Self-Hosting Playbook
04. Domains and TLDs

04. Domains and TLDs

A domain name is a human-readable address for an internet service.

The internet uses a global naming system called DNS (Domain Name System), which translates names into network locations1.

When you register a domain, you are not buying permanent property. You are leasing a name inside that global system, under specific contractual and governance rules.

Understanding that structure clarifies pricing, control boundaries, and what “sovereignty” can realistically mean.

                    Root Zone
                        |
                 +--------------+
                 |     .com     |
                 |     .org     |
                 |     .ca      |
                 +--------------+
                        |
                   example.com
                        |
                 app.example.com
                 mail.example.com

4.1. Control Boundaries: Registry, Registrar, Registrant

The DNS naming system is layered by design1. Each layer has a different authority model.

Registry

A registry operates a top-level domain (TLD). It maintains the authoritative database of second-level domains under that TLD and publishes them into the DNS root zone1.

Examples:

  • .com → operated by Verisign
  • .org → operated by Public Interest Registry
  • .ca → operated by CIRA

The registry:

  • Sets wholesale pricing
  • Defines technical policy
  • Controls delegation into the root zone
  • Enforces registry-level suspensions

If a registry removes a delegation, the domain disappears globally.

You do not contract directly with the registry.

Registrar

A registrar is accredited to retail domains under specific TLDs. Accreditation ultimately traces back to ICANN, which coordinates the DNS root and registrar system.

The registrar:

  • Sells and renews your domain
  • Maintains contact records
  • Applies registrar-level locks
  • Submits nameserver changes to the registry

You can transfer between registrars.
You cannot escape the registry without changing TLDs.

Registrar control is commercial and contractual. Registry control is infrastructural.

Registrant

The registrant is the legal holder of the registration record.

You control:

  • Nameserver delegation
  • Renewal
  • Transfers (subject to lock periods)

You hold a revocable, renewable allocation governed by policy layers above you.

4.2. TLD Categories and Governance Models

TLDs differ less in technical capability and more in governance and pricing models.

Legacy gTLDs

Examples:

  • .com
  • .net
  • .org

These predate the 2012 TLD expansion. They are globally open and highly standardized.

.com benefits from network effects rather than technical superiority. It became dominant through early commercial adoption in the 1990s.

Pricing in legacy gTLDs is generally stable, but not fixed. Registry contracts periodically renegotiate allowable increases.

Country-Code TLDs (ccTLDs)

Examples:

  • .ca
  • .de
  • .jp

ccTLDs are delegated based on ISO country codes and operated by national registry authorities.

They vary significantly in:

  • Residency requirements
  • Dispute resolution frameworks
  • Content enforcement standards
  • Political exposure

Choosing a ccTLD is implicitly choosing that country’s regulatory perimeter.

New gTLDs

Following ICANN’s 2012 expansion, hundreds of new TLDs entered the market:

  • .app
  • .dev
  • .tech
  • .xyz

Many are commercially operated and priced dynamically.

Common characteristics:

  • Higher base pricing
  • Tiered premium name classification
  • Greater renewal variability
  • Strong branding intent

Some, such as .app and .dev, enforce HTTPS at the registry level via HSTS preloading. This is a policy decision embedded into namespace governance.

The expansion was partly intended to reduce .com concentration and partly commercial, as TLD operation became a business model.

4.3. Premium Designations and Pricing Power

“Premium” is not a single concept.

Registry-Level Premiums

The registry may classify certain names as premium based on scarcity or perceived market value.

Characteristics:

  • Elevated initial price
  • Elevated renewal price
  • Non-discounted renewals

Premium designation is a pricing lever, not a technical one.

In new gTLDs especially, short or generic names often sit in permanent premium tiers.

Promotional Pricing and Renewal Spread

Registrars frequently use:

  • Low first-year pricing
  • Standard or elevated renewal pricing

The risk is not the first-year cost.
The risk is tying infrastructure to a namespace whose renewal cost becomes operational friction later.

Wholesale pricing originates at the registry. Retail spread and promotional strategy are controlled by the registrar.

For long-term infrastructure, renewal stability matters more than promotional pricing.

4.4. Jurisdiction and the Limits of Sovereignty

There are two distinct legal layers.

Registrar Jurisdiction

Determines:

  • Contract law governing your account
  • Data retention and privacy rules
  • How disputes or freezes are processed

Transferring registrars changes this exposure.

Registry Jurisdiction

Determines:

  • TLD-level suspension authority
  • Policy enforcement
  • Dispute resolution framework

If the registry suspends a domain, registrar choice is irrelevant.

For example, .com ultimately depends on registry infrastructure operated by Verisign in the United States.

Changing registrars does not change that dependency.

DNS governance is not decentralized. Authority is delegated hierarchically from a globally coordinated root2. Resilience comes from distributed server operation, not from distributed authority.

Absolute namespace sovereignty does not exist inside the public DNS. What exists is layered delegation and contractual allocation.

4.5. Practical Selection Heuristics

For long-lived self-hosted infrastructure:

  1. Prefer TLDs with stable governance history.
  2. Verify renewal pricing, not promotional pricing.
  3. Avoid premium tiers unless you accept recurring cost.
  4. Treat the domain as a durable dependency, not a marketing asset.
  5. Separate registrar choice from DNS hosting choice when possible.

Namespace churn is operational debt.

Summary

  • The registry controls the TLD and root delegation.
  • The registrar intermediates your contract.
  • You lease the namespace entry as registrant.
  • Wholesale pricing originates at the registry; retail spread is set by the registrar.
  • Jurisdiction exists at both registrar and registry layers.
  • DNS governance is hierarchical, not sovereign.

Design infrastructure with that reality in mind.

  1. Mockapetris, P. “Domain Names - Concepts and Facilities.” RFC 1034, November 1987. https://www.rfc-editor.org/rfc/rfc1034 ↩︎ ↩︎ ↩︎

  2. Postel, J. “Domain Name System Structure and Delegation.” RFC 1591, March 1994. https://www.rfc-editor.org/rfc/rfc1591 ↩︎

Last updated on
05. DNS Mechanics