only refer to registries (although it seems very clear that it's referring to registrars).  I really can't say for sure and we would all be grateful if the CCK would clarify what it means here.

Intrusive requirements

Although the officious application requirements are very bad for the uptake of the .ke TLD, many of the requirements are also intrusive.  It makes sense for the main registry provider of .ke to be rigorously vetted and part of a public bidding process, but it is counterproductive to place the same high bar in front of the hundreds of registrars who should instead be welcomed into the program in order to sell more .ke domains.  Requirements that should be stricken are:

  • The need to supply a 3 year business plan
  • The need to apply Articles of Association (or equivalent)
  • Notarized share certificates (this particular clause is also unclear - what exactly does CCK even want?)

Again, the documents are confusing so it's not really clear what CCK intends.


The research by CCK vis-a-vis the regulation and administration of ccTLDs globally as evidenced in these documents appears pretty minimal.  Most of the background appears to come from other Kenyan law rather than other Internet governance regulation.  I would hope that those who drafted the text read at least five or six sets of comparable documents from other countries - of which there are over 100.  This is something which can easily be addressed and is well worth the time of the CCK researchers to not only read these regulations, but to reference them in an executive summary that should be attached to these drafts.

7 responses
I think the CCK directive is in bad faith... The Internet should be an open community. So should be registrars and just like other TLD's e.g .com Lets adopt an open community, that's where the world is going. "Open Source" "Cloud" etc.
We cannot micro-manage everything, why not only regulate Kenic, Where all registrars fall, and let Kenic do the rest? Kenic holds all data pertaining to this and also has its laws and directives hence i am seeing redundancy in execution of the same.
5 visitors upvoted this post.