5 FAH-8 H-340
NAMING CONVENTIONS FOR SITES ON INTERNAL AND EXTERNAL
NETWORKS
(CT:WEB-19; 02-12-2019)
(Office of Origin: IRM/BMP/GRP/GP)
5 FAH-8 H-341 TYPES OF NETWORKS
(CT:WEB-11; 10-30-2015)
a. The Department of State uses both internal and
external networks, including the Internet, intranets, extranets, and
demilitarized zones (DMZs). The Internet has no access controls and is
publicly accessible while other networks, at a minimum, require a user name and
password to access.
b. Website development of unclassified systems may
require the use of a Dedicated Internet Network (DIN). Refer to 5 FAM 871 ENTERPRISE NETWORKS and 5 FAM 872 DEDICATED INTERNET NETWORKS (DIN)
c. Website development for ClassNet/SIPRNet must be
accomplished on a classified workstation or classified development network.
d. Any workstation/network used for website development
purposes may not serve as the operational repository of images, files, or other
information associated with a website.
5 FAH-8 H-342 DOMAIN NAMES
(CT:WEB-11; 10-30-2015)
All Department websites (post, bureau, program offices,
etc.) must request a domain name. The structure of the main Department public
site follows a hierarchy based on Under Secretary/bureau with a small number of
specialized websites using other names. The intranet and post Internet domain
names follow a hierarchy based on
localities, bureaus and offices (e.g., post.state.sbu or bureau.state.sbu).
This structure provides for more unique names, more easily located names, and
the Department identification.
5 FAH-8 H-342.1 OpenNet Standards
5 FAH-8 H-342.1-1 Domain Names
(CT:WEB-11; 10-30-2015)
Domains are containers that hold the computer names
associated with Internet Protocol (IP) addresses. On OpenNet, the domain
structure uses top-level domain .sbu (dot-sbu) and second-level state.sbu. A
subdomain that indicates the organization typically includes postname.state.sbu
or bureauname.state.sbu. Other naming
conventions may be adopted, but must contain the state.sbu second-level domain,
to distinguish intranet sites from the public sites that use state.gov.
Common examples of Intranet domain
names:
Intranet.ds.state.sbu,
intranet.hr.state.sbu
Med.m.state.sbu, wha.p.state.sbu
a.m.state.sbu/sites/gis, j.state.sbu/tip,
e.state.sbu/stas
5 FAH-8 H-342.1-2 Host Names
(CT:WEB-11; 10-30-2015)
a. Hosts are computers or other devices that can be
identified by an IP address and that provide web based services. Host names
must use the following naming standards:
(1) Post/Bureau websites: OpenNet websites associated
with a post or bureau must use the domain name of the organization, and as
appropriate, its parent organization.
Examples:
m.state.sbu is the address for
the Under Secretary for Management website.
eap.p.state.sbu is the address
for the Bureau of East Asia Pacific Affairs (EAP), which is organizationally
part of the Under Secretary for Political Affairs (P).
(2) Office websites: Websites associated with an
office must be identified by an alias consisting of part of the office symbol
and the bureau/post domain name.
Example:
irm.m.state.sbu/ops is the
address for the Operations Office in IRM (IRM/OPS) website.
b. Forbidden Host names:
(1) Domain Name Server (DNS) host names may use a
combination of alphabetic and numeric characters, but must begin with an
alphabetic character. The only other character which may be used is a dash or
hyphen (-). No other characters are authorized, including underscores.
(2) OpenNet websites must not
use "www" which is reserved for use on the Internet.
5 FAH-8 H-342.2 ClassNet Standards
(CT:WEB-11; 10-30-2015)
The Domain structure and naming standards for ClassNet are
the same as for OpenNet except that the top level domain is .class instead of
.sbu, and .sgov.gov is a ClassNet domain name alias.
Example:
openforum.state.sgov.gov is the
address for the Secretarys Open Forum.
5 FAH-8 H-342.3 Internet Standards
(CT:WEB-11; 10-30-2015)
There are four second-level domains approved for Embassy,
Consulate, Mission, and U.S. Interest Section public Internet websites. The
Under Secretary for Management (M) mandated in 2007 that the Bureau of
International Information Programs (IIP) must host these sites in its Content
Management System. IIP also hosts the Virtual Presence Posts.
5 FAH-8 H-342.3-1 Post Domain
Names
(CT:WEB-11; 10-30-2015)
a. Embassy: The second-level domain name for Embassy
public Internet websites is "usembassy.gov". The third-level or host
name will be the city in which the embassy is located.
Example:
Ottawa.usembassy.gov and canada.usembassy.gov are the addresses for the Embassy
Ottawas public Internet website.
b. Consulate: The second-level
domain name for Consulate public Internet websites is
"usconsulate.gov". The third-level or host name will be the city in
which the consulate is located. Because there may be multiple cities with
consulates in a single country, use only the city name for consulate sites.
Example:
montreal.usconsulate.gov is the
address for Consulate Montreals public Internet website. Do not use
canada.usconsulate.gov.
c. Mission: The second-level domain name for Mission
public Internet websites is "usmission.gov". The third-level or host
name will be the city in which the mission is located. Alternately, the
acronym of the mission itself can be used.
Examples:
geneva.usmission.gov is the
address for the Mission Genevas public Internet website.
osce.usmission.gov is the
address for the U.S. Mission to the Organization for Security and Cooperation
in Europe.
d. U.S. Interests Sections: The second-level domain
name for U.S. Interest Sections public Internet websites is
"usint.gov". The third-level or host name will be the city in which
the U.S. Interests Section is located.
e. Country Sites: Country names are linked to either a
menu standard home page with links to all the official U.S. Government web and
social media sites in that country or to the existing main embassy site if
there is only one site in that country. The second-level domain name for
country public Internet websites is "usembassy.gov". The third-level
or host name will be the name of the country. The use of country names in the
URL is not mandatory.
Examples:
japan.usembassy.gov (multiple
Department of State offices). This name points to a page with links to all
U.S. diplomatic public Internet websites in the country.
argentina.usembassy.gov (only
one Department of State office). This name points directly to the existing
U.S. Embassys public Internet website in Buenos Aires.
NOTE: The domain name
structure for embassies will change to the two-letter country code, plus
usembassy.gov, as IIP implements a new hosting/content system, due to be complete
during CY 2017.
f. Virtual Presence Post sites: Virtual presence
posts do not have a chancery or other physical building with staff that work
and live in the host city. The top-level domain for these posts is usvpp.gov.
The third-level or host name will be the name of the city.
Examples: Bangalore.usvpp.gov,
Mindanao.usvpp.gov.
g. Sites in other languages: The third-level domain
name for Embassy, consulate, mission, or other websites in other languages is
the name of the language, plus the usual standard for the site.
Examples: French.belgium.usembassy.gov,
Japanese.nagoya.usconsulate.gov.
NOTE: As of the publication
date of this section, IIP will no longer approve new usconsulate.gov or
usvpp.gov domain name requests. This naming structure is phasing out as IIP
implements a new content/hosting platform.
5 FAH-8 H-342.3-2 Required Domain
Names
(CT:WEB-11; 10-30-2015)
Domain names must be approved using the DS-3081 (Request
for Registering of New or Recurring Website Information Dissemination) online
form. Department public websites must use a state.gov domain name or .gov
according to the naming convention for posts. The top-level name .com is
strictly prohibited. Others, such as .net and .org, may be used for specific
purposes see 5 FAH-8 H342.3-4. Only one domain name per website may be used
unless an exception is granted, for specific technical or programmatic reasons
that must be fully explained in the DS-3081 request.
5 FAH-8 H-342.3-3 Domain Names
for Public Internet Sites
(CT:WEB-11; 10-30-2015)
The Bureau of Public Affairs (PA) manages the main
Department website. For other public websites with a primarily domestic
audience, domestic bureaus and offices must use state.gov as part of their URL,
unless an exception has been requested and approved (see paragraph 2 below).
(1) If the bureau or office is hosting interagency
websites, a .gov extension is required at a minimum. The Office of Management
and Budget (OMB) has suspended all new top-level domains. Use state.gov names
instead. Thorough justification for using the top-level .gov domain must be
submitted through the online Form DS-3081, Request for Registering of New or
Recurring website Information Dissemination" process. Where relevant,
justifications should demonstrate the interagency content and need for
interagency sponsorship that precludes the use of a single agency, e.g.,
state.gov, in the domain name. The Chief Information Officer (CIO) must
approve all top-level .gov domain name requests. Applications for new domains are then submitted to and reviewed by the
Office of Government-wide policy at the General Services Administration (GSA). GSA administers all .gov URLs. Once
approved, IRM submits top-level URL requests to GSA on the sponsoring bureaus
behalf.
(2) Websites maintained by non-governmental entities
sponsored by the Department are considered "information
dissemination" and must be approved by the Bureau of Public Affairs
(PA/WM). The domain names for such sites will depend upon the review of the
content and management of the sponsored sites.
(3) Requests for new or changed domain names, or for
redirects, must be submitted through the online Form DS-3081 process or be
granted an exception.
(a) IIP and PA approve requests submitted online and
forward them to the IRM Enterprise Network Operations for processing.
(b) IRM will assist with any redirects that may be
needed on a temporary basis to guide website visitors to the new site.
(4) The concern that a private entity may use a domain
name that is not .gov (i.e., country.usembassy.com) in a misrepresentative way
is not valid justification for reserving this type of domain name. If such
misrepresentation should occur, you must notify the Office of the Legal Adviser
which will take appropriate action, including referral to the Department of
Justice.
5 FAH-8 H-342.3-4 Password
Requirement for Internet Sites for Internal Business
(CT:WEB-19; 02-12-2019)
a. If a Department website is on the Internet or an
extranet, but is for internal business (whether for employees or specialized
audiences with content not relevant to general public), it must have an
authorization scheme with one account per user, and a password that conforms
with the standard Department password construction requirements found at 12 FAM 623.3 to obtain access. And display a system use
information banner, per 12 FAH -10 H-112.7-1c.
b. The intent is to prevent easy access to information
that is not meant for public consumption. PA, IRM, and IIP will review the
creation of such sites closely as appropriate.
5 FAH-8 H-343 Through H-349 Unassigned