A question came up the other day, what policy do we have about 3rd parties registering domains that contain the word “CAcert”. In the past few days I know of a few more domains either registered or applied for, and while I can assume (hopefully correctly) most people will do the right thing and they are applying for them to either point back to our main website or to localised content and support, there is of course like everything else in life the potential for abuse.
Up until now there has been reasonably small risk of anything bad occurring, but as things progress this is something that should be taken serious as it will reduce efforts to market ourselves, as these sites unless labelled correctly could be mistaken as an official off shoot, when in actual fact only the main website is the only site we officially operate.
The mozilla guys have recently published their trademark policy, and one clause included an item on domain names that contain mozilla trademarks.
If you want to include all or part of a Mozilla trademark in a domain name, you have to receive written permission from Mozilla. People naturally associate domain names with organizations whose names sound similar. Almost any use of a Mozilla trademark in a domain name is likely to confuse consumers, thus running afoul of the overarching requirement that any use of a Mozilla trademark be non-confusing. If you would like to build a Mozilla, Firefox Internet browser or Thunderbird e-mail client promotional site for your region, we encourage you to join an existing official localization project.
To receive written permission, please download and follow the directions as outlined in the Domain Name License.
There are a lot of examples out there of other community projects spawning domain names based on the original project for localisation/regionalisation purposes, and in at least one case, the Plone Foundation requires all domains to be handed over to them.
The simple solution might be to offer <country code>.CAcert.org (such as br.CAcert.org) or one of our other domains (.com/.net) and ask everyone nicely to refrain from purchasing confusing domains and to request a sub-domain from us instead.
I’m guessing we need to start thinking about official policies on other things as well that might be used against the spirit in which they were originally created.