A domain name registrar is a business that handles the reservation of domain names as well as the assignment of IP addresses for those domain names. Domain names are alphanumeric aliases used to access websites; for example, Google’s domain name is ‘google.com’ and their IP address is 192.168.1.1. Domain names make it easier to access websites without having to memorize and enter numeric IP addresses. (For more on how this works, see What Is DNS?)
It should be noted that registrars don’t actually manage and maintain domain names; that part is done by a domain name registry.
Registries are organizations that manage top-level domains (TLDs) ‘.com’ and ‘.net’ — specifically by maintaining the records of which individual domains belong to which people and organizations. These registries are managed by the Internet Assigned Numbers Authority (IANA) — a department of the Internet Corporation for Assigned Names and Numbers (ICANN), a global organization that coordinates several processes and databases that support the Internet’s basic functionality.
Registries delegate the commercial sales of domain name registrations to registrars. For example, when a registrar sells a ‘.com’ domain registration to an end user (or ‘registrant’), the registrar must notify VeriSign — the registry for ‘.com’ domains. The registrar must also pay VeriSign a fee, which is factored into the price that the registrar charges the end user.
This arrangement works much like a car dealership. A customer who is interested in buying a car visits the showroom and is shown the available cars by a knowledgeable sales associate. If the customer chooses to buy a car (not one already in stock, for this example), the dealership must then order the car from a manufacturer. The customer ultimately picks up the car and receives customer service from the dealership.
A registrar is like a dealership for domain names, and the registry is like the manufacturer. The registrar facilitates the transactions and provides support services, while the registry is in charge of producing and delivering the goods. It should be noted that a key difference between registering a domain and buying a car is that cars can be owned by consumers, domain names can technically only be leased.
Although people often speak of buying and owning domain names, the truth is that registries own all of their domain names and registrars simply offer customers the opportunity to reserve those domain names for a limited amount of time.
The maximum reservation period for a domain name is ten years. A user can hold onto a domain name for longer than ten years, as registrars usually let them keep renewing their reservation indefinitely. But the user never truly owns the domain; they just lease it.
Resellers are another type of organization that sell domain name registrations. These resellers sell domain names on behalf of a registrar in return for a finder’s fee. While these resellers are legitimate, they are usually operated as a side business, and can thus lack dedicated customer support.
Resellers’ websites rarely explicitly state that they are resellers, and it can be tricky to tell them apart from registrars. Fortunately there’s an easy way to know if a company is a legitimate registrar: ICANN has a published list of every accredited and active domain name registrar on their website.
Everyone who reserves a top-level domain name must fill out WHOIS information for that domain. This is information about the person who registered the domain (the registrant), including their name, email address, physical address, and phone number.
Many registrars provide the option of a private registration. In this arrangement, the registrar’s information is provided in the WHOIS listing for that domain, and the registrar acts as a proxy for the registrant. This private registration is only as secure as the registrar, since the actual registrant’s information is held in the registrar’s database.
As organizations that sell domain registrations and have access to registration information, registrars must keep their data and access secure from malicious actors.
In the past, some registrars have played a role in domain hijacking attacks, which can either change the registration of a domain name without the original registrants’s permission or abuse the privileges of domain hosting and registrar software systems. One example of domain hijacking is an attacker making a particular domain direct to a different website, in order to impersonate the original site or disrupt its business.
ICANN recommends that registrars take a number of steps to prevent domain hijacking, including:
Cloudflare operates a domain name registrar — unsurprisingly called Cloudflare Registrar — that offers domain name registration renewal without markups or renewal fees, and with some additional security features. In essence, Cloudflare Registrar is free — the only costs are what is charged by registries and ICANN.